The Art of OEM - nLite & OEM Preinstallation

[jimmsta]

I realized that when I went through all the steps. I ended up using BDD to manage some driverpacks I got from driverpacks.net, which works really well. In any case, I had no idea that BDD was a decent piece of management software for these sorts of things.

[geo411m]

I made an install similar to Dexter.inside using server 2003. i made it into a ghost image that should work on any PC. it doesn't contain driver packs so it fits on 1 bootable ghost cd (475) heres a screen shot.

[dexter.inside]

Yes, at a first glance Norton Ghost is a good solution, but Microsoft has developed the WIM format specifically for this purpose. I am almost done gathering data for continuing my tutorial, and I will present my research in the next few days.

The main advantages are single instance storage over one and/or multiple sysprep resealed images and using a real Microsoft-written setup routine (with actual partitioning options, not with unattended diskpart).

[dexter.inside]

Part 2: Road to the End-User

In Part 2 of this tutorial, I will continue with Windows Home Server (codenamed Quattro), and how can you use nLite to improve your Home Server experience. Later on, I will explain the sysprep -reseal technique and deploy your nLited windows distributions after further tweaking them in a controlled environment. You can learn here the advantages of OEM software preinstallation (a rather unfamiliar procedure AFAIK) over unattended software installation, to which most of you are already acquainted with (very well covered by nLite I might add).

2.1. A few things you should know before starting

For Part 2, I have used the following software:

- Windows 2003 Small Business Server (from Part 1)

- Windows Home Server CTP, build 06.00.1371

- VMware Workstation 6

- nLite 1.3.0.4

- Total Commander 7

2.2. Preparing the distribution share

Copy the contents of the Windows Home Server Installation DVD to your distribution share. Mine is named I:\temp\WHS.

Picture 1 - The distribution share

This is the layout of WHS folders:

- BOOT, the boot code for Windows PE 2.0 that is used to deploy WSH. In it you can find the BCD registry hive, that controls booting the DVD. You can edit it by using Microsoft's BCDEDIT.EXE or by loading it in your registry from REGEDIT.

Picture 2 - Loading BCD with REGEDIT

- DOCS, the EULA and documentation.

- FILES, installer logic that installs Codename Quattro over the base install.

- REDISTR, redistributable applications required by Quattro runtime code.

- SOURCES, containing the BOOT.WIM file, in which the base WinPE 2.0 is stored (build 6.0.6000 from the WAIK).

- SVR_2003, the first CD from Windows 2003 Small Business Server with SP2, v3790.2959. This is your nLite target. WSH installer logic generates a headless install for it the first time it runs.

- WHS, specific hotfixes and MSI packages to be added on top of SBS CD1 after install.

- WHSSUPPORTTOOLS, runtime tools for the WHS app.

- WINDOWS, the WinPE Shell that installs WHS.

This is how the BCD looks like.

Picture 3 - The BCD hive temporary loaded in HKU

Don't forget to unload the hive after you're done.

AUTORUN.INF contains:

[autorun]  
open=files\install\qs.exe -autorun

and, as you can see, the DVD is tagged just like SBS, with WIN52IL.SP2.

Edited June 6, 2007 by dexter.inside

[dexter.inside]

2.3. nLite your WHS Core

Just like in Part 1, use nLite on the \SVR_2003 folder.

Up to this moment, I am unsure on what components to keep in order not to break the WSH installer or functionality. For starters, remember to keep Sysprep and Activation Compatibility, IE Compatibility, and IIS 6.

Remember that in order to complete this tutorial, you will have to disable OEM and use the Advanced Configuration and Power Interface (ACPI) PC HAL in your nLite unattended settings.

This is what I used:

[Main]
Env = 1.3 - 2.0.50727.42.Microsoft Windows NT 5.2.3790 Service Pack 2, v.2845
Target = Windows Server 2003 for Small Business Server SP:2 - 5.2.3790.3959 - English (United States)

[Tasks]
Remove Components
Unattended Setup
Tweaks
Options

[Components]
;# Applications #
Accessibility Options
Defragmenter
;# Multimedia #
Mouse Cursors
Music Samples
Old CDPlayer and Sound Recorder
Speech Support
Windows Sounds
;# Network #
Communication tools
;# Operating System Options #
16-bit support
Color Schemes
Disk Cleanup
Document Templates
DR Watson
FAT to NTFS converter
Search Assistant
Shell Media Handler
Symbolic Debugger (NTSD)
Zip Folders
;# Services #
Beep Driver
Removable Storage
;# Compatibility #
Compat03

