Is there any way to ghost a self contained MDT build onto a PC?
-
Thursday, November 15, 2012 6:14 PM
AS users always want what they want, instead of what you have, I'm having a hard time breaking people of the habit of
A: wanting to create custom images, and
B, wanting to carry them around as self-contained files.
So far I've kept them at arms length, and insisted if they want to expand on my standard image and create their own, they need to learn the MDT tool. That created more work for me than them as you could imagine. Now I've got a request I'm having a hard time refusing. Business Recovery. The LOBs want to create custom hit-the-ground-running images that they can ship to or carry to our disaster recovery sites, as they do now with my XP ghost images. They supply them to an offsite recovery location, who uses Ghost and multicast to blast them out to a room full of PCs. They may be hosting 100 of our employees one day, and 150 of someone else tomorrow, so they are looking for ease of use and quick turnaround with minimal infrastructure. We will have connectivity back to our network, but it will be low bandwidth and high latency, not optimal for any type of deployment.
I've tested an LTI OEM build in the lab, but I believe that still needs to contact a deployment share on boot, right? And a media build assumes you are going to boot from external media. Is there some way to meld the two? I basically need the PC to come up, prompt me for a PC name, join the domain, load plug and play for a minimal set of known hardware, and configure a few deploy time apps, which I could easily keep on the C: drive. Anyone do this, or have a better plan for a similar situation?
All Replies
-
Thursday, November 15, 2012 6:18 PMIf they are carrying around a ghost image today aren't they using some sort of media to deploy that? DVD/Thumb Drive/Etc....if that is the case what would be the difference in using the Offline Media option within MDT.
-
Thursday, November 15, 2012 6:35 PM
They either PXE boot or boot from a flash drive, but either way they get to an HTA menu that allows them to pick and pull the ghost image from a network share.
A cd = 600 mb. A media build = too large to fit on a DVD.
A custom LOB image = may not play nice with my standard image deployment shares.
It still doesn't accomplish the needed DR result, multicasting an image from a borrowed server to a bunch of PCs on a remote network not well-connected to the corporate network.
Believe me, I don't want to do this. Imagine my chagrin when I built MDT and said "whew, glad we don't' have to do THAT anymore...", and everyone started complaining.
- Edited by JoeZeppy Thursday, November 15, 2012 6:41 PM
-
Thursday, November 15, 2012 8:19 PM
See. I'm a little confused now. I built a new LTI OEM task sequence and it added my applications to the LiteTouch media iso. Is it going to pull them from the share, or locally?
Tune in tomorrow and see, I guess :')
EDIT:
Ok, long day. Forgetting the sequence here...
Create ISO.
boot to ISO, run LTI OEM phase one
shutdown and ghost machine
apply image to new hardware
boot new hardware and run LTI OEM phase two. Where I presume it will look for a deploy share and finish up.
That's where I need to make the left turn and get the final config from the local hard drive. Easy peasy, right?
- Edited by JoeZeppy Thursday, November 15, 2012 8:25 PM
-
Thursday, November 15, 2012 8:21 PMIt pulls everything from the DVD.
-
Thursday, November 15, 2012 9:07 PM
Joe,
I'm not entirely certain yet what you're trying to achieve.
- Does the recovery solution that you need to implement need to be executed from a central location (i.e. push?) or is it initiated from the machine itself?
- Does the Windows image need to be hosted on the HDD, or on a central network store?
- How is the WinPE environment supposed to be accessed? From HDD, USB or PXE?
- Is this supposed to be implemented on machines already provisioned with an OS, or will it be part of newly provisioned machines?
- Size of standard image/custom LOB image
- where are these machines provisioned initially for their OS, main site and then shipped?
- Is this DR simply for a worst case scenario to be up and running without needing to return the machines to the main site for being re-installed?
- Is it a single image that needs to be hosted, or several custom images? Or would the desired scenario be the same image that was deployed onto the machine?
I'm trying to think outside-of-the-box, and have a couple of ideas however I'm not certain what suits your needs the most at this point.
Kind regards,
Stephan Schwarz
If one of these posts answered your question or issue, please click on "Mark as answer".
My Blog | Twitter: @Schwarz_Stephan | MCTS, MCITP, MCSA, MCC-2011.
How to configure Windows RE/OEM Recovery Partition with MDT
How to configure Windows RE/OEM Recovery Partition with MDT 2012 Update 1- Edited by Stephan Schwarz Thursday, November 15, 2012 9:08 PM
-
Thursday, November 15, 2012 9:40 PM
This is a third party site we use for business recovery in case a
site goes down. They create a tunnel from their location to our network
(which is excruciatingly slow). We walk in and hand them an image (this
is currently, for XP). They put the image on their server, turn on all
their PCs in the room, which are configured to PXE boot to their
environment. When they get them all on, multicast kicks in and they all
get the ghost image we provided, and automatically reboot into XP
minisetup.My XP is old school, configuration is through
sysprep.inf and cmdlines.txt, which calls a couple batch files and
vbscripts to initialize per machine software, like Altiris agent,
Symantec antivirus and an endpoint lockdown agent (stops usb and cd
burner access.) Those all require unique guids and cant be cloned as is.
