The following items will be required:
- Windows Deployment Services (WDSS) is a Windows server role that allows you to boot and deploy operating system images over the network.
- Microsoft Deployment Toolkit (MDT) 2013 Update (https://www.microsoft.com/en-sg/download/details.aspx?id=50407) — utility for automating the deployment of operating systems for servers and client workstations (only MDT 2013 Update 1 supports Windows 10);
- The Windows Assessment and Deployment Kit (Windows ADK) for Windows 10 is a new set of tools for customising, evaluating, and deploying Windows to new machines (https://go.microsoft.com/fwlink/p/?LinkId=526740).
- Windows 10 source files are included in the Windows 10 distribution (ISO image or installation disc).
Role installation for Windows Deployment Services
First and foremost, the Windows Deployment Services role must be installed on Windows Server 2012 R2. This is done through the Server Manager console. Set the checkbox at the Windows Deployment Services item in the list of roles and then press Next.
Windows 10 source files are included in the Windows 10 distribution (ISO image or installation disc).
In the WDS Role Services component select to install Deployment Server and Transport Server services.
Run the installation of WDS role (it takes about 2-3 minutes).
Tip. Also you can perform installation of Windows Deployment Services role using this PowerShell command:
Install-WindowsFeature -Name WDS -IncludeManagementTools
Microsoft Deployment Toolkit Installing
Install Microsoft Deployment Toolkit (MDT) 2013 Update 1 with the default settings. Just download it and run as administrator file MicrosoftDeploymentToolkit2013_x64.msi.
Installing Windows Assessment and Deployment Kit
Now we need to install Windows Assessment and Deployment Kit (Windows ADK) for Windows 10. Download and run file adksetup.exe.
Select install path (by default C:\Program Files (x86)\Windows Kits\10)
From the ADK features list, check following:
- Deployment tools – using for Windows image customization at automate installation;
- Windows Preinstallation Environment (Windows PE) – Win PE environment – minimal OS, which developed to prepare computer to installation or servicing of Windows image;
- User State Migration tool (USMT) – set of tools to migrate user data between different computers and domains.
Install the Windows ADK on your computer.
Next, we’ll need the source files for Windows 10 distribution (in this case, Windows 10 x64 Pro). Because MDT won’t let you work directly with ISO files, you’ll have to manually extract source files. The simplest method is to mount Windows 10 ISO installation disc (SW DVD5 Win Pro 10 1511 64BITMLF X20-82454.iso) to a virtual drive using a separate File Explorer (right click on ISO file and select Mount).
Performing MDT 2013 Configuration to Deploy Windows 10
We are ready to MDT 2013 start configuring. Launch Deployment Workbench console, right click on Deployment Share and create new once (New Deployment Share).
Using Deployment Share Wizard select deployment share path (C:\DeploymentShare).
Change the deployment share name or leave it as default (DeploymentShare$) and click on Next.
The character “$” in the name of a network shared folder indicates that it is hidden from network users.
Open the folder C:DeploymentShare when the wizard has finished.
The images of operating systems, drivers, settings, and application packages are stored in this area. This folder is movable, so you can move it to another MDT server.
Consider the following MDT Deployment Share directories:
Application installation files (MS Office, Adobe Reader, etc.) are saved here and will be installed on the deployed system.
Operating Systems – image files for operating systems;
Device Drivers (Out-of-Box) — a directory containing device drivers;
Packets – update the packets;
Task Sequences – a directory of tasks;
Tools – a standard directory containing a number of utilities that can be utilised during the deployment process.
To let all network clients to connect to the newly formed network share, add the Everyone group with Read access permissions to the folder DeploymentShare$’s Share permissions.
After that, we’ll need to import a Windows 10 image. MDT supports the import of operating system images from Windows source files, wim files, and wds images.
MDT Deployment share > Expand branch Deployment Shares Select Import Operating System from the right-click menu on the Operating Systems item.
Select Full set of source files and choose drive with mounted Windows 10 ISO image.
Enter destination directory name.
Wizard will copy Windows 10 source files to the folder C:\DeploymentShare\Operating Systems\Windows10Prox64.
Now in Operating Systems section you will see now the image of Windows 10 Pro x64.
Putting Together an MDT Deployment Task Sequence
The next step is to establish a new Task Sequence, which is a collection of instructions that must be followed when installing Windows (installation of drivers, applications, system settings, apps updates, run custom scripts etc.).
Select New Task Sequence from the Task Sequences menu by right-clicking on the item.
Enter DeloyWin10x64 for the Task sequence ID and “Deploy Windows 10 x64” as the Task sequence name.
Select OS to deploy using this task sequence (Windows 10 Pro x64).
Specify product key. You can either skip entering Windows key or specify GVLK, MAK or retail Windows key.
Set a password for the local administrator of the operating system that will be installed.
Keep in mind that the password is contained in the Unattend.xml file as plain text.
Open the properties of the task you just created and make sure it’s enabled and ready to run on any platform.
The Task Sequence tab displays the processes for installing the operating system on the client (steps based on the previously selected sequence template). We’re going to leave everything default this time.
Next run Update Deployment Share. MDT will generate boot images and configuration for deploying operating system.
Choose Completely regenerate the boot image for the first time (directory C:DeploymentShareBoot is empty) and wait for the image generation to complete (this can take a few minutes).
In folder C:\DeploymentShare\Boot ISO wim images will be generated, based on Windows PE for x86 and x64 platforms. You can use ISO files to directly boot physical or virtual machines, or WIM files to use it with Windows Deployment Services for PXE boot and network deploy of Windows Images.
