none
Building a Win10 reference image - 7 questions about MDT RRS feed

  • Question

  • I am working on an a (semi-)automated Litetouch reference image of Windows 10 x64 Ent. with most applications installed. I have run into several issues along the way. I hope someone will spare the time to enlighten me on some of them :)

    1. Can a Task Sequence become corrupt?
    I have seen solutions on Technet sometimes suggesting to recreate a Task Sequence in different scenarios. I have right now a problem with at TS not starting sysprep in my reference image, but seem to skip it, and instead reboot Windows 10 back to the desktop  in an inconsistent state (share mounted but disconnected, no admin right but still logged in as Administrator etc.). When I made a new TS and began building it, it worked again - so far.

    2. WDS or not? 
    Would I benefit using WDS to deploy images, if I cannot benefit from PXE boot? I would have to use a Discovery image (on a USB stick preferably).

    3. Windows Update steps and installing applications
    What is best practice when using both Windows update steps (using WSUS) and also install applications in a reference image.

    The default TS setup is pretty simple:

    - Windows Update pre
    - Install applications
    - Windows Update post
    - (Custom Tasks)

    A guide on Technet suggest this:

    - (Custom Tasks - pre Windows update)
    - Install basic stuff (.NET, VCRedist etc.)
    - Restart
    - Windows Update pre
    - Install application
    - Windows Update post
    - (Custom Tasks - post Windows update)

    The latter seem more safe, but perhaps it introduce more complexity than necessary?

    5. Do I need to re-import Applications, when I update either source files or install-script?

    6. Hanging deployments
    Sometimes my deployments or captures are hanging, just because there are too many connections to my MDT server. Cleaning up dead connections often resumes whatever MDT is doing. Is this normal? I would assume some automatic cleanup process would happen whenever a TS completed?

    7. Purple restart screen on first reboot after deployment
    This is maybe a bit bizarre question, but I have had some issues with my reference image, where the restart screen, after the initial deployment to a PC, would become purple when it restarted for the first time. Booting back to the desktop, it briefly appears again, but from here on it is only blue as expected on every reboot/startup. No relevant entries in Event logs, Setuperr.log or Setupact.log. No system file errors either. Would you start deploying an image, if you knew this happened? I have a bad feeling about it.




    • Edited by lyngsie Saturday, May 14, 2016 5:04 PM
    Saturday, May 14, 2016 4:46 PM

Answers

  • 1) The problem is rather that you need to recreate a Task Sequence after updating MDT in most cases.
         Because of that I prefix all my modifications with ### so I can incorporate them easily into a new Task Sequence.

    2) I am using the same WDS server for Windows and Linux deployments.
    I am not sure if I should describe the process, it's a hacky approach and took me quite some time. (UEFI Linux deployments are not working yet)

    Maybe tell us a bit about your Linux environment.

    3) The more complex your environment, the more tricks are required to get a sequence which "fits them all".
    Keep it simple if there are no problems. (Yes, I made changes to this section as well due to a single product)

    4) 42

    5) No changes are required if the command line arguments still work that way

    6) Which OS are you running your MDT on? Client OSs have a low limit for concurrent connection

    7) Can be complex... But you're on your way!




    • Proposed as answer by Ty GlanderModerator Wednesday, May 18, 2016 6:22 PM
    • Marked as answer by lyngsie Tuesday, May 24, 2016 8:46 AM
    Wednesday, May 18, 2016 6:14 PM

All replies

  • 1.  Task Sequences are stored as .xml files. Any .xml file can become corrupt.