[KeepFiles]
msconfig.exe

[RemoveFiles]
clock.avi
yahoo.bmp
swtchbrd.bmp

[Options]
CABMerge
CABNoHigh
ClassicSetup
ProfilesDir = "%SystemDrive%\Documents and Settings"
TargetPath = "WINDOWS"
temp_dir = %SystemDrive%\WINDOWS\Temp
AdvTweaks

[Patches]
TcpIp = 100
DoUxTheme
DoSFC

[Services2]
Themes,2
AudioSrv,2

[Tweaks]
Boot and Shutdown-Ctrl-Alt-Del at logon-Disabled
Boot and Shutdown-Disable saving Last Good state at boot
Boot and Shutdown-Disable Shutdown Tracker
Boot and Shutdown-Logon Page-Welcome screen
Boot and Shutdown-Numlock-Off
Boot and Shutdown-Setup Prefetch-Cache-Applaunch and Boot enabled
Boot and Shutdown-Status Messages-Extended
Desktop-Internet Explorer icon-Show
Desktop-My Computer icon-Show
Desktop-My Documents icon-Hide
Desktop-My Network Places icon-Hide
Desktop-Recycle Bin icon-Hide
Desktop-Show Windows version on Desktop
Explorer-Add 'Command Prompt' to folder context menu
Explorer-Advanced Search: preconfigure options
Explorer-Classic Control Panel
Explorer-Disable Autorun
Explorer-Disable Beep on errors
Explorer-Disable Prefix: Shortcut to
Explorer-Display the contents of system folders
Explorer-Recycle Bin: allow to rename and delete
Explorer-Recycle Bin: delete files directly
Explorer-Remove Send To on context menu
Explorer-Show Drive Letters in front of Drive Names
Explorer-Show extensions of known file-types
Explorer-Show hidden files and folders
Explorer-Show Map Network Drives buttons in Explorer bar
Explorer-Show protected operating system files
Explorer-Show Statusbar in all windows
Explorer-Show the full path in the Address Bar
Explorer-Show the full path in the Title Bar
Internet Explorer-Disable Go Button
Internet Explorer-Disable Market Place bookmark
Internet Explorer-Disable Media Player 6.4 created bookmarks
Internet Explorer-Disable sound when popup is blocked
Internet Explorer-Enable Google URL-Search
Internet Explorer-Keep IE URL-History for-20 Days (default)
Internet Explorer-Set Homepage-about:blank
Internet Explorer-Set IE-Cache limit to-20 MB
Internet Explorer-Set Internet Explorer to accept 10 connects at a time
My Computer-Add Administrative Tools
My Computer-Add Control Panel
My Computer-Add Control Panel to Context Menu
My Computer-Add Device Manager to Context Menu
My Computer-Add Folder Options
My Computer-Add Fonts Folder
My Computer-Add My Network Places
My Computer-Add Network Connections
My Computer-Add Printers and Faxes
My Computer-Add Recycle Bin
My Computer-Add Scheduled Tasks
My Computer-Add Services to Context Menu
My Computer-Add Software to Context Menu
My Computer-Add Taskbar Settings
Network-Allow receiving Remote Assistance-Disable
Network-Disable administrative shares
Network-Remote Desktop-Enable
Network-Set TCP/IP Priority to 1
Performance-Disable Info Tips on Files and Folders
Performance-Disable Last accessed Timestamp on files
Performance-Disable Optimize harddisk when idle
Performance-Disable paging of kernel and core-os
Performance-Disable Tracking of Broken Shortcut Links
Performance-Disable Warn on low disk space
Performance-Disable WBEM logging
Performance-Do not cache thumbnails
Performance-Processor scheduling-Programs
Privacy-Disable Driver Update Internet prompt
Privacy-Disable Error Reporting
Privacy-Disable File MRU-List
Privacy-Disable Tracking of most used programs
Privacy-Remove Alexa
Security-Always show Updates under Software
Security-Disable Screensaver
Security-Disable Web Open With prompt
Security-Screensaver Password-Protection-Disabled
Start Menu-Add Administrative Tools menu
Start Menu-Clear most recently opened documents list on logoff
Start Menu-Control Panel-Display as a menu
Start Menu-Disable Highlight newly installed programs
Start Menu-Disable popup on first boot
Start Menu-Expand Network Connections
Start Menu-My Computer-Display as a menu
Start Menu-My Documents-Display as a menu
Start Menu-My Music-Display as a menu
Start Menu-My Network Places-Display as a menu
Start Menu-My Pictures-Display as a menu
Start Menu-Network Connections-Link to Network Connections folder
Start Menu-Number of programs on Start menu-6
Start Menu-Printers and Faxes-Display as a menu
Start Menu-Reduce popup delay
Start Menu-Remove Search For People from Search
Start Menu-Remove Search the Internet from Search
Start Menu-Remove Set Program Access and Defaults
Start Menu-Remove Windows Catalog shortcut
Start Menu-Remove Windows Update shortcut
Start Menu-Scroll Programs
Taskbar-Disable Hide inactive icons
Taskbar-Lock the Taskbar-Yes
Visual Effects-Active window tracking speed-Fast
Visual Effects-Animate windows when minimizing and maximizing-Disable
Visual Effects-Combo box animation-Disable
Visual Effects-Cursor shadow-Enable
Visual Effects-Fade out selection-Disable
Visual Effects-Gradient captions in windows-Enable
Visual Effects-Keyboard shortcut underline-Enable
Visual Effects-Menu animation-Disable
Visual Effects-Menu shadows-Disable
Visual Effects-Menu style-Normal
Visual Effects-Show translucent selection rectangle-Enable
Visual Effects-Show window contents while dragging-Disable
Visual Effects-Slide taskbar buttons-Disable
Visual Effects-Smooth edges of screen fonts-ClearType
Visual Effects-Smooth-scroll list boxes-Disable
Visual Effects-Tooltip animation-Disable
Visual Effects-Use a background image for each folder type-Disable
Visual Effects-Use drop shadows for icon labels on the desktop-Enable
Windows Media Player-Accept Privacy Statement
Windows Media Player-Disable auto-add music to library
Windows Media Player-Disable license backup prompt
Windows Media Player-Disable silent acqusition
Windows Media Player-Disable starting with Media Guide
Windows Media Player-Do not show anchor in Designmode
Windows Media Player-Optimize fullscreen mode behavior
Windows Media Player-Remove all context menu entries
Windows Media Player-Zoom video to windowsize

