I've been trying out some workstation deployment scenarios to see if it is possible to use Microsoft Automated Deployment Services (ADS) to deploy Windows XP.
Microsoft has a plethora of deployment solutions and the main one for workstation deployment is the solution accelerator for business desktop deployment (BDD); however the enterprise edition of this relies on the use of Microsoft Systems Management Server (SMS) and the standard edition requires third-party imaging tools.
Microsoft Remote Installation Services (RIS) is a perfectly good PXE boot server included within Windows 2000 Server and Windows Server 2003 but what I like about ADS is that it uses PXE to boot a miniature version of Windows Server 2003 (not Windows PE) called the ADS deployment agent (DA), which allows control from the server end. Using this technology, sequences can be built up to powerful jobs that control most aspects of a server build and I wanted to do this with a Windows XP workstation build.
The official line from Microsoft is that ADS is not supported for Windows 2000 Professional or Windows XP. Microsoft states that it is not possible to use ADS to deploy Windows XP or Windows 2000 Professional because:
"In addition to licensing constraints, the design of ADS is limited to servers as follows:
- There is no ability to migrate user state, thus all user information is lost when a new image is applied.
- ADS is designed to run on server-class hardware and cannot handle the diversity of client hardware.
- ADS deploys images using a 'push' method and does not allow users or staff to initiate a deployment from the client computer.
- Clients often exist behind slow links and ADS is designed to operate over a well-connected network."
But ADS works with Windows 2000 Server and Windows Server 2003 (which is very similar to Windows XP in many ways) so I thought it must be possible. In addition, Windows Vista deployment will use Windows Deployment Services (WDS), and although I haven't looked at WDS, the Windows Automated Installation Kit (WAIK) User's Guide for Windows Code named "Longhorn" says that:
"WDS enables companies to remotely administer and deploy the latest operating system, using Windows PE and WDS Server. This deployment scenario can be fully unattended, and is customizable and scalable. [WDS] replaces the existing Remote Installation Services (RIS) deployment technology."
(that sounds like a development of ADS to me!)
One of my ex-colleagues at Conchango pointed me to Paul Edlund's blog post on using ADS with Windows XP.
This gives advice on using the Microsoft System Preparation Tool (SysPrep) to prepare the Windows XP SP2 build for imaging, including SysPrepping the source machine to dump all of the plug and play IDs into the sysprep.inf file (thus avoiding issues with the variety of client hardware).
Before I could do this, I had to overcome some issues with SysPrep, which was refusing to play ball reporting the following error message:
There is an incompatibility between this tool and the current operating system. Unable to continue.
Although there are other tools available for changing workstation SIDs, like Sysinternals NewSID, SysPrep is the only one supported by Microsoft.
I was using the version from the deploy.cab file on the Windows XP SP2 CD (dated 4 August 2004, 13:00), so I thought that a later version may be available but Microsoft knowledge base article 838080 links to an identical set of deployment tools and even indicates that the version on the SP2 CD is current.
It turns out that because the latest version of SysPrep can be used for either Windows XP or Windows Server 2003, it asks the Server service which operating system it is running on. If the server service is not running (e.g. if the File and Print Sharing for Microsoft Networks service is not installed), this fails.
The workaround is to install the File and Print Sharing for Microsoft Networks service, start SysPrep, and then uninstall the File and Print Sharing for Microsoft Networks service whilst SysPrep is working. I found the answer on the Microsoft Software Forum Network Unattended Windows board, but I'm amazed there is not a Microsoft knowledge base article on this.
Getting back to using ADS to deploy Windows XP, and quoting from Paul's article (with minor edits for flow and grammar):
"This allows you to take an image from one machine and use it on a different desktop (assuming the HAL is the same). To perform this step, create a blank sysprep.inf file in the same directory as sysprep.exe. Now open the sysprep.inf file and add the following text to the first line of the file:
Without this tag in the file, SysPrep will run but it won't put anything in the file (so you can't forget this). Now save and close sysprep.inf and run sysprep -bmsd. This will dump all of the plug and play IDs from the driver.cab file into the sysprep.inf file. These IDs are used to populate the critical devices database in the registry.
Now copy the contents of the [SysprepMassStorage] section and paste it into the actual sysprep.inf file you want to use from the ADS sysprep.inf templates. The problem is that you will now have populated a huge number of entries in the critical devices database which means that every time your XP machine tries to start, it will try to load each of these drivers, resulting in a very long startup time. So to stop this from happening, add the -clean switch when running SysPrep."
The SysPrep syntax which Paul gives for the next step didn't work for me, but I ran sysprep -clean followed by sysprep -reseal -mini -pnp -reboot (although I think the last switch should have been -noreboot as my source computer booted into the mini-setup wizard after SysPrep had completed and I really wanted it to shut down).
There's some more information in Paul's article about the various SysPrep switches and the need for a blank administrator password on the source PC (Microsoft knowledge base article 302577 details the usage of SysPrep including the various command line switches).
Using Paul's article, combined with the information in the ADS quick start guide (part of the ADS installation), I was able to successfully capture and deploy a Windows XP image in a Virtual Server environment although there were a couple of gotchas (two of which are related to my use of a virtual environment):
- Because I'd already SysPrepped the source PC, I couldn't use the supplied capture-image.xml sequence without editing it to drop the first step (actually I just used the boot-to-da.xml sequence and a one-time job to run the /imaging/imgbmdeploy.exe command with the imagename \device\harddisk0\partition1 "description" -c -client parameters).
- Also, my use of dynamically expanding virtual disks in Virtual Server meant that the volume size was recorded by ADS as 17166127104 bytes and so I had to use the ADS sequence editor to edit the parameters in the da-deploy-image-wg.xml sequence to use /C:16371 before the deployment was successful.
- Finally, as the current version of Virtual Server doesn't include PXE boot capabilities, I needed to use a virtual floppy disk with the contents of the RIS boot floppy (for details, see my earlier post on trials and tribulations with RIS, although Roudy Bob's virtual RIS boot disk has moved so the link in my original post seems to be broken).
It's also worth noting that because I was using Virtual Server, all of my hardware was standard. I'd be interested to hear how anybody gets on with this using a variety of physical workstations, but I didn't have the time or resources to take the experiment that far.
To summarise, capturing and deploying Windows XP using ADS works, but it is not supported by Microsoft. It's still something to think about if you're willing to take that risk (I'm not prepared to risk an unsupported solution on my current project with 16000 workstations spread across hundreds of sites) but if nothing else it's a good way to spend some time familiarising yourself with SysPrep and ADS.