Lab Ops Part 13 - MDT 2013 for VDI

The core of any VDI  deployment is the Virtual Desktop Template (VDT) which is the blueprint from which all the virtual desktop VMs are created.  It occurred to me that there must be a way to create and maintain this using the deployment tools used to create real desktops rather than the way I hack the Windows 8.1 Enterprise Evaluation iso currently with this PowerShell  ..

$VMName = "RDS-VDITemplate"
$VMSwitch = "RDS-Switch"
$WorkingDir = "E:\Temp VM Store\"
$VMPath = $WorkingDir + $VMName
$SysPrepVHDX = $WorkingDir + $VMName +"\RDS-VDITemplate.VHDX"

# Create the VHD from the Installation iso using the Microsoft Convert windows image script
md $VMPath
cd ($WorkingDir + "resources")
.\Convert-WindowsImage.ps1 -SourcePath ($WorkingDir +"Resources\9600.16384.WINBLUE_RTM.130821-1623_X64FRE_ENTERPRISE_EVAL_EN-US-IRM_CENA_X64FREE_EN-US_DV5.ISO") -Size 100GB -VHDFormat VHDX -VHD $SysPrepVHDX -Edition "Enterprise"
#Create the VM itself
New-VM –Name $VMName –VHDPath $SysPrepVHDX -SwitchName $VMSwitch -Path $VMPath -Generation 1 -BootDevice IDE

# Tune these setting as you need to
Set-VM -Name $VMName –MemoryStartupBytes 1024Mb
Set-VM -Name $VMName -DynamicMemory
Set-VM -Name $VMName -MemoryMinimumBytes 512Mb
Set-VM -Name $VMName -AutomaticStartAction StartIfRunning
Set-Vm -Name $VMName -AutomaticStopAction ShutDown
Set-Vm -Name $VMName -ProcessorCount 2

So how does a deployment guy like Simon create Windows8.1 desktops - he uses the Microsoft Deployment Toolkit 2013 (MDT) and the Windows Assessment and Deployment Toolkit 8.1  (ADK) that it’s based on.  So I created another VM RDS-Ops with these tools on and started to learn how to do deployment.   I know that when I create a collection with the wizard or with PowerShell (e.g. New-VirtualDesktopCollection) I can specify an unattend.xml file to use as part of the process. The ADK allows you to do this directly but I am going to  build a better mousetrap in MDT and because I want to go on to deploy Group Policy Packs, updates and applications which I know I can do in MDT as well.

If you have used MDT please look away now as this isn’t may day job,.However there doesn’t seem to be any posts or articles on creating a VDT from either ADK, MDT or even System Center Configuration Manager so I am going to try and fill that gap here

I wanted to install MDT onto a VM running Windows Server 2012R2 with 2x VHDXs the second one being for my deployment share so I could deduplicate the iso and wim files that will be stored here. I then installed the ADK  which needs to be done twice -  the initial ADK download is only tiny because it pulls the rest of the installation files as part of the setup so I first ran adksetup /layout <Path> on an internet connected laptop and then copied the install across to the VM (along with MDT) and then ran..

adksetup.exe /quiet /installpath <the path specified in the layout option> /features OptionId.DeploymentTools OptionId.WindowsPreinstallationEnvironment OptionId.UserStateMigrationTool'

before installing MDT with:

MicrosoftDeploymentToolkit2013_x64.msi /Quiet.

Now I am ready to start to learn or demo MDT to build my template based on the Quick Start Guide for Lite Touch Installation included in the MDT documentation. which goes like this:

  • On the machine running MDT Create a Deployment Share 
  • Import an OS - I used the Windows 8.1 Enterprise Eval iso for this by mounting the iso on the VM and importing from that.
  • Add in drivers packages and applications - I will do this in a later post 
  • Create a task sequence to deploy the imported image to a Reference Computer. 
  • Update the Deployment Share which builds a special image (in both wim and iso formats)
  • Deploy all that to a Reference Computer and start it
  • The deployment wizard that runs on the Reference Computer when it comes out of sysprep allows you to capture an image of it back into MDT.
  • Capture that image form the Reference Computer 
  • Create a task sequence to deploy that captured image to the Target computers
  • Update the Deployment Share again with the captured image in and optionally hook it up to Windows Deployment Services and you are now ready to deploy your custom image to your users’ desktops.

However I deviated from this in two ways:

1. Creating the Reference Computer:

All I needed to do here was to create a VM (RDS-Ref) based on the iso created by the deployment share update process..