[Unattended]
DisableOem
ComputerType = Advanced Configuration and Power Interface (ACPI) PC
Resolution = 800x600
BitsPerPel = 32 bit (True Color)
MaximumDataStorePercentOfDisk = 12
RestorePointLife = 30
DesktopTheme = Default||
PerServer,100
SCWInstall = 2
AutoUpdates = 3
AutoUDay = 5
AutoUHour = 15
AUElevate
AUMinor
ProgFilesPath = "\Program Files"

[NetAdapter1]
connname = ""
macaddress = ""
ipaddress = "192.168.0.1"
subnetmask = "255.255.255.0"
defaultgateway = ""
dnsserver1 = ""
dnsserver2 = ""
winsserver = ""
netbiossetting = "0"
ipxnetworknumber = "00000000"
ipxnetworkframetype = "0xFF"

[GuiRunOnce]

[Drivers]

[Hotfixes]

I have also unhidden stuff from SYSOC.INF:

[Version]
Signature = "$Windows NT$"
DriverVer=10/01/2002,5.2.3790.3959

[Components]
NtComponents=ntoc.dll,NtOcSetupProc,,4
WBEM=ocgen.dll,OcEntry,wbemoc.inf,,7
WBEMMSI=wbemupgd.dll,OcEntry,wbemmsi.inf,,7
Display=desk.cpl,DisplayOcSetupProc,,7
ADAM=adamocm.dll,OCEntry,adam.inf,,4
Fax=fxsocm.dll,FaxOcmSetupProc,fxsocm.inf,,6
NetOC=netoc.dll,NetOcSetupProc,netoc.inf,,7
iis=iis.dll,OcEntry,iis.inf,,7
com=comsetup.dll,OcEntry,comnt5.inf,,7
dtc=msdtcstp.dll,OcEntry,dtcnt5.inf,,7
IndexSrv_System = setupqry.dll,IndexSrv,setupqry.inf,,7
TerminalServer=TsOc.dll, HydraOc, TsOc.inf,,2
msmq=msmqocm.dll,MsmqOcm,msmqocm.inf,,6
RemInst=ocgen.dll,OcEntry,ocmri.inf,,3
Cluster=clusocm.dll,ClusOcmSetupProc,clusocm.inf,,7
aspnet=aspnetoc.dll,AspnetOcmProc,aspnetoc.inf,,7
netfx=netfxocm.dll,UrtOcmProc,netfxocm.inf,,7
netfx20=netfxocm20.dll,UrtOcmProc,netfx20.inf,,7
ins=imsinsnt.dll,OcEntry,ins.inf,,7
ims=imsinsnt.dll,OcEntry,ims.inf,,7
fp_extensions=fp50ext.dll,FrontPage5Extensions,fp50ext.inf,,7
sharepoint=ocwss.dll,OcEntry,ocwss.inf,,7
certsrv=certocm.dll,CertSrvOCProc,certocm.inf,,2
LicenseServer=LicenOc.dll,EntryProc,LicenOc.inf,,6
wms=wmsocm.dll,OcEntry,wmsocm.inf,,3
RootAutoUpdate=ocgen.dll,OcEntry,rootau.inf,,7
IEAccess=ocgen.dll,OcEntry,ieaccess.inf,,7
BITSServerExtensions=bitsoc.dll,OcEntry,bitssrv.inf,,7
UDDIServices=uddiocm.dll,OcEntry,uddi.inf,,6
authman=ocgen.dll,OcEntry,AuthMan.inf,,7
OEAccess=ocgen.dll,OcEntry,oeaccess.inf,,7
IEHarden=ocgen.dll,OcEntry,ieharden.inf,,7
SCW=ocgen.dll,OcEntry,scw.inf,,7
PMCsnap=ocgen.dll,OcOMEntry,pmcsnap.inf,,7
HWMGMT=wsocgen.dll,OcEntry,hwmgmt.inf,,7
SanMgmt=ocgen.dll,OcOMEntry,SanMgmt.inf,,7
Srm=ocgen.dll,OcOMEntry,srm.inf,,7
Dfsr=ocgen.dll,OcOMEntry,dfsr.inf,,7
DfsFrsUI=ocgen.dll,OcOMEntry,dfsfrsui.inf,,7
DfsRHelper=ocgen.dll,OcOMEntry,dfsrhelper.inf,,7
CfsCommonUIFx=ocgen.dll,OcOMEntry,cfscommonuifx.inf,,7
