- Open the Deployment Toolkit and go to the Application folder. The Application folder has three folders, one of which says “Stand Alone Applications.” This is where we will keep all of these installers, if only because that will keep them organizationally out of the way during the deployment. Generally speaking, all deployments should be relying on Application Bundles to have all of the applications that are needed for a client in them.
- Right-click on the “Stand Alone Applications” folder and click “New Application.”
- Leave the radio button on “Application with source files.” This will import the source files needed for installation into the deployment share, rather than rely on a network path for reference.
- Name the Application. You can fill in the optional information, but I never do.
- Browse to the source directory. This is the folder that should have all of the files that are needed for installation.
- Type in the name of the application.
- This is the most important part of this whole thing. This is the command line command that you use to run the installer. The second line, in the “Working directory” field,” is the directory where the command will be run.
- Hit Next and it should be done.
Folder Redirection
A guide to how I do folder redirection.
Step-by-step guide
- Create your share where you will keep the profile folders
- For this example, the folder will be at D:\Profiles.
- Change SMB permissions to include “Everyone / Full control”
- Change NTFS permissions to include:
- “System / Full Control / This folder, subfolder and files”
- “Administrators / Full Control / This folder, subfolder, and file,”
- “Creator Owner / Full Control / Subfolders and Files only”
- Domain Users / List folder, Read data, Create Folders, Append Data, Read Attributes, Read Extended Attributes, Read Permissions / This folder only”
- Under Advanced Sharing…” change the share name to Profiles$.
- If you are going to do offline file mode with these files, check off the option to allow files and programs that users specify to be available offline.
- Create a GPO as below, except grant user exclusive rights to <folder> should be disabled.:
- Apply the GPO to the users container.
Location of Folder Redirection Registry Keys
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
Creating an App Bundle
- Go into the Deployment Toolkit. Under the Applications folder are three folders, but in the general Applications folder, you’ll find a bunch of Application Bundles. This is how we package all of the software that a client needs together easily. Application bundles are just a list of what previously imported stand alone appliations need to be installed. It’s a bundle.
- Right-click on the Application folder and click “New Application.”
- Choose “Application Bundle.”
- Name the Application bundle. You can add the optional stuff, but I usually don’t.
- Click Next.
- Find the new Application Bundle you’ve created, right-click, and go into the properties. This is where we will set the “dependencies,” which is really just the name for the applications that will be installed.
- Click on the “Dependencies” tab and click “Add.”
- Check off the applications you would like to have added to the Application Bundle, then click OK. Note that you can nest other Application Bundles in this one, though there shouldn’t be too much reason to.
- On the previous window you’ll see the applications you added as dependencies. You can move applications up and down this list, and applications will be installed from top down. This is why I usually leave Ninite Installer as the last one on the list. It is the only application that requires user input, so having it be the application means that everything else is automatically installed before this, and once the user hits okay, the deployment is practically done.
Sysprep Image
Because I keep forgetting the keystrokes for this…
After booting to installation media, after clicking start but before choosing “Custom” or “Express Installation,” press Ctrl + Shift + F3.
MDT Deployment Share Permissions
In case, like me, you accidentally screw it up.
Remember that you need to set both share permissions and NTFS permissions.
Share Permissions
All of the following should have full control: CREATOR OWNER, SYSTEM, Domain Admins, Administrators, (Any service accounts you’re using for the deployment).
NTFS Permissions
All of the following should have full control: SYSTEM, Domain Admins, Administrators, (Any service accounts you’re using for the deployment).
Configuring an MDT Server
This might be out dated at this point, as I wrote this three years ago. I post it here for posterity, and maybe I’ll come back and clean it up later.
Step 1: Obtain the Required Software
This guide assumes that the Windows Server 2012 R2 is installed on a computer named WDG-MDT-01. If the computer you are using has a different name, substitute the name of that computer for WDG-MDT-01.
Note This section assumes that you are creating a new infrastructure for MDT.