Using the Windows Deployment Services role to configure boot images
Now we must configure the WDS server role to respond to PXE boot requests from clients.
Expand the Servers node, right-click on your server name, and select Configure Server from the Windows Deployment Services console (Server Manager > Tools > Windows Deployment Services).
Select Standalone WDS Server, independent from an Active Directory.
Leave remote installation folder location by default (C:\RemoteInstall).
On PXE settings screen, select Respond to all client computers (known and unknown).
Tip. In an Active Directory domain environment its much more secure to select Respond only to known client computer.
Uncheck the box – Add images to the server now.
The green arrow icon on the WDS server says that it is up and running.
The next step is to add the boot images we prepared earlier with MDT to the WDS server.
Add boot image by right-clicking on Boot Image.
Browse to C:\DeploymentShare\Boot folder and select file LiteTouchPE_x86.wim and then LiteTouchPE_x64.wim.
The LiteTouch WindowsPE (X86) and (x64) images were found in the list of WDS boot images, as you can see.
The final step is to enter WDS server properties and navigate to the Boot tab.
Safest requires the user to press the F12 key to use PXE boot to avoid accidentally loading clients through PXE and deploying Windows. Select Require the user to hit the F12 key to continue the PXE boot in the PXE Boot Policy section. You’ll be prompted to press the F12 key to continue booting over the network if you choose this option when commencing the PXE boot. The PXE boot will be cancelled if the keystroke does not occur within a given amount of time, and the computer will attempt to boot using the boot method next in the BIOS boot priority list.
Note that the option Always continue the PXE boot means that the PXE boot will continue even if no key is pressed. The option “Continue the PXE boot unless the user touches the ESC key” means that the network boot will continue if the user does not press the ESC key after a set amount of time.
Choose between x86 and x64 architectures for default boot images (including UEFI architecture).
All other WDS server settings leave by the default.
Restart WDS service via Console (All tasks > Restart).
Important. As in our test setup for this article, the WDS server and the client machine that we wish to install through PXE must be in the same IP subnet (VLAN). If the client computer and WDS server are on different networks, IP Helper and additional DHCP server options 60 and 67 must be configured.
Adding Device Drivers to the MDT
With MDT, you can install any device drivers on your computers during the deployment of a Windows 10 image. Right-click the Out-of-Box Drivers folder and select New Folder.
Give the folder a name (you can create driver folders by OS version or by the computer model). Then pick Import Drivers from the context menu of the newly created folder. Specify the source directory, which contains the driver files, in the window that appears (it is important that drivers are needed in unpacked form, i.e., in the form of a folder in which .inf files are located in). Select Next > Next > Finish from the drop-down menu.
Carry out these instructions for any device that Windows 10 could not locate a driver for (do not forget that there are 32 and 64-bit drivers for different versions of Windows 10).
After the drivers have been added, the deployment share must be updated. Drivers will be installed immediately on the deployed Windows 10 PC. There is nothing else that has to be done. The default method for detecting PnP ID drivers is utilised.
If your MDT server has a lot of drivers for multiple devices, it’s a good idea to link the hardware drivers to different device types and/or OS versions to speed up the OS deployment.
In MDT 2013, you must use filtering with Selection Profiles to accomplish this. You must establish a selection profile for each driver folder after importing the drivers. Then pick the proper directory with drivers in the Out of Box Drivers folder (Advanced Configuration > Selection Profiles > New Selection Profile > Windows 10 x64)
Add a custom Task Sequence in the Preinstall stage to your deployment Task Sequence with the type Inject Drivers.
Then in the Task Sequence settings at the Preinstall stage, select the correct profile and enable the Install only matching drivers from the selection profile option.
When booting over the network, the computer boots using the boot image obtained from the WDS server. If the boot image doesn’t contain the required network card drivers, then the computer won’t be able to connect to the WDS server to select and then boot the Windows 10 installation image. Therefore, for some computer models, you need to inject an additional network drivers using the MDT management console (to the LiteTouchPE_x64.wim and LiteTouchPE_x86 .wim images).
In addition, you can integrate drivers into a WIM image file or copy them into the $OEM$ subfolder, and specify the path to it in the autounattend.xml file.
It’s worth noting that while the unattend.xml answer file can be included in the WIM image by placing it in the percent WINDIR percent PantherUnattend folder, MDT requires a separate external file to run inside the Task Sequence.
Deployment of Windows 10 over the Internet is being tested.
We’re now ready to test network clients booting from the WDS server via the LAN (PXE boot). We use a virtual machine running on the VMWare ESXi hypervisor for this test. To initiate network booting from PXE, start the VM and press F12 many times.
To start the network service, press F12.
Tip. Because Boot screens on VMs appear very quickly, it is almost impossible to have time to press F12. So we need to set the highest priority to boot device Network boot from Intel E1000 in BIOS of VM.
Machine will connect to WDS server and show you a list of available Windows PE boot media. In standard Windows Boot Manager dialog select desired operating system to boot from. Select to boot Lite Touch Windows PE (x86).
it was also necessary to specify UNC path to the network folder DeploymentShare$ on MDT server (\\10.1.1.170\DeploymentShare$) and user credential to access it.
It remains to choose desired Task Sequence that you created earlier in your MDT 2013 (Deploy Windows 10 x64) and start a network deployment of Windows 10 Image on this computer.