DfsExt=ocgen.dll,OcOMEntry,dfsext.inf,,7
FsrCommon=ocgen.dll,OcOMEntry,fsrcommon.inf,,7
FsrNas=ocgen.dll,OcOMEntry,fsrnas.inf,,7
FsrStandard=ocgen.dll,OcOMEntry,fsrstandard.inf,,7
SISInst=ocgen.dll,OcEntry,sis.inf,,7
CLFS=ocgen.dll,OcOMEntry,clfs.inf,,7
SNIS=suaidmog.dll,OcEntry,uidmsnis.inf,,7
PswdSync=suaidmog.dll,OcEntry,uidmpsnc.inf,,7
IdmuMgmt=suaidmog.dll,OcEntry,uidmadmn.inf,,7
UnixIDManagement=suaidmog.dll,OcEntry,uidmmain.inf,,7
SUA=suaidmog.dll,OcEntry,Interix.inf,,7
MSNFS=nfsocm.dll,OcEntry,msnfs.inf,,7
RpcXdr=nfsocm.dll,OcEntry,rpcxdr.inf,,7
Portmap=nfsocm.dll,OcEntry,portmap.inf,,7
NfsAdminUI=nfsocm.dll,OcEntry,NfsAdminUI.inf,,7
NFSserverAuth=nfsocm.dll,OcEntry,nfsauth.inf,,7
NFSserver=nfsocm.dll,OcEntry,nfssvc.inf,,7
NFSclient=nfsocm.dll,OcEntry,nfsclnt.inf,,7
MapServer=nfsocm.dll,OcEntry,mapsvc.inf,,7
ADServOC=ocgen.dll,OcEntry,adservoc.inf,,7
ADFS=adfsocm.dll,OcEntry,adfs.inf,,6
MultiM=ocgen.dll,OcEntry,multimed.inf,,7
AccessUtil=ocgen.dll,OcEntry,accessor.inf,,7
MSWordPad=ocgen.dll,OcEntry,wordpad.inf,,7
WhServer=whsoc.dll,WHSSetupProc,whsoc.inf,,7
InetPrint=ntprint.dll,IppOcEntry,IppOcm.inf,,7
K=KOC.dll,KOCSetupProc,KOC.inf,,7
nLite=ocgen.dll,OcEntry,nLite.inf,,7

[Global]
WindowTitle=%WindowTitle%
WindowTitle.StandAlone="*"

[Strings]
WindowTitle="Windows Server Setup"
WindowTitle_Standalone="Windows Components Wizard"

; Customized by nLite - www.nliteos.com

[dexter.inside]

2.4. Testing nLited WHS

2.4.1. Build the DVD

Using OSCDIMG.EXE, build it with the following settings (the distribution share is the current path).

Picture 4 - Build the DVD

The -m switch is for making DVDs instead of CDs.

Due to some bugs in the WinPE-based install of Windows Home Server, I will use a manual installation procedure. If you can boot from the first image without receiving the "Could not initialize UI subsystem" you can proceed directly to the next chapter; however most of us are not that lucky.

So, if you get this error, use nLite to create an ISO from the \SVR_2003 folder. If not, jump to section 2.4.6.

2.4.2. VMware Configuration.

I am using VMware Workstation 6 ACE Edition build 44426. The Guest operating system is Windows Server2003 Small Business (LSI Logic compliant). You need to create a non-preallocated non-independent virtual disk that is larger than 32 Gb. (the setup requires it to be this way, otherwise it will fail). Don't worry, it will never use more than ~4 Gb on your disk. You also need to use at least 512 Mb of memory, as required by Windows PE 2.0.

