Exam Ref 70-695 Deploying Windows Devices and Enterprise Apps (MCSE): Implement a Lite-Touch Deployment
- By Brian Svidergol
Objective 2.2: Configure MDT
The Microsoft Deployment Toolkit (MDT) provides you with the ability to prepare and customize various aspects of the deployment process. MDT enables administrators to automate deployments and minimize the time that is required to complete a deployment.
Configuring deployment shares
Deployment shares are folders that contain images and files such as drivers, applications, and scripts for use in an LTI deployment. Deployment shares can be located in a variety of locations, including:
- Local drives
- Network shared folders
- Standalone Distributed File System (DFS) folder
Deployment shares hold data that is needed for part of the deployment process, including:
- Operating systems
- Device drivers
- Task sequences
There are two methods of creating a deployment share. First, after MDT has been installed, you can use the Deployment Workbench, which has a built-in wizard that creates a shared folder as a deployment share. By default, the share will be hidden and thus end with a dollar sign. The wizard will ask for the path that the folder should reside in and accepts local and network paths, as shown in Figure 2-18. If a local path is specified, the share name can also be customized. If a network path is specified, a UNC path must be used.
FIGURE 2-18 MDT New Deployment Share Wizard, Path page
When you create deployment shares, you have a number of configuration options, which include:
- Ask If A Computer Backup Should Be Performed
- Ask For A Product Key
- Ask To Set The Local Administrator Password
- Ask If An Image Should Be Captured
- Ask If Bitlocker Should Be Enabled
The computer backup, image capture, and BitLocker options are enabled by default when using the wizard. All, none, or any combination of options can be configured when completing the wizard, which is shown in Figure 2-19. The options can be changed later. See the “Configuring customsettings.ini” section later in this chapter for additional detail.
FIGURE 2-19 MDT New Deployment Share Wizard, Options page
Alternatively, if a shared folder already exists, you can use Windows PowerShell to create a deployment share. However, before using Windows PowerShell, add the BDD snapin manually by running the Add-PSSnapIn Microsoft.BDD.PSSnapIn command. Business Desktop Deployment (BDD) is the original name for early versions of MDT, and its name is still displayed in a few places in the MDT product. The cmdlet to use to create a deployment share manually, Add-MDTPersistentDrive, requires a Windows PowerShell drive to exist, which can then be used from the Deployment Workbench. Deployment shares that are configured through Windows PowerShell are stored in a user’s profile and will automatically be opened by the Deployment Workbench. The following command is an example of a Windows PowerShell method to configure both a drive and a deployment share:
New-PSDrive -Name "DS001" -PSProvider "MDTProvider" -Root "C:\DeploymentShare" -Description "MDT Deployment Share" -Force -Verbose | Add-MDTPersistentDrive -Verbose
After a deployment share has been created, it can be used from within the Deployment Workbench, as shown in the Open Deployment Share Wizard in Figure 2-20. If the deployment share was created with the previous version of MDT, the contents of the share can be upgraded when opened for the first time by using MDT 2013.
FIGURE 2-20 Open Deployment Share Wizard, Path page
After a deployment share has been created or opened within the Deployment Workbench, your next steps include copying data to the share, such as:
- Operating systems
If you plan to perform multicast deployments by using MDT and WDS, enable multicast for the deployment share. To do so, perform the following steps:
- Open the MDT Deployment Workbench.
- Right-click the MDT Deployment Share in the left pane and then click Properties.
- In the MDT Deployment Share Properties window, on the General tab, click Enable Multicast For This Deployment Share (requires Windows Server 2008 R2 Windows Deployment Services).
- Click OK.
When adding an operating system in MDT, as shown in Figure 2-21, you have a few choices for the type of operating system that you are adding:
- A full set of source files such as those found on the installation media
- A custom image file that has been deployed and captured
All existing images available on the WDS server
FIGURE 2-21 Import Operating System Wizard, OS Type page
Operating systems can also be imported by using Windows PowerShell. To import the operating system named Windows 8 Enterprise x86 with source files that are located on the E:\ drive, run the following command:
Import-MDTOperatingSystem -Path "DS001:\Operating Systems" -SourcePath "E:\" -DestinationFolder "Windows 8 Enterprise x86"
You can also add applications and configure the type of application to add, as shown in Figure 2-22. The options include:
- Application with source files, as typically used with a local installation.