The following software is required to install MDT:
MDT 2013 (https://www.microsoft.com/en-us/download/details.aspx?id=48595)
Windows ADK for Windows 10 (https://msdn.microsoft.com/en-us/windows/hardware/dn913721(v=vs.8.5).aspx#adkwin10)
Step 2: Prepare the MDT Environment
Step 2-1: Install MDT
To install MDT, complete the following steps:
- Double-click MicrosoftDeploymentToolkit2013_x64.msi (for 64-bit operating systems) or MicrosoftDeploymentToolkit2013_x86.msi(for 32-bit operating systems), and then click Install.
The Microsoft Deployment Toolkit 2013 Setup Wizard starts.
- Complete the Microsoft Deployment Toolkit 2013 Setup Wizard using the information in Table 2. Accept the default values unlessotherwise specified.
Table 2. Information for Completing the Microsoft Deployment Toolkit 2013 Setup Wizard
On this wizard page | Do this |
Welcome to the Microsoft Deployment Toolkit 2013 Setup Wizard | Click Next. |
End-User License Agreement | Click I accept the terms in the License Agreement, and then click Next. |
Custom Setup | Click Next. |
Ready to install Microsoft Deployment Toolkit 2013 | Click Install. |
Installing Microsoft Deployment Toolkit 2013 | The progress for installing MDT is displayed. |
Completing the Microsoft Deployment Toolkit 2013 Setup Wizard | Click Finish. |
The Microsoft Deployment Toolkit 2013 Setup Wizard finishes, and MDT is installed on WDG-MDT-01.
Step 2-2: Install Windows ADK
To install Windows ADK, perform the following steps:
- Mount the Windows ADK distribution files on a physical or virtual CD-ROM drive.
- In Windows Explorer, go to the root of the CD-ROM drive, and then double-click adksetup.exe.
The Assessment and Deployment Kit Setup Wizard starts.
- Complete the Assessment and Deployment Kit Setup Wizard using the information in Table 3.
Table 3. Information for Completing the Assessment and Deployment Kit Setup Wizard
On this wizard page | Do this |
Specify Location | Click Next. |
Join the Customer Experience ImprovementProgram (CEIP) | Click Yes if you want to participate or No if not. Then, click Next. |
License Agreement | Click Accept. |
Select the features you want to install | Ensure that only the check boxes for the following features are selected, and then click Next:Deployment ToolsWindows Preinstallation Environment (Windows PE)Windows User State Migration ToolNote MDT does not require the other features, but they can be installed, if desired. |
Installing features | The progress for installing the features is displayed. |
Welcome to the Assessment and Deployment Kit | Click Close. |
- Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench.
- Close all open windows.
Before deployment can begin, create an MDT deployment share in the Deployment Workbench. This deployment share is the repository for the operating system images, language packs, applications, device drivers, and other software deployed to the target computers.
To create a deployment share in the Deployment Workbench
- Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench.
- In the Deployment Workbench console tree, go to Deployment Workbench/Deployment Shares.
- In the Actions pane, click New Deployment Shares.
The New Deployment Share Wizard starts.
- Complete the New Deployment Share Wizard using the information in Table 4. Table 4. Information for Completing the New Deployment Share Wizard
On this wizard page | Do this |
Path | In Deployment share path, type C:\DeploymentShare$, and then click Next. |
Share | Click Next. |
Descriptive Name | Click Next. |
Options | Click Next. |
Summary | Click Next. |
Progress | The progress for creating the deployment share is displayed. |
Confirmation | Click Finish. |
The New Deployment Share Wizard finishes, and the new deployment share—MDT Deployment Share
(C:\DeploymentShare$)—appears in the details pane
MDT acts as a repository for the operating system files deployed to the reference computer (WDG-REF-01) and target computer (WDG-CLI-01). Add the operating system in the Operating Systems node in the Deployment Workbench using the Import Operating System Wizard.
To add the Windows 8.1 operating system files to the deployment share
- Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench.
- In the Deployment Workbench console tree, go to Deployment Workbench/Deployment Shares/MDT Deployment Share(C:\DeploymentShare$)/Operating Systems.