Picture 5 - WHS Virtual Machine

It's best to use a network shared folder, like this:

Picture 6 - Shared Folders

Workstation 6 compatible VMs also introduced a great feature, you can now mount a virtual partition just like a real one and map a drive letter to it in your host machine when the VM is turned off. Of course, you have to partition the virtual disk first inside the VM.

Picture 7 - Virtual Disk

Picture 8 - Advanced Properties

Picture 9 - Mount

Edited May 26, 2007 by dexter.inside

[dexter.inside]

2.4.3. Manual WHS Installation

From the second image you've created, install Windows in your new virtual machine. Create a 10 Gb C:\ partition for this install. You'd get this as a typical first boot:

Picture 14 - First Boot

Now it's a good opportunity to install VMware Tools, activate windows and make other minor adjustments to the base install. VMware snapshots will easy allow you to roll back to this point if you get something wrong along the way.

Picture 15 - Windows Activation

Picture 16 - Take Snapshot

Picture 17 - Background Snapshot

Picture 18 - Status

2.4.4. Installing WHS components

Point your virtual CD-ROM to the location of the first DVD you made.

Picture 19 - Virtual CD-ROM

First use Microsoft Update to get the latest stuff, then install the redist components, from \REDISTR.

Picture 20 - Microsoft .NET 2.0

As for components specific to WHS, they are in the \WHS folder:

1) These are the Home Server hotfixes. Most likely you can add them in nLite to the base install.

- Home Server Activation Component, UMAS.EXE

- Home Server Certificate Enrollment, UMCENROLL.EXE

- Home Server Certificate Enrollment (Public Service), UMCENROLLID.EXE

- Home Server Certificate Enrollment (Setup Module), UMCENROLLSETUP.EXE

- Home Server Transport Service, UMCONNECTOR.EXE

- Home Server Console, UMCONSOLE.EXE

- Home Server Dynamic DNS Service, UMDDNS.EXE

- Home Server Drive Extender, UMDE.EXE

- Home Server Diagnostics, UMDIAG.EXE

- Home Server Event Parser, UMMSGLOG.EXE

- Home Server Notification Service, UMNOTIFY.EXE

- Home Server OOBE Setup Module, UMOOBE.EXE

- Home Server Backup Service, UMBACKUP.EXE

- Home Server Port Forwarding Service, UMPF.EXE

- Home Server Software Development Kit, UMPSDK.EXE

- Home Server Storage Service, UMQSM.EXE

- Home Server Remote Access (Base), UMRABASE.EXE

- Home Server Remote Access (Public), UMRAHOME.EXE

- Home Server Remote Access (RWW), UMRAREMOTE.EXE

- Home Server UPnP and Media Connect, UMUPNP.EXE

- Home Server Preserver, UMWHSARCH.EXE

Restart to enable the installed services.

2) Home Server components:

- Windows Server System UPnP Stack, UPNP.MSI. Installs Universal Plug and Play.

- Backup Server, BACKUPSERVERINSTALL.MSI. The backup engine for Home Server.

- Drive Extender, DE.MSI. Also installs a driver for this function.

- Home Server Dynamic DNS Service, DDNS.MSI.

- Home Server Diagnostics, DIAGNOSTICS.MSI.

- File Checker Service, FILECHECKSERVICE.MSI.

- Home Server Health, HEALTH.MSI.

- Home Sever Password Filter, PASSWORDFILTER.MSI.

- Server System Port Forwarding Service, PORTFORWARDING.MSI.

- Home Server Remote Access, REMOTEACCESS.MSI.

- Home Server Console, HOMESERVERCONSOLE.MSI.

- Home Server Preserver, WHSARCH.MSI.

- Home Server Event Parser, WHSMSGLOG.MSI.

- Home Server OOBE, WHSOOBE.MSI.

Feel free to skip unwanted functionality.

3) Windows Home Server console will start with some errors about built-in music, videos and photos not found. Ignore them.

Picture 21 - Home Server Console

At this point it's best to turn off and remove the previous snapshot if you got everything right, in order to save disk space and performance. VMware will perform needed cleanup on the disk, thus commiting all changes you made to the initial virtual disk (snapshots use a different place to store files that you add, and dynamically maintains the filesystem presented to the running OS updates).

Picture 22 - Snapshot Manager

Edited May 4, 2007 by dexter.inside

[dexter.inside]

2.4.5. Windows Services specific for Home Server

Most of there rely on the IPSEC Service, so don't disable it. Home Server also adds UPnP and SSDP Discovery, specific for Windows XP (These not being present on the server system have prevented Microsoft in releasing Windows Media Player 11 on Server 2003).