The XP driver store is on the image which makes it pretty fat, but its
not so bad. Other than that I don't really need too much deploy time
scripting. Add pc name, join domain, plug and play a subset of models,
and a couple small scripts to manipulate reg keys and kick off an exe or
two. So anywhere I carry my ghost image and set it down, it just works.So the techs only need to input a PC name and domain join
credentials, everything else is auto, this is how we've been doing it
since NT 4, and everyone is kind of expecting that Win 7 will behave the
same, and are unhappy when I tell them it doesn't.Plus, in DR,
Not sure what happened to the formatting here, browser choked and I had to cut, reopen browser and paste :'P
its untrained people in a strange environment, that we don't control,
under stress to get things done fast. Anything too complicated will
fail.- Edited by JoeZeppy Thursday, November 15, 2012 9:42 PM
-
Thursday, November 15, 2012 9:59 PM
Ugh that sounds horrible, at least from manageability point of view.
If they really can't adapt to something new than that they are used to, I don't think there's any other option left to create a custom image in the same manner they are used to (besides the fact you don't really have a minisetup anymore). It'd expect your workload to increase a lot for such an image.
Isn't it an an option to simply copy your DS to their environment and have them install the Windows 7 image that way, you can still use pxe boot and multicast, just need to alter the deployroot?
Or create a new (linked)DS that holds only the software/image/drivers that are relevant for them if you can't have it be the same size as your own DS?
Kind regards,
Stephan Schwarz
If one of these posts answered your question or issue, please click on "Mark as answer".
My Blog | Twitter: @Schwarz_Stephan | MCTS, MCITP, MCSA, MCC-2011.
How to configure Windows RE/OEM Recovery Partition with MDT
How to configure Windows RE/OEM Recovery Partition with MDT 2012 Update 1 -
Thursday, November 15, 2012 10:22 PM
Its been so long since I've sysprepped a Win 7 box without going through MDT, I don't even remember what it looks like :')
So it would just boot up. I think it asks me for a PC name, and to create a local account. (That'll drive corporate security nuts.)
Then they log in locally, join the domain and reboot, correct?
-
Thursday, November 15, 2012 10:38 PM
Yeah, by default it's:
- Select regional settings
- Username and PC name
- Password
- Accept EULA
- Select Windows update settings
- Select Timezone settings
- Select network location
you can preconfigure/skip every item though, you'll have to create an unattend.xml file for these steps (can just peek at the MDT template). However you can't get around the fact that the user who logs on to the machine whether this is done by creating a new local user account through the OOBE, or through an account that's created though the unattend.xml or the built-in admin account, they will be local admin at that point untill they join the domain and use their own logon credentials with appropriate user rights.
Kind regards,
Stephan Schwarz
If one of these posts answered your question or issue, please click on "Mark as answer".
My Blog | Twitter: @Schwarz_Stephan | MCTS, MCITP, MCSA, MCC-2011.
How to configure Windows RE/OEM Recovery Partition with MDT
How to configure Windows RE/OEM Recovery Partition with MDT 2012 Update 1 -
Friday, November 16, 2012 1:27 PM
Another alternative would be to look in to manually applying your wim that was captured in MDT using imagex. There would be some development work getting the drivers to work properly but would give you a similar process to what you are using now with a ghost image.
This would be the final option I would try but I have some similar on my server to update my MDT builds.
Powershell Script:
Power on Hyper-V Client
Boots from CD and based on rules deploys image
Then on my build process it captures the new WIM & imports it in to the console.
For yours you would have to apply sysprep, reboot, change it to boot from a custom CD you create to capture the ghost image.
I know this would not be the best solution but outside of the original development time you would never touch it again but would still have the ghost image you need for DR purposes. From personal experience I hate dealing with anything DR related.
- Edited by Tim.Harris Friday, November 16, 2012 1:27 PM
-
Sunday, November 18, 2012 7:54 PM
I'm soon starting a project like this. Small office, 16 computers, only a few models and a bunch of apps. Horrible internet connection. I will use MDT Media and ship them 1 or two usb sticks.
If the office is bigger and they would like multicast, prepare them a laptop with MDT and send that.
-
Tuesday, November 20, 2012 5:30 PM
Hmm, taking a laptop isn't a bad idea.
Hey look what just popped up on myITForum.com rss feed:
http://myitforum.com/myitforumwp/2012/11/14/standalone-imaging-solution/?utm_source=rss&utm_medium=rss&utm_campaign=standalone-imaging-solution
http://t3chn1ck.wordpress.com/2012/11/14/standalone-imaging-solution/
I'll be taking a look at this when I get back to work.
-
Tuesday, November 20, 2012 9:48 PM
If you send over a laptop, why not configure it as a Windows Server OS with MDT on it then? Server 2012 allows you to configure a wds server a lot easier in stand-alone mode (not requiring AD), compared to 2008R2.
I saw that particular post a few days ago, however it's too much manual work in my opinion.
Just thinking out loud :).
Kind regards,
Stephan Schwarz
If one of these posts answered your question or issue, please click on "Mark as answer".
My Blog | Twitter: @Schwarz_Stephan | MCTS, MCITP, MCSA, MCC-2011.
How to configure Windows RE/OEM Recovery Partition with MDT
How to configure Windows RE/OEM Recovery Partition with MDT 2012 Update 1
.png)