- In the Actions pane, click Import Operating System.
The Import Operating System Wizard starts.
- Complete the Import Operating System Wizard using the information in Table 5.
Table 5. Information for Completing the Import Operating System Wizard
On this wizard page | Do this |
OS Type | Click Full set of source files, and then click Next. |
Source | In Source directory, type source_path (where source_path is the fully qualified path to the Windows 8.1 distribution files), and then click Next. |
Destination | Click Next. |
Summary | Click Next. |
Progress | The progress for importing the operating system is displayed. |
Confirmation | Click Finish. |
The Import Operating System Wizard finishes. Windows 8.1 is added to the list of operating systems in the details pane and copied to the deployment_share\Operating Systems\operating_system folder (where deployment_share is the shared network folder you created earlier in the process and operating_system is the name of the operating system you added to the deployment share).
Step 3-3: Add Device Drivers to the Deployment Share
After you have added Windows 8.1 to the Deployment Workbench, add any device drivers required for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01). These device drivers will be added to Windows PE and deployed with Windows 8.1. Add the device drivers in the Out-of-box Drivers node in the Deployment Workbench by using the New Driver Wizard, which copies the device driver files to the deployment share in Out-of-Box Drivers\device_driver (where device_driver is the name of the device driver you added to the deployment share).
Note If the device drivers for the reference computer (WDG-REF-01) and the target computer (WDG-CLI-01) are included with Windows 8.1, skip this step and proceed with the following step.
To add the device drivers for the reference and target computers to the distribution share
- Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench.
- In the Deployment Workbench console tree, go to Deployment Workbench/Deployment Shares/MDT Deployment Share(C:\DeploymentShare$)/Out-of-Box Drivers.
- In the Actions pane, click Import Drivers.
The Import Driver Wizard starts.
- Complete the Import Driver Wizard using the information in Table 6. Table 6. Information for Completing the Import Driver Wizard
On this wizard page | Do this |
SpecifyDirectory | In Driver source directory, type driver_path (where driver_path is the fully qualified path to the folder containing the device drivers), and then click Next. |
Summary | Click Next. |
Progress | The progress for importing the device drivers is displayed. |
Confirmation | Click Finish. |
The Import Driver Wizard finishes. The device drivers are added to the list of operating systems in the details pane and are copied to the deployment_share\Out-of-box Drivers folder (where deployment_share is the deployment share you created earlier in the process).
Step 3-4: Create a Task Sequence for the Reference Computer
Create MDT task sequences in the Task Sequences node in the Deployment Workbench using the New Task Sequence Wizard. MDT includes the Standard Client Task Sequence template, which you can use to deploy the target operating system to the reference computer (WDG-REF-01).
To create a task sequence for deploying the reference computer
- Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench.
- In the Deployment Workbench console tree, go to Deployment Workbench/Deployment Shares/MDT Deployment Share(C:\DeploymentShare$)/Task Sequences.
- In the Actions pane, click New Task Sequence.
The New Task Sequence Wizard starts.
- Complete the New Task Sequence Wizard using the information in Table 7. Accept the default values unless otherwise specified.Table 7. Information for Completing the New Task Sequence Wizard
On this wizard page | Do this |
GeneralSettings | In Task sequence ID, type WIN8_REFERENCE.In Task sequence name, type Deploy Windows 8.1 to Reference Computer.In Task sequence comments, type Task sequence for deploying Windows 8.1 to the reference computer(WDG-REF-01).Click Next. |
SelectTemplate | In The following task sequence templates are available. Select the one you would like to use as a starting point, select Standard Client Task Sequence, and then click Next. |
Select OS | In The following operating system images are available to be deployed with this task sequence. Select one to use, select Windows 8.1 edition (where edition is the edition of Windows 8.1 added to the Operating Systems node in the Deployment Workbench), and then click Next. |
SpecifyProduct Key | Click Do not specify a product key at this time, and then click Next. |
OS Settings | In Full Name, type Woodgrove Bank Employee.In Organization, type Woodgrove Bank.In Internet Explorer Home Page, type http://www.woodgrovebank.com.Click Next. |
AdminPassword | In Administrator Password and Please confirm Administrator Password, type P@ssw0rd, and then click Next. |
Summary | Click Next. |
Progress | The progress for creating the task sequence is displayed. |
Confirmation | Click Finish. |
The Import Task Sequence Wizard finishes, and the Deploy Windows 8.1 to Reference Computer task sequence is added to the list of task sequences.