- FileChecker Service

Check the files in the share folder for Codename Quattro. Result is in \Documents and Settings\All Users\Application Data\Microsoft\Windows Home Server\logs\FileChecker.

- SBCore Service

Provides server core services.

- Windows Home Server Computer Backup

Enables back up of computers to this home server. If this service is stopped, computers will not be able to back up to this home server. If this is not working, network status appears "critical" in the console.

- Windows Home Server Drive Letter Service

Maintains drive letters for folders managed by Windows Home Server Storage Manager.

- Windows Home Server Storage Manager

Manages storage allocation for your server.

- Windows Home Server Transport Channel

Provides Home Server transport channel to the clients as well as some background tasks. This is also a great expansion of functionality for IPSEC.

2.4.6. Preinstalling Applications

The purpose of this operation is to create a windows distribution that contains all the programs you need. Feel free to install whatever apps you will need before beginning sysprep.

If you have manually installed Home Server, do not add the windows drive to the Storage.

Use the shared folders, in the guest OS they are in \\.host\Shared Folders.

[dexter.inside]

2.5. Sysprep

2.5.1. History

Users of Windows NT4 needed a way to properly duplicate installations of Windows and programs onto other computers. This was a task that would save time and reduce monotony for IT staff that needed to do such things as set up 30 identical computers in a computer lab. Programs existed at the time such as Binary Research's Ghost, which was later sold to Norton in July of 1998, that could duplicate the exact software structure of one computer onto another.

But, in the case of Windows NT4 this created extreme driver problems that would either crash the replicate computer or impair specific devices, such as the network card. This was in contrast to Windows 95 or Windows 98 that when duplicated reacted in a much more manageable way, and basically this means they would go through a hardware redetection process. Even worse, a Windows NT4 computer has a built-in security identifer (SID) that is generated only on the installation of the operating system. This SID is used by domain controllers to internally identify workstations and servers, and if this code was duplicated then it would confuse domain servers since multiple computers would in effect have the same name.

Luckily Microsoft, for once, actually listened to the needs of its customers. And their response was the release of a free resource utility called the Microsoft System Preparation Tool versioned as 4.0.1381.123. This program was designed for Windows NT4 Workstation and Windows NT4 Server and provided a fix for the largest complaints. When you were ready to duplicate a computer you would run this program and it would follow rules defined in a script file (answer file) that you created. And after duplication it would execute those rules while running through a short mini-setup that recreated the security identifer (SID) and forced a hardware remapping sequence. It still would not allow duplication across variable hardware, but it would make exact computer duplications a much easier task.

Since then there have been numerous releases of SysPrep for all Windows NT based operating systems and SysPrep has become a common tool for IT administrators.

2.5.2. Process Overview

SysPrep is designed to be run manually before imaging a computer and automatically after a computer has been imaged. Most of advanced system management tools today rely heavily on it to do their dirty work, but also most of them cost hundreds of dollars. Some of you may be familiar with software like Symantec Backup Exec, that are used precisely for this purpose. Reconstructing a carefully-built domain controller can take weeks and lots of money. Reconstructing it from a sysprepped image only takes the time required to copy the files from the backup.

And there's more good news - there's a new method that benefits the most from sysprep. it's called V2P.

VMware's P2V (physical-to-virtual) was a revolutionary tool that allowed you to migrate existing OSes in virtual machines. Useful for corporate purposes but not to the end-user. Now, due to some less-documented Vista technology, it is possible to do the opposite, virtual-to-physical migration. Unuseful for corporate purposes but very useful for people that read this forum, as it allows you to repackage a carefully-designed OS from a virtual machine, and install it on any kind of physical hardware. Neat, huh? Part 3 covers this technique I've been working on for some months now in great detail.

So, here's the global picture on how to do that yourself, presented here in Part 2 of this tutorial:

1. nLite the official setup disc.

2. Install Windows with the desired ACPI HAL (either 32-bit or 64-bit)

3. Apply other operating system patches

4. Configure the administrator account to your needs

5. Create a template user account

6. Install programs under the template user account

7. Configure all programs and settings under the template account (also works with Administrator)

8. Restart the computer. If you don't restart then step 9 may be unsuccessful because files may be locked.

9. Log in as the main administrator account.

10. Copy the settings of the template account into the "Default User" account

11. Remove the template account

12. Apply finishing touches

13. Create a directory for SysPrep (typically this is c:\sysprep)

14. Copy in the required files for SysPrep

15. Create a drivers directory for SysPrep (typically this is c:\drivers)

16. Create a SysPrep script (sysprep.inf) in the SysPrep directory

17. Add a generic mass storage section to the sysprep.inf

18. Add additional mass storage drivers

19. Execute SysPrep

20. Image the computer

21. Duplicate the image onto other computers

If you performed the steps above properly then you would have a working image that you can duplicate onto any computers that conform to the settings you provided in the sysprep configuration file (sysprep.inf).

