Ok, I have no idea if this stuff is going anywhere, but at least, it's fun!
So, today the goal is to tweak MDT enough to get rid of using WIM images...??!!.. Boy, you are so disruptive, but where the Windows image will come from If you do that? Well, Microsoft has plenty of sites where we can download the latest build, why not using one of them?!... Interested.. wait, there is more: the underlying idea is to make MDT able to retrieve most of its content (Windows images, security updates, and applications) from the cloud!
Sounds impossible? The truth is that we are already closer to it than you can imagine:
- MDT is natively able to download security patches from the Microsoft Update.
- A few years ago Keith Garner wrote an MDT wrapper to download applications from Chocolatey. ( I should also point nice variations from Dan Franciscus and Matthew to fulfill more use cases)
- Windows has a built-in capability to download missing drivers and so is Microsoft Update.
The only missing part is the OS download, This is the part we are going to fix today !!!
Pre-requisites
A workstation with the latest ADK (with PE addon) and MDT installed.
To make Iso download seamlessly integrates with MDT, some modifications need to be added to the core scripts. For this time, you won't have to edit them or whatever, I've made a script that takes care of everything for you.
If you are just curious or don't want to touch your production deployment share, just create a new one for testing purposes...
So, download MDT-O-Matic.ps1 from my Github repo, and launch it as administrator with the path of you deployment share as argument like this:
MDT-O-Matic.ps1 -Deployshare <Path to your deployment share>
Under the hood, the script will do the following things:
- Generating a "virtual" WIM image that will be a place holder for the forthcoming image that we will grab from the cloud.
- Creating a New task sequence that supports OS download.
- Editing the LtiApply.wsf script to allow usage of WIM image from places outside the deployment share.
- Editing the ZtiGather.wsf script to allow internet detection.
- Adding a new wizard panel that will provide all the foreign languages that Microsoft offers for Window0 ISOs.
- Downloading 7zip into MDT for doing some background jobs during the deployment.
- Adding a new script that will download the selected ISO and extract the WIM image from it.
- Update your deployment share to apply the required components to your boot image.
The deployment will be started from a boot media so, you'll need a USB stick and the tool Rufus to install the media on the stick.
And yes, you'll need at least a "bare metal" PC with Ethernet (not WIFI) connectivity to the internet!
how it works
In the MDT subfolder Operating System\Online OS a 'virtual' (fake) WIM will be imported to make the tool think everything is normal. The virtual WIM is just an empty WIM file with Windows 10 references inside.
Also, don't pay much attention to the version number and the edition displayed, the latest version will always be downloaded from the internet to replace it during the deployment.
To make ISO download to happened over 'classic' deployment, two requirements must be met:
- Internet connectivity must be detected by ZtiGather.wsf.
- The selected task sequence must have a download image step like this:
Then the script will connect to Download Windows 10 (microsoft.com) and will retrieve the available languages. They will then populate the wizard responsible for the localization of Windows.
Note that the Windows release version is displayed over the first drop-down menu, you also have the ability to choose between Professional and Enterprise Edition just under the Keyboard Layout menu!
After the wizard stage, the task sequence will begin and the ISO corresponding with the selected language will be downloaded.
Behind the scene, once the download has completed, the ISO will be mounted as a drive and MDT will extract the WIM file from it.
LTIApply.wsf will apply the image to the hard disk like it does in a standard task sequence.
The task sequence will continue normally. Every feature you know and like in MDT will continue to work as expected!
After the first boot, your latest Windows 10 will appear installed on your computer... Yeah!!!
Now, the first question you will probably ask is how much slower is it compared to the scenario where Windows 10 is already in the media? Like often in computer science, the answer is 'It depends!!..'
At home, backed with a fiber channel internet connection the download part is less than 1 Minute. On a standard Virtual Machine with a WIFI connection provided by the host, it can take up to 15 minutes.
How to use
In MDT create a new task sequence by picking the new template available for this purpose, the Cloud Client Task Sequence:
Just, after, you'll be prompted to choose an operating system, select Windows 10 Pro in Windows 10 Latest Online Install.wim, this is the OS that the script imported earlier:
Answer all the questions from the wizard to complete the task sequence setting.
This is pretty it for the OS part, feel free to add whatever you want to your deployment share before packing everything to an ISO.
To create an ISO file, jump to the Advanced Configuration\Media subfolder in the MDT console and right-click on it to create a new media. In the Wizard panel select a place where the ISO should be created. On the selection-profile drop-down menu, selects Everything if you've started from a new deployment share.
When the Media item is created, click on it to finetune some settings.
On the General tab, unselect Generate x86 boot image:
On the Windows PE tab select the x64 Architecture, click on the Features tab and add the following list of components:
- Dism Cmdlet
- .Net Framework
- Microsoft Data Access Components
- Winpe-PlateformID
- Windows Powershell
- Secure Boot Cmdlets
- Storage Management Cmdlet
Once the components are added, right-click on the Media item and select Update Media Content to commit all changes and generate the ISO file.
When the ISO is built, burn it to a USB key using Rufus or use it directly in a virtual machine.
Job's done, you're now able to deploy Windows 10 from the cloud !!
What's next
To make the experience even funnier, you should add a chocolatey wrapper to your task sequence, that way you could enjoy a full cloud deployment without much effort. Of course you can also set the Customsettings.ini further to remove unwanted wizard panels or to pre-stage the local admin password.
I've not yet figured out many use cases where a cloud deployment is better than using a good old media but I guess Johan will shed some light on this in his forthcoming "A Geeks Guide to Cloud Imaging" session at the Nordic Virtual Summit.
Anyway, the benefits of getting rid of WIM management is by no means insignificant, and the gap to full cloud deployment scenario with MDT is now surpassed. Not forgetting to mention that this solution does not use any deployment infrastructure and so doesn't cost an Azure penny...
Credit where credit is due
Most of the queries used to request images from Microsoft were developed by Peter Batard in a script Called Fido. Peter is also the guy responsible for a very well-established tool called Rufus.
The download part was written by Tim Small.
Finally, I want also to give a big shout out to the Friends Of MDT for putting together something that inspired me to make this small project.
Have a nice cloud deployment time!