Step 3-5: Enable LTI Deployment Process Monitoring
Prior to deploying the reference computer (WDG-REF-01) with the LTI bootable media you created earlier in the process, enable monitoring of the LTI deployment process. You monitor the LTI deployment process in the Monitoring node in the deployment share. You enable monitoring on the Monitoring tab on the deployment share properties sheet. Later in the process, you will monitor the LTI deployment process.
To enable monitoring of the LTI deployment process
- Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench.
- In the Deployment Workbench console tree, go to Deployment Workbench/Deployment Shares.
- In the details pane, click MDT Deployment Share (C:\DeploymentShare$).
- In the Actions pane, click Properties.
The MDT Deployment Share (C:\DeploymentShare$) Properties dialog box opens.
- In the MDT Deployment Share (C:\DeploymentShare$) Properties dialog box, on the Monitoring tab, select the Enable monitoring forthis deployment share check box, and then click Apply.
- In the MDT Deployment Share (C:\DeploymentShare$) Properties dialog box, on the Rules tab, notice that the EventService propertyhas been added to the CustomSettings.ini file, and then click OK.
- Close all open windows and dialog boxes.
Step 3-6: Update the Deployment Share
After configuring the deployment share, update it. Updating the deployment share updates all the MDT configuration files and generates a customized version of Windows PE. You use the customized version of Windows PE to start the reference computer and initiate LTI deployment.
To update the deployment share in the Deployment Workbench
- Click Start, and then point to All Programs. Point to Microsoft Deployment Toolkit, and then click Deployment Workbench.
- In the Deployment Workbench console tree, go to Deployment Workbench/Deployment Shares.
- In the details pane, click MDT Deployment Share (C:\DeploymentShare$).
- In the Actions pane, click Update Deployment Share.
The Update Deployment Share Wizard starts.
- Complete the Update Deployment Share Wizard using the information in Table 8. Accept the default values unless otherwisespecified.
Table 8. Information for Completing the Update Deployment Share Wizard
On this wizard page | Do this |
Options | Click Next. |
Summary | Click Next. |
Progress | The progress for updating the deployment share is displayed. |
Confirmation | Click Finish. |
The Deployment Workbench starts updating the MDT Deployment Share (C:\DeploymentShare$) deployment share. The Deployment Workbench also creates the LiteTouchPE_x64.iso and LiteTouchPE_x64.wim files (for 64-bit target computers) or LiteTouchPE_x86.iso and LiteTouchPE_x86.wim files (for 32-bit target computers) in the deployment_share\Boot folder (where deployment_share is the network shared folder used as the deployment share).
Robocopy
Obviously, tailor it to what you’re doing, but this is my go to list of switches
robocopy "SourceDirectory"
"DestinationDirectory"
/e /copyall /v /log+:"LogFileLocation.log"
- Copies all directories, even empty ones
- Retains all file and folder information (including permissions)
- Creates a verbose log file at LogFileLocation to tell you what it did
Offline File Setup
Just the way I do it
Under Windows Settings > Administrative Templates > Network > Offline Files:
Transferring FSMO Roles
Commands to transfer
ntdsutil
roles
connection
connect to server <ServerName>
q
transfer <RoleName>
List of FSMO roles (and syntax for transfer role command)
Schema Master (schema master)
Naming Master (naming master)
PDC Emulator (pdc)
RID Master (rid master)
Infrastructure Master (infrastructure master)
Checking for FSMO role holder
From a domain controller:
netdom query fsmo