- Application without source files, or elsewhere on the network, as typically used with network installations.
Application bundle, which installs the application and the dependencies of the application.
FIGURE 2-22 New Application Wizard, Application Type page
You can also deploy applications by using Windows PowerShell. To import a package named App1 that is located on the E:\ drive and requires the command-line switch “-q”, run the following command:
Import-MDTApplication -Path "DS001:\Applications" -enable "True" -Name "App1" -ShortName "App1" -CommandLine "-q" -WorkingDirectory ".\Applications\App1" -ApplicationSourcePath "E:\" -DestinationFolder "App1"
Packages are defined as Windows packages that contain software features, updates, or hotfixes. Packages will have either a .cab or .msu file extension. You can add packages to the Deployment Workbench, as shown in Figure 2-23, for use with images and task sequences to enhance and customize a deployment further.
FIGURE 2-23 Import Package Wizard, Specify Directory page
You can also import packages by using Windows PowerShell. You can run the following command to import packages that are located in the E:\Data folder and all folders under the Data folder:
Import-MDTPackage -Path "DS001:\Packages" -SourcePath "E:\Data"
Deployment shares can also be configured to support specific platforms, or reconfigured for a different local or network path, as shown in Figure 2-24.
FIGURE 2-24 MDT Deployment Share Properties, General tab
Managing the driver pool
MDT includes a systematic approach for managing and deploying device drivers. In large environments that support multiple platforms, driver management can be a big challenge. With MDT, drivers can now be imported into the driver pool for easy sorting, versioning, and injection, ensuring that the target hardware is fully functional after the image has been deployed. Device drivers could be required to use specific hardware on a computer to which an image is being deployed or, optionally, for printers and peripherals that might be installed in the future. The Import Driver Wizard loads the drivers as specified in the associated .inf file types.
MDT will scan a specified directory for drivers, as shown in Figure 2-25.
FIGURE 2-25 Import Driver Wizard, Specify Directory page
You can also import device drivers by using Windows PowerShell. You can run the following command to import a driver that is located on the E:\Data drive:
Import-MDTDriver -Path "DS001:\Out-of-Box Drivers" -SourcePath "E:\Data" -ImportDuplicates
You can customize the Windows PE boot images for x86 and x64 platforms with drivers that have been loaded into the Deployment Workbench, as shown in Figure 2-26. You can configure the Windows PE image to include all drivers from the configured selection profile or any combination of the following settings:
- Include All Network Drivers In The Selection Profile
- Include All Mass Storage Drivers In The Selection Profile
- Include All Video Drivers In The Selection Profile
Include All System-Class Drivers In The Selection Profile
FIGURE 2-26 MDT Deployment Share Properties, Windows PE tab
Configuring task sequences
Task sequences are the steps that will be taken in order as part of an LTI deployment. An MDT task sequence uses the same task sequence engine as System Center Configuration Manager, although Configuration Manager is not required to run MDT task sequences. MDT includes a New Task Sequence Wizard, as shown in Figure 2-27, which walks you through creating a new task sequence.
FIGURE 2-27 New Task Sequence Wizard, General Settings page
MDT 2013 has the following nine default task sequence templates:
- Sysprep and Capture Runs Sysprep on a reference computer and then captures the image of that computer.
- Standard Client Task Sequence Creates and deploys reference images for computers.
- Standard Client Replace Task Sequence Runs the User State Migration Tool (USMT) backup and the optional full Windows Images backup actions. This sequence can also be used to perform a secure wipe of a computer that will be removed from the network.
- Custom Task Sequence Can be customized to meet your requirements. It has one default task, which is for an application installation.
- Standard Server Task Sequence Has default sequence for deploying server operating systems. The difference between this template and the client template is that the server template does not use USMT.
- Litetouch OEM Task Sequence Preloads operating system images onto the computer. This is normally used for factory installations but can also be used in an enterprise environment.
- Post OS Installation Task Sequence Contains tasks that should be run after the operating system installation has completed.
- Deploy to VHD Client Task Sequence Creates a virtual hard disk (VHD) on the destination computer and deploys the image to the VHD, similar to the standard client task sequence template.