This guide covers only the -reseal capabilities of sysprep. Once you apply sysprep to an installation of Windows it should be set to shut down. You have to be careful though because the next time Windows starts up it will execute sysprep. At this point sysprep will run the computer through a mini-setup that will detect any new hardware, redetect network settings, set the timezone and a few other things. After you have executed sysprep you need to image the computer so make sure you don't start the computer accidentally as that will invalidate your sysprep and you will need to do it again. VMware solves most of the problems that can occur along this procedure.

Thus, it is best that you take a snapshot of the virtual machiner before you execute sysprep manually. SysPpep makes several changes to the operating system that could build up over time and create problems down the line if you continually update the same image. This issue is generally related to older versions of windows, like Windows 2000. Once you make a good image, you will most likely need to add programs or need to apply security patches later on. So, if you make an image, sysprep it, store it, then need to update it then you will need to run sysprep on it again.

2.5.3. The Hardware Abstraction Layer (HAL)

The hardware abstraction layer (HAL) is a kernel level driver that provides an interface between the operating system and the system architecture. There are several HALs that Windows can use and they impact available features and performance depending on which systems they are used on. The Advanced Configuration and Power Interface (ACPI) PC is the most compatible, so it's by far the best choice for 32-bit systems. It should be noted that multiprocessor computers can also use this HAL, however they will only make use of a single processor. This HAL can also be used with hyperthreading without any problem.

Similarly, the ACPI Multiprocessor PC is a HAL designed for multiprocessor computers. It is the main advantage of Windows XP/2003 64-bit editions, as memory operations receive a 10-15% performance boost and it fully implements hyperthreading.

To make your image as compatible as possible you should use the "Advanced Configuration and Power Interface (ACPI) PC" HAL. You can specify this in the Windows setup by using the F5 key during the part where you can use F6 to choose mass storage device drivers, or you can view and change your HAL from within Device Manager by changing the "computer" driver.

Edited May 4, 2007 by dexter.inside

[dexter.inside]

2.5.4. How sysprep.inf made winnt.sif obsolete

As you all should know my now, SIFs have become obsolete on the new NT 6 kernel. I'd say that the most advanced feature in Vista is the setup and the imaging technology, both secrets well guarded between 2003 and 2006. The text-mode setup is now gone, and with it a lot of legacy impediments. You've all had your fair share of head ache from it by now - some registry tweaks work, other don't or just behave unpredictable. You want to remove a file from the setup, and to do so you have to use all sorts of ugly hacks. You want to have your favourite app installed silently, you have to make a package yourself. You finally get all working to reach yet another stupid error and so forced to throw away another disc.

Well, those days are nearly gone. Sysprep has become very important for Vista, since early 2004. As the Microsoft.NET technology gets closer to maturity (10 years), older methods of doing stuff become very unsuitable. Of course, Vista got all the goodies during the its beta, and XP Service Pack 3 was left out cold.

So, I decided to skip ahead and retrace the steps that were made to create the Longhorn 4xxx builds, which are very similar to today's products like Windows Home Server, for example. The results were quite surprising, and that you'll see for yourself if you decide to actually try to do what I describe in this tutorial.

Back in 2003, a lot of .NET supra-structure was added to the initial XP codebase, rolled up to NT 6.0.4008, the last milestone based on the text-mode setup. The multilingual separation (those MUI files) had nearly doubled the time of the text-mode setup, and most of the beta team was probably fed up with throwing away tons of DVDs due to faulty I/O. So, they took the logical step of refurbishing sysprep to do the dirty work for them.

Instead of rebuilding the entire XP/2003 setup folder structure and coresponding SIFs+INFs each time they incremented the kernel / file version, they decided to do that only once and then use sysprep to clone that installed Longhorn prototype from the developer's machine to the entire beta network. This reduced install time from ~90 minutes to arround 15. A new setup based on Visual C++ Redist and .NET was made, and a new imaging format was tailored to suit this process. Thus, WIMs were used to store the sysprepped image and a setup was written to mount that WIM and read from it instead of regular install media. Avalon, later known as Windows Presentation Foundation, was the first to benefit, as it was nearly as complex as the entire Media Center, that took several months to integrate in XP. Adding it to the WINNT.SIF would have been out of the question. The same reason why Media Center never got integrated tightly in the XP codebase.