$VMName = "RDS-Ref"
$VMSwitch = "RDS-Switch"
$WorkingDir = "E:\Temp VM Store\"
$VMPath = $WorkingDir + $VMName
$VHDXPath = $WorkingDir + $VMName +"\" + $VMName +".VHDX"

# Housekeeping 1. delete the VM from Hyper-V
$vmlist = get-vm | where vmname -in $vmname
$vmlist | where state -eq "saved" | Remove-VM -Verbose -Force
$vmlist | where state -eq "off" | Remove-VM -Verbose -Force
$vmlist | where state -eq "running" | stop-vm -verbose -force -Passthru | Remove-VM -verbose -force
#House keeping 2. get back the storage
If (Test-Path $VMPath) {Remove-Item $VMPath -Recurse}
# Create a new VHD
md $VMPath
new-VHD -Path $VHDXPath -Dynamic -SizeBytes 30Gb

#Create the VM itself
New-VM –Name $VMName –VHDPath $VHDXPath -SwitchName $VMSwitch -Path $VMPath -Generation 1

#Attach iso in the deployment share to build the Reference Computer from the MDT VM (RDS-OPs)
Set-VMDvdDrive -VMName $VMName -Path '\\rds-ops\DeploymentShare$\Boot\LiteTouchPE_x64.iso'
Start-VM -Name $VMname

Once this VM comes out of sysprep it will launch the Deployment Wizard on the Reference Computer.  I designed the script to be run again and again until I get it right which was good because I kept making mistakes as I refined it.  The documentation is pretty good but I also referred to the excellent posts by Mitch Tulloch on MDT especially part 7 on automating Lite Touch by editing the INI files scenario above on the Deployment Share properties described below.

2. Completing the Deployment Wizard on the Reference Computer

In the Lite Touch scenario  the Reference Computer is captured back into MDT and used to deploy to target computers usually by using the Windows Deployment Services role in Windows Server directly or via Configuration Manager. In VDI the target computers are VMs and their deployment is handled by the RDS Broker either in Server Manager or with the Remote Desktop Powershell commands like New-VirtualDesktopCollection.  Whichever way I create VDI collections all I need is that virtual desktop template and in this case that’s just the Reference Computer but it needs to be turned off and in a sysprepped state.  The good news is that the Deployment Wizard in MDT 2013 has exactly this option so I can select that and when it’s complete all I need to do is to remember to eject the iso with the Lite Touch pre execution installation on (or that will be inherited by all the virtual desktops!).

Automation

If you are with me so far you can see we have the makings of something quite useful even in production.   What I need to do now is automate this so that my Reference Computer will start install and configure the OS based on my Deployment Share and then sysprep and shutdwon without any user intervention. To do that I need to modify the bootstrap.ini file that launches the deployment wizard (from the Deployment Share properties go to the rules tab and select edit Bootsrap.ini)..

[Settings]

Priority=Default

[Default]

DeployRoot=\\RDS-OPS\DeploymentShare$

UserID=Administrator

UserDomain=CONTOSO

UserPassword=Passw0rd

KeyboardLocale=en-GB

SkipBDDWelcome=YES.

to tell the wizard where my deployment share is and how to connect to it, and then suppress the welcome screen. Then I need to modify the rules themselves (Control Setting.ini) so that the wizard uses my task sequence, hides all the settings screens and supplies the answers to those setting directly..

[Settings]

Priority=Default

Properties=MyCustomProperty

[Default]

DeploymentType=NEWCOMPUTER

OSInstall=YES

SkipAdminPassword=YES

SkipProductKey=YES

SkipComputerBackup=YES

SkipBitLocker=YES

EventService=https://RDS-Ops:9800

SkipBDDWelcome=YES

SkipTaskSequence=YES

TaskSequenceID=Win81Ref

SkipCapture=YES

DoCapture=SYSPREP

FinishAction=SHUTDOWN

SkipComputerName=YES

SkipDomainMembership=YES

SkipLocaleSelection=YES

KeyboardLocale=en-US

UserLocale=en-US

UILanguage=en-US

SkipPackageDisplay=YES

SkipSummary=YES

SkipFinalSummary=YES

SkipTimeZone=YES

TimeZoneName=Central Standard Time

SkipUserData=Yes

Note the bits of this in bold;

  • Event Service enables monitoring which is very useful as all the wizard screens won’t show up the way I have this set now!. 
  • MDT2012 and later allow you to sysprep and shutdown a machine which is just what I need to create my Virtual Desktop Template.

So what’s really useful here is that when I change my deployment share to add in applications and packages, modify my Task Sequence or the INI settings above, all I need to do to test the result each time is to recreate the Reference Computer like this:

  • stop the Reference Computer VM (RDS-Ref in may case) if it’s running as it will have a lock on the deployment iso
  • Update the Deployment Share
  • Run the Powershell to re-create and start it.
  • Make more coffee

Having got that working I can now turn my attention to deploy applications (both classic and modern) into my VDI collections, and then think about an automated patching process.