    2. You do not say why you cannot PXE so it is hard to say if the PXE issues would also be problems for WDS implementation.  Using some method of network access for images allow for you to have a) control over what image is available to the community b) centralize how to get to the image (WDS shows way to image, USB boot media only needs to know how to get to WDS server) c) WDS has multicast capabilities (more information can be found here: https://keithga.wordpress.com/2014/04/23/multicasting-with-mdt/)

    3.  The TechNet suggestion make more sense to me.  You install foundational apps first (apps that other apps will rely on to function such as .Net, Java, Silverlight, etc.).  Then let WSUS update those that it can.  Then allow additional apps to install (so they are utilizing the patches foundation apps).  Then allow WSUs to patch those apps (usually MS apps like Office, Viso, Project, etc.).  I think this may result in an overall short run time for WSUS (instead of one pass to patch everything, first pass handles some apps and second pass handles later installed apps and any additional patches for the foundation apps).

    4. (You missed 4 in your numbering)

    5. You do not NEED to reimport applications.  I have updated application source files or install scripts without removing and re-importing the application.

    6.  I am not certain MDT handles connection cleanup.  That my be left to the underlying OS.  I wonder if systems are fully completing the build process (thus leaving a file lock somewhere).

    7. If it only happens on certain models, I would assume it is a driver issue and explore that.  If it is happening on all models, I would take time to see if something in the reference image is causing it (security software for example).  If you can find nothing, you do not have the time to focus on this one issue (we all must multitask!) and the systems do not seem to have any OS or application issues, I may be inclined to let it go

    Monday, May 16, 2016 2:15 PM
  • Thank you for answering BiAtE-Z.

    1. I am aware that any file can become corrupt. What I meant was, can MDT somehow mess up a TS without any prior user interventions? I have seen the same Task Sequence behave differently though nothing has been changed.

    2. We cannot use PXE because we already have e PXE server for our Linux terminals, and it does not seem easy to have 2 or more PXE servers on the same subnet. I have already used a USB litetouch bootable media from MDT with success, so I thought maybe the I could do the same with WDS.

    3. I agree.

    4. Yes, I made a numbering error. Sorry.

    5. Thanks - As you might have figured out, I am no MDT expert, and I though maybe MDT used some MD5 check or similar.

    6. Yes, the build process is done 100% but sometimes the deployment share is still connected. I have implemented a Finalize-script to cleanup stuff like this now.

    7. I pinned it down to a software/sysprep related issue. Either one of these is the culprit that result in a purple restart screen at first reboot after deployment:
    Firefox x86 US, 7-zip, WinSCP, PuTTY, Java 8 (x86) or Flash player plugin (NPAPI).

    Wednesday, May 18, 2016 7:11 AM
  • 1) The problem is rather that you need to recreate a Task Sequence after updating MDT in most cases.
         Because of that I prefix all my modifications with ### so I can incorporate them easily into a new Task Sequence.

    2) I am using the same WDS server for Windows and Linux deployments.
    I am not sure if I should describe the process, it's a hacky approach and took me quite some time. (UEFI Linux deployments are not working yet)

    Maybe tell us a bit about your Linux environment.

    3) The more complex your environment, the more tricks are required to get a sequence which "fits them all".
    Keep it simple if there are no problems. (Yes, I made changes to this section as well due to a single product)

    4) 42

    5) No changes are required if the command line arguments still work that way

    6) Which OS are you running your MDT on? Client OSs have a low limit for concurrent connection

    7) Can be complex... But you're on your way!




    • Proposed as answer by Ty GlanderModerator Wednesday, May 18, 2016 6:22 PM
    • Marked as answer by lyngsie Tuesday, May 24, 2016 8:46 AM
    Wednesday, May 18, 2016 6:14 PM
  • Thanks for all replies. I don't know the rules for mark as answered here. My questions were not very specific, and as a result of this, the two answers I received were also in general terms. But I cannot mark both as answered, so I follow the moderators suggestion.

    I do not want to go into a discussion about WDS and linux right now. I have a demanding task to finish this Windows 10 image in MDT as quick as possible, so WDS must wait.

    Oriooff: You were right about question #6: it is a client OS, and I will move to a server OS ASAP.

    Tuesday, May 24, 2016 8:46 AM