Windows 10 WAIK Image (.wim) Preparation

Aim of this guide

This guide will walk through the steps I’ve taken to create a deployable Windows 10 Enterprise .wim image which can then be used to deploy Windows 10 across our domain via our PXE environment.

Prepare a machine with Windows 10

The first step is to create an Autounattend.xml file which will be copied to a USB Pen drive and attached to a target test machine, in this case a Dell 9020 along with the Windows 10 Enterprise DVD. The presence of this file in an attached USB Pen drive will cause the installation of Windows 10 to become automated and will force the machine into [Audit Mode], which is where we can begin stripping out the unwanted Windows 10 Apps before sysprep-ing and powering down the machine.

One thing to note is that this answer file formats the disk under the GPT scheme, NOT MBR. So if you have an MBR formatted drive you’ll need to first reformat it as GPT. This can be completed using the Windows 10 Installation DVD by pressing SHIFT+F10 when booting from the DVD to open a command prompt followed by:

diskpart
list disk
select disk 0 

(where disk 0 is your target deployment disk indicated from list disk)

clean
covert gpt

I’m assuming that you’ve installed the [Deployment Tools] and, optionally the [Windows Preinstallation Environment] from the  Windows 10 Automated Deployment Toolkit [https://technet.microsoft.com/en-us/itpro/windows/deploy/windows-deployment-scenarios-and-tools] on your development machine, in my case this is our Windows Server.

Launch [as Administrator] the Windows System Image Manager

It will need a valid [install.wim] from the [sources] directory of a LTSB release of Windows 10.
Create an answer file with the following components and settings:

1 windowsPE:

  • amd64_Microsoft-Windows-Internationl-Core-WinPE_neutral
    InputLocale= en-GB
    SystemLocale= en-GB
    UILanguage= en-US
    UserLocale= en-GB
    -> SetupUILanguage
    UILanguage= en-US
    WillShowUI= OnError
  • amd64_Microsoft_Windows_Setup_neutral
    ->->DiskConfiguration
    WillShowUI= OnError
    ->->-> Disk[DiskID=”0″]
    Action= AddListItem
    DiskID= 0
    WillWipeDisk= True
    ->->->-> CreatePartitions
    ->->->->-> CreatePartition[Order=”1″]
    Action= AddListItem
    Extend= False
    Order= 1
    Size= 500
    Type= Primary
    ->->->->-> CreatePartition[Order=”2″]
    Action= AddListItem
    Extend= False
    Order= 2
    Size=
    Type= Primary
    ->->->-> ModifyPartitions
    ->->->->-> ModifyPartition[Order=”1″]
    Action= AddListItem
    Active= true
    Extend= false
    Format= NTFS
    Label= System
    Letter= S
    Order= 1
    PartitionID= 1
    ->->->->-> ModifyPartition[Order=”2″]
    Action= AddListItem
    Active= true
    Extend= false
    Format= NTFS
    Label= Windows
    Letter= C
    Order= 2
    PartitionID= 2
    ->->ImageInstall
    ->->->OSImage
    WillShowUI= OnError
    ->->->-> InstallTo
    DiskID= 0
    PartitionID=  2
    ->->UserData
    AcceptEula= true
    ->->->ProductKey
    WilLShowUI= never

4 specialize:

  • amd64_Microsoft-Windows-Deployement_neutral
    -> RunAsynchronous
    ->-> RunAsynchronousCommand[order=”1″]
    Action= AddListItem
    Order= 1
    path= net user administrator /active:yes
  • amd64_Microsoft-Windows-Security-SPP-UX_neutral
    SkipAutoActivation= true
  • amd64_Microsoft-Windows-Shell-Setup_neutral
    ComputerName= Replaceme1
    DisableAutoDaylightTimeSet= false
    RegisteredOrganisation= <<YOUR COMPANY HERE>>
    RegisteredOwner= <<YOUR DEPARTMENT HERE>>
    ShowPowerButtonOnStartScreen= true
    ShowWindowsLive= false
    SignInMode= 1
    TimeZone= GMT Standard Time
    -> OEMInformation
    HelpCustomized= false
    SupportHours= <<YOUR WORKING HOURS HERE>>
    SupportPhone= <<YOUR PHONE NUMBER HERE>>
    SUPPORTURL= <<YOUR SUPPORT WEBSITE HERE>>

7. oobeSystem:

  • amd64_Microsoft-Windows-Deployement_neutral
    -> Reseal
    Mode= Audit
  • amd64_Microsoft-Windows-Shell-Setup_neutral
    ShowWindowsLive= false
    SignInMode= 1
    TimeZone= GMT Standard Time
    -> AutoLogon
    Enabled= true
    LogonCount= 5
    Username= Administrator
    -> OOBE
    HideEULAPage= true
    HideLocalAccountScreen= true
    HideOEMRegistrationScreen= true
    HideOnlineAccountScreens= true
    HideWirelessSetupInOOBE= true
    NetworkLocation= Work
    ProtectYourPC= 1
    -> UserAccounts
    ->-> AdministratorPassword
    Value= <<YOUR PASSWORD HERE>>

Save the file and then copy it to a USB Pen drive and attach it to the target test machine along with the Windows 10 DVD, power on and boot from DVD then make a cuppa while the system installs.

Once the installation has completed you should be logged in as the Administrator in Maintenance mode with a Sysprep GUI window open on-screen.

Now you can begin configuring applications and programs that you want to be installed or removed for all systems.

 

Remove Apps from the Windows 10 Audit Mode Machine

To remove apps from Windows 10 you can use PowerShell commands:

 

Uninstall Calendar and Mail: Get-AppxPackage *windowscommunicationsapps* | Remove-AppxPackage
Uninstall Get Office: Get-AppxPackage *officehub* | Remove-AppxPackage
Uninstall Get Skype: Get-AppxPackage *skypeapp* | Remove-AppxPackage
Uninstall Get Started: Get-AppxPackage *getstarted* | Remove-AppxPackage
Uninstall Groove Music: Get-AppxPackage *zunemusic* | Remove-AppxPackage
Uninstall Microsoft Solitaire Collection: Get-AppxPackage *solitairecollection* | Remove-AppxPackage
Uninstall Money: Get-AppxPackage *bingfinance* | Remove-AppxPackage
Uninstall Movies & TV: Get-AppxPackage *zunevideo* | Remove-AppxPackage
Uninstall News: Get-AppxPackage *bingnews* | Remove-AppxPackage
Uninstall OneNote: Get-AppxPackage *onenote* | Remove-AppxPