חלונות 7 וחלונות 8 - פריסה באופן אוטומטי מלא

By Adar Consulting
On 13 Mar., 2012

כיצד ניתן להתקין באופן אוטומטי מלא חלונות 7 וחלונות 8 לאלפי מחשבים בעלות נמוכה ובלוח זמנים קצר וזאת ע"י מערכת SCCM המשולבת עם MDTTask Sequence MOD, SCCM 2007 SP2 R2 , MDT 2010, WDS and PXE ראו לינק לפוסט המקורי שלי ובו תוכלו לקרא מאמרים נוספים: http://blogs.microsoft.co.il/blogs/yagil/

חלונות 7 וחלונות 8 - פריסה באופן אוטומטי מלא

לאחרונה סיימתי פרויקט גדול מאד ומאתגר ביותר של פריסת חלונות 7 עבור אחד מגדולי יצרני הגז הנוזלי בעולם

התהליך היה מורכב וכלל את הדרישות הבאות:

אימג' יחיד, יש צורך בתמיכה של כ 17 סוגי חומרות שנות (שולחנים וניידים)


זהה את חומרת המחשב (שולחני או נייד) ושים את האובייקט של המחשב ב OU המתאים - DT או LT בהתאמה

שנה את מיקום מחיצת הפרופיל הנודד של המשתמשים במחשב המשודרג למחיצה חדשה

תהליך יחיד אשר תומך בכל התסריטים הבאים:
שדרוג מחשב קיים
התקנת מחשב מחדש (פורמט למחשב) כאשר שם המחשב כבר מוגדר ב AD
התקנת מחשב חדש לחלוטין (דיסק ללא פורמט) כאשר המחשב אינו מוכר ל AD

צריך לשמור ולהעביר נתוני משתמשים על פי מפתח תאריך שימוש
(באופן דינמי וייחודי לכל מחשב)

יש צורך להסיר קיצורי דרך ואיקונים ישנים מהמחשב

אם חומרת המחשב ישנה, אזי אל תריץ USMT

התקן דריברים של דיסק קשיח במחשבים מיוחדים הדורשים זאת

האתגר
הכל חייב לעבוד באופן אוטומטי מלא

אף מוצר בתצורתו המקורית אינו מציע פתרון אוטומטי מלא לכל דרישות הלקוח
SCCM, MDT, WDS

הפתרון

הפתרון מצריך תהליך המספק פתרון אוטומטי אמיתי ומלא לכל הפעולות אשר יש לבצע ואשר חלקן בוצעו באופן ידני

הפתרון מגדיר תהליך אשר משתמש במרכיבי התוכנה הבאים:

Task Sequence MOD, SCCM 2007 SP2 R2 , MDT 2010, WDS and PXE

פתרון זה אפשר ללקוח להגיע למטרה תוך צמצום גדול בזמן ביצוע הפרויקט ובעלות מופחתת.



המידע הנתון מתייחס למערכות ההפעלה הבאות

Windows 7 (64bit), Window 7 (32bit), Windows XP Pro SP3 (32bit)



להלן פירוט התהליך
הכנות
פריסה Task Sequence
פעולות לאחר הפריסה
 

Preparations

Run the following per user

  • Run user level custom backup
  • Run Computer level custom backup

 

Customized Task Sequence Steps

•1. Uninstall the Anti-virus program

•2. Remove old application icons and shortcuts

•3. Capture User State with USMT with custom XML files and WMI model exceptions

  • 4. Restart computer

•5. Run computer level custom backup program

  • 6. Boot and start Windows PE session
  • 7. Deploy Reference Computer WIM file
  • 8. Apply Windows customized settings

•9. Check if new computer hardware is Desktop or Laptop and apply respective Network settings

  • 10. Apply drivers

•11. Apply special hard disk driver for a specific Laptop

  • 12. Install SCCM Client

•13. Move existing computer account Desktop or Laptop to respective new OU

•14. Wait for AD Sync

  • 15. Restart computer
  • 16. Install software updates

•17. Restore User State (USMT) with custom XML files and WMI model exceptions

•18. Apply software for a specific hardware model

•19. Change the WS users Profile path to New User Path

•20. Run GPUpdate to apply all Policies

•21. Run Plug and Play discovery

•22. Install Anti-Virus program

 

Post deployment steps

  • Run restore - retrieves all data saved on the backup server to the workstation's %SystemDrive%\RestoredData\ directory
  • Run user's restore code in per logon user to restore user's network printers' set default printer configure outlook and run it for the first time

•1.1 Preparations

•1.1.1 Custom user backup

 

This step executes the following

  • backup the current logged on user's
  • o Back user's files in delta mode settings
  • save data locally ­- save data on local per user

 

Run this application as a SCCM Package

  • SCCM Package name: BackupUserInDeltaMode
  • Program name: BackupUserInDeltaMode
  • run in silent mode with no notification
     
  • The command is a compiled EXE file
  • Source code type: SMS Installer
  • Source file name: BackupUserInDeltaMode.ipf
  • Special note: this command must run with Admin privileges with ‘Run as' settings selected and configured

 

•1.1.2 Backup local data to a network location

 This step executes the following

  • run a customized data backup to a network share
  • The customize backup is saving the following data:
  • o User level
  • o WS level - not related to users
    - c:\general-dir
    - creates user list and copy it to C:\ _SMSTSequence
    (to be used later to change user's profile path)
    - Other local directories
  • Backup target:<Backup-Server>\<target path>\<ComputerName>\
    Target server depends on Workstation's Active Directory Site membership for all relevant global sites
     

Run this application as a SCCM Package

  • SCCM Package name: BackupLocalDataInDeltaMode
  • Program name: BackupLocalDataInDeltaMode
  • run in silent mode with no notification
     
  • The command is a compiled EXE file
  • File name: Backup users data.EXE

 

  • Source code type: SMS Installer
  • Source file name: BackupLocalDataInDeltaMode.ipf
  • Special note: this command must run with Admin privileges with ‘Run as' settings selected and configured

•1.2 Detailed Customized Task Sequence steps

 

•1.2.1 Uninstall the Anti-virus

This is an additional command to the original Task Sequence

This step executes the following:

  • Uninstall Anti-Virus
  • TS step type: Command line
  • The command is a batch file
  • File location: MDT2010 Script directory \MDT Files\Scripts
  • File name: RemoveAV.bat
  • Timeout: 6 minutes

  

•1.2.2 Remove old application icons and shortcuts

This is an additional command to the original Task Sequence

 

This step executes the following:

  • Remove old Program Files net short cuts and other old desktop icons
  • Remove ALLUSERS common icons

 

  • TS step type: Command line
  • The command is a compiled EXE file
  • File name: Remove shortcuts.EXE

 

  • Source code type:SMS Installer
  • Source file name: Remove shortcuts.ipf

  

•1.2.3 Capture User State with USMT with WMI model exceptions

This is an additional command to the original Task Sequence

This step executes the following (in high level):

  • Capture user state with USMT
  • Skip this stage if it is HP D510 or D530

 

Detailed steps:

  • Capture user state with USMT SCCM package with modified USMT XML


  • Skip this stage if it is HP D510 or D530 by identifying the computer model type via a WMI Query:

    select * from Win32_ComputerSystem WHERE model <>"HP D510 SFF"
    select * from Win32_ComputerSystem WHERE model <> "HP D530 SFF"

•1.2.4 Restart computer

This step executes the following:

  • Restart the Workstation

This step use standard TS computer reboot command to provide the next step (backup) a clean user environment with no user's locked file

  

•1.2.5 Run computer level custom backup program

This is an additional command to the original Task Sequence

This is done with special developed application

This step executes the following

  • run a customized data backup to a network share
  • The customize backup is saving the following data:
  • o User level
  • o WS level - not related to users
    - c:\general-dir
    - creates user list and copy it to C:\ _SMSTSequence
    (to be used later to change user's profile path)
    - Other local directories
  • Backup target:<Backup-Server>\<target path>\<ComputerName>\
    Target server depends on Workstation's Active Directory Site membership for all relevant global sites
     

Run this application as a SCCM Package

  • SCCM Package name: BackupLocalDataInDeltaMode
  • Program name: BackupLocalDataInDeltaMode
  • run in silent mode with no notification
     
  • The command is a compiled EXE file
  • File name: Backup users data.EXE

 

  • Source code type: SMS Installer
  • Source file name: BackupLocalDataInDeltaMode.ipf
  • Special note: this command must run with Admin privileges with ‘Run as' settings selected and configured

  

•1.2.6 Boot and start Windows PE session

This step executes the following:

  • Boot the workstation to Windows PE OS session with customized background and all NIC drivers
  • TS type: Restart Computer

 

•1.2.7 Deploy Reference Computer WIM file

This step executes the following:

  • Deploy the reference Windows OS WIM image
  • TS step type: Apply Operating System Image

  

•1.2.8 Apply Windows customized settings

This step executes the following:

  • Apply customized NLNG windows setting
  • TS step type: Apply Windows Settings

 

  • In User Name box: type Corp User
  • In Organization name box type Corp Name
  • In product key box type the license key (or blank for KMS activation)
  • Select "Enable the account......."
  • Type the local admin password
  • Select Time zone i.e: (UTC) Dublin, London

 

•1.2.9 Check if new computer hardware is Desktop or Laptop and apply respective Network settings

This is an additional command to the original Task Sequence

This step executes the following:

  • Place a nonexistent computer account in the domain in a pre-designated OU
    according to hardware type (Desktop or Laptop)
    (for bare metal - new computer scenario)

  • TS step type: Apply Network Settings
  • Desktop computer will be placed in the following OU
    LDAP://OU=Desktop,OU=Windows 7,OU=Corp Computer Directory,DC=CorpName,DC=com
  • Lapktop computer will be placed in following OU
    LDAP://OU=Laptop,OU=Windows 7,OU=Corp Computer Directory,DC=CorpName,DC=com
  • Select Join to Domain
  • In Domain box type CorpName.Com
  • Select the Domain OU required
  • In Account box type CorpName\adminUser type the user password and confirm password

 

•1.2.10 Apply drivers

This step executes the following:

  • Installs hardware drivers
  • TS step type: Auto Apply Drivers

Select Install only the best.....

Select Consider drivers from all categories

 

•1.2.11 Apply special hard disk driver for a specific Laptop

This is an additional command to the original Task Sequence

This step executes the following:

  • Installs specific mass storage driver for the HP laptop computer
  • TS step type: Apply Driver Package

 

Run this step if it is HP 2530p - identifying the computer model type via a WMI Query:

select * from Win32_ComputerSystem WHERE model ="HP 2530p"

 

  • Select in Driver Package All HP drivers
  • Mark Select the mass storage driver......
  • Select in Driver box the driver Intel ESB2 SATA AHCI Controller
  • elect in Model box Intel ICH9M-E/M SATA AHCI controller

 

•1.2.12 Install SCCM Client

This step executes the following:

  • Installs the SCCM Client
  • TS step type: Setup Windows and ConfigMgr

 

•1.2.13 Move existing computer account Desktop or Laptop to respective new OU

This is an additional command to the original Task Sequence

This step executes the following:

  • Place a existing computer account in the domain to a pre-designated OU
    (for a computer refresh scenario)

  • Desktop computer will be placed in the following OU
    LDAP://OU=Desktop,OU=Software By Network XP,OU=Computer Directory,DC=nlng,DC=net
  • Lapktop computer will be placed in following OU
    LDAP://OU=Laptops,OU=Software By Network XP,OU=Computer Directory,DC=nlng,DC=net

  • Run this command if it is a Desktop
    - identifying the computer type via evaluating the Task sequence variable: if DESKTOP
  • Run this command if it is a Laptop
    - identifying the computer type via evaluating the Task sequence variable: if LAPTOP

 

  • TS step type: Command line
  • The command is a VBS file
  • File location: \MDT Files\Scripts
  • File name for Desktop command: Find and Move Desktop To-OU.vbs
  • File name for Laptop command: Find and Move Laptops To-OU.vbs

 

 

•1.2.14 Wait for AD Sync

This is an additional command to the original Task Sequence

This step executes the following:

  • Wait 600 sec for AD Object move sync to all DC's
  • TS step type: Command line
  • The command is a compiled EXE file
  • File location: \MDT Files\Scripts
  • File name: wait.EXE
  • Switches used: 600

 

 

•1.2.15 Restart computer

 

This step executes the following:

  • Restart the Workstation

The Workstation Boots with the Default Operating System installed on the hard disk

 

 

•1.2.16 Install software updates

 

This step executes the following:

  • Installs all mandatory software updates published by the WSUS module on the SCCM system
  • TS step type: Install Software Updates
  • You need to configure the WSUS section on the SCCM system, all published mandatory updates will be installed automatically in this step during the OS deployment

 

•1.2.17 Restore User State with USMT with WMI model exceptions

This is an additional command to the original Task Sequence

This step executes the following (in high level):

  • Restore user state with USMT
  • Skip this stage if it is HP D510 or D530

 

Detailed steps:

  • Restore user state with USMT SCCM package with modified USMT XML

 

 

  • Skip this stage if it is HP D510 or D530 by identifying the computer model type via a WMI Query:

    select * from Win32_ComputerSystem WHERE model <>"HP D510 SFF"
    select * from Win32_ComputerSystem WHERE model <> "HP D530 SFF"

•1.2.18 Apply software for a specific hardware model

This is an additional command to the original Task Sequence

 

This step executes the following:

  • Installs required application by computer model

 

  • The applications configured as SCCM packages and are grouped in a folder
  • TS step type: Group

 

Run a group and its steps by identifying the computer model type via a WMI Query:

Sample WMI query for HP 2510p:

select * from Win32_ComputerSystem WHERE model = "HP 2510p"

  

•1.2.19 Change the WS users Profile path to new user Path

This is an additional command to the original Task Sequence

This step executes the following:

  • Change the user's roaming profile path from Profile to NewProfile i.e ProfileV2

 

Application Algorithm:

  • application read the users list from

C:\ _SMSTaskSequence\WDPackage\Scripts\UsersListToMove.txt

  • Do the following for the users in the list
  • o Check via LDAP query for the current profile settings
  • o If Profile = 0 -skip this section
    if Profile = 1 -check if it is old or new
  • § If profile =new, skip
  • § If profile =old, do the following
  • Create a new directory : NewProfile in the users directory
    \\<Server>\<Usersvrxxxx$>\<UserName>
  • Change profile path to
    \\<Server>\<Usersvrxxxx$>\<UserName>\NewProfile

 

  • TS step type: Command line
  • The command is a compiled EXE file
  • File location: \MDT Files\Scripts
  • File name: RenameNetworkUserProfileDirectory.EXE

 

  • Source code SMS Installer
  • Source file name: RenameNetworkUserProfileDirectory.ipf

•1.2.20 Run GPUpdate to apply all Policies

This is an additional command to the original Task Sequence

This step executes the following:

  • Update the Corporate group policies on the WS
  • TS step type: Command line
  • The command line: GPUpdate /force

  

•1.2.21 Run Plug and Play discovery

This is an additional command to the original Task Sequence

This command does not apply to Windows 7 and is required only for Windows XP OS deployment

This step executes the following:

  • Rerun the plug & play discovery to install all required drivers
  • TS step type: Command line
  • The command line: RunDll32.exe Syssetup.dll,UpdatePnpDeviceDrivers

  

•1.2.22 Install Anti-Virus program

This is an additional command to the original Task Sequence

 

This step executes the following:

  • Install the Antivirus program

 

  • TS step type: Command line
  • The command is a batch file
  • File location: \MDT Files\Scripts
  • File name: InstallAV.bat

 

•1.3 Post Deployment steps

 

•1.3.1 Local data restore

 

This step executes the following

  • The customize restore application retrieves all data saved on the following path:
    <Backup-Server>\Data$\<ComputerName>\
  • Data restored to the following path: %SystemDrive%\RestoredData\

 

Restore server depends on Workstation's Active Directory Site membership
 

Run this application as a run once mandatory SCCM Package

  • SCCM Package name: Restore Computer data
  • Program name: Restore V6.003 Comp Data to local disk
  • To run in silent mode add the switch /s
     
  • Source code type: SMS Installer
  • Source file name: V6.003 Restore data.ipf

למידע נוסף הינכם מוזמנים ליצור איתי קשר במייל

Yagil adar
Yagil@adar.us
web site: www.adar.us

Read more...
 
  • Browse all articles