Then another problem came up. Sysprep had a limitation, it couldn't change the existing HAL. As you may have found out, changing motherboards would usually result in a BSoD on any normal Windows installation. So they came with a quick hack, "ACPI Pick-Up", for the new setup routine. The new setup logic became like this: Windows PE started, setup.exe was loaded, it chose the proper HAL and ntoskrnl startup parameters, allowed the user to partition / format and choose the destination, unpacked the WIM to that destination, and apply the HAL pick-up trick.

Later on, when the 4xxx series were scrapped in favor of the NT 5.2 codebase, they invented WINLOAD and BOOTMGR, the neat way of doing this, and sysprep became able to transparently generalize hardware (as the drivers were no longer packed in CABs). Due to "popular" demand, that Beta 2 project was rushed in what you now know as Vista RTM, and research went again into silence inside the Windows Server 2008 project. (Codename Longhorn Server).

Ironically, the Microsoft WAIK is capable of doing largely the same thing with Windows XP/2003, but Microsoft never bothered to update the ancient setup routines with the new stuff. Quite normal, that would cost money for "no good reason". So we are left to do that ourselves. With SIFs becoming obsolete, tweaking NT 5.x based OSes will become much more pleasurable in the near future. Main reason: the registry is no longer being constructed during setup, because it is already present in the image. Sysprep only does minor adjustments to it to start the mini-setup.

If you are curious how that works, try this on Vista: sysprep -generalize -activated.

At this point, the technique that I am describing here is the only reasonable way of making new nLited versions of Home Server or Windows Server 2003 Media Center Edition. Sysprep is a great complement to what nLite can do, and the reasons will become quite obvious in Part 3 of this tutorial.

2.5.5. SETUPMGR.EXE - Microsoft's Idea of Unattended

The sysprep.inf file contains the unattended logic of sysprep, specifically the instructions that it will use during the mini-setup process. The sysprep.inf file is broken up into several sections following the layout of an INI file. However, this file is called sysprep.inf and not sysprep.ini. Please be very certain that you have it named properly or it will not work.

The sysprep.inf file is not really required but if it isn't included then the user will be prompted for answers to questions on the execution of the mini-setup on the first boot following running sysprep. In most situations this is not desired especially since the default configuration will not duplicate well across computers. In other words you can't automate sysprep unless you provide a valid sysprep.inf. Unlike Vista, where sysprep is specifically built to work without a custom made sysprep.inf.

The good news about the sysprep.inf it that you don't have to edit the entire thing yourself. Microsoft wrote a program called the Microsoft Setup Manager Wizard (setupmgr.exe). The purpose of this program is to create sysprep.inf answer files from a GUI. It doesn't have all of the options that you will most likely need, but it does give you a way to create a skeleton answer file that you can then edit and fill the rest of the information into. I highly suggest that you use the Setup Manager Wizard first and play around with it and then check the sysprep.inf file to see how changing different options alters the sysprep.inf file. And then once you have you have a template answer file then you modify it to your needs.

I will continue by showing how I do this on the Home Server. If you haven't run nLite yet and/or haven't installed it on your lab machine, I suggest you do so now, as you must do the following operations on it.

[geo411m]

Yes, at a first glance Norton Ghost is a good solution, but Microsoft has developed the WIM format specifically for this purpose. I am almost done gathering data for continuing my tutorial, and I will present my research in the next few days.

The main advantages are single instance storage over one and/or multiple sysprep resealed images and using a real Microsoft-written setup routine (with actual partitioning options, not with unattended diskpart).

what do you mean about setup routine not unattended diskpart? is there a way to make a setup routine. i made a image like this one that boots in winpe 2.0 then uses .bat scripts to deploy my image using imagex (i took your advice). ugly but gets the job done. i would be interested in hearing how you made a setup routine. excellent guide by the way...

Edited May 4, 2007 by geo411m

[dexter.inside]

There are 3 ways:

1) the easy way, reuse a setup routine from Longhorn builds 4xxx (those that do not use WINLOAD), as I will document in Part 4.

2) the not so easy way, with Business Desktop Deployment

3) the hard way, which I am considering for some time, construct a new .NET setup application on top of the dlls that Microsoft provided in Codename Eiger SDK (First Boot Agent) and in Windows PE 1.6 OPK Beta 1 (build 4033). I am thinking of doing a wrapper UI over these to create a simple to use SDK of my own.

Edited May 4, 2007 by dexter.inside

[geo411m]

i certainly am interested in that. So you boot into winpe which starts longhorn setup or your wrapper to partition and format your drives and then start the deployment of your wim file to the partition you select, is that about right?

[dexter.inside]

Yep, that's about it. And the user uses either the longhorn setup UI or yours to do required operations just like in Vista setup, instead of a unattended diskpart that formats the entire disk.

[geo411m]

thats GREAT, i can't wait to see Part 4. of your guide.