- Deploy to VHD Server Task Sequence Provides the same template as the VHD client template but is used for servers.
The default task sequences are shown in Figure 2-28.
FIGURE 2-28 New Task Sequence Wizard, Select Template page
The template that you choose determines which pages of the wizard are shown to you. For example, if you select the Custom Task Sequence template, it will take you directly to the summary screen to create the task. However, if you select the Standard Client Task Sequence template, it prompts you to select the operating system, product key, operating system settings, and password. Figure 2-29 shows the Specify Product Key page of the wizard.
FIGURE 2-29 New Task Sequence Wizard, Specify Product Key page
MDT 2013 is highly customizable by using a settings configuration file. The configuration file, named customsettings.ini, contains information that will be used during an LTI deployment. To automate deployments as much as possible, you must work with the customsettings.ini file. Otherwise, you must answer several installation questions manually during deployments. A customsettings.ini file contains
The following is a sample customsettings.ini file:
[Settings] Priority=Default, MACAddress Properties=CustomProperty [Default] OSInstall=Y ScanStateArgs=/v:5 /o /c LoadStateArgs=/v:5 /c /lac UserDataLocation=NONE [00:0F:20:35:DE:AC] CustomProperty=TRUE
When customizing a customsettings.ini file, the only section that is required is Settings. All the other sections in the file are optional. The optional settings can set the configuration for either an individual computer, as identified by the MAC address, or a group of computers, as identified by a specified characteristic such as the make, model, or geographic location.
The properties that can be defined in the customsettings.ini file are predefined in the ZTIGather.wsf file, which is used for both Zero Touch Installation (ZTI) and LTI deployments, and automatically sets the values for properties that can be defined. You can run the ZTIGather.wsf script on computers, which then outputs a very large amount of data about the computers, to ensure that you use the right values for properties in the customsettings.ini file. When customizing a customsettings.ini file, ensure that all the properties you use are considered customizable.
Although the way properties are used for both ZTI and LTI deployments are similar, some properties are unique for each deployment scenario. In an LTI deployment, most of the properties relate to the deployment wizard, such as
- Deployment shares store information used during a deployment.
- Deployment shares can have operating systems, packages, applications, and device drivers.
- Windows PowerShell can be used to configure components of a deployment share.
- You can use packages, applications, and device drivers to streamline the update process of an operating system deployment.
- Device drivers can be used with specific Windows PE selection profiles.
- Task sequences can be used to customize a deployment.
- Nine task sequence templates are available to customize a deployment.
- The customsettings.ini file provides additional customization capabilities, which can help automate more of the deployment process.
Answer the following questions to test your knowledge of the information in this objective. You can find the answers to these questions and explanations of why each answer choice is correct or incorrect in the “Answers” section at the end of this chapter.
MDT task sequences use the same engine as which other product?
- Windows Server 2012
- System Center 2012 R2 Configuration Manager
- Exchange Server 2013
- SharePoint Server 2013
You need to automate several aspects of a deployment to minimize the number of manual deployment steps required. Which file should you use?
You have an existing MDT deployment share. You deploy a new MDT server. You need to add the existing share to the new MDT server. What should you do?
- In the MDT console, create a new deployment share and specify the path to the existing deployment share.
- In the MDT console, open the existing deployment share.
- Run the Add-MDTPersistentDrive Windows PowerShell command.
- Run the Get-MDTPersistentDrive Windows PowerShell command.
Which storage locations can a deployment share be located on? (Choose all that apply.)
- Network share
- Local storage
- Microsoft Access database
- SQL Server database
You are attempting to run the Get-MDTDeploymentShareStatistics command on your MDT server, but an error message appears. The error is “Get-MDTDeploymentShareStatistics : The term ‘Get-MDTDeploymentShareStatistics’ is not recognized as the name of a cmdlet, function, script file, or operable program.” You need to be able to run MDT Windows PowerShell commands. What should you do?
- Run the Import-Module Microsoft.BDD.PSSnapIn command.
- Run the Add-PSSnapIn Microsoft.BDD.PSSnapIn command.
- At the Windows PowerShell prompt, change the directory to C:\Windows\System32.
- Open the Windows PowerShell prompt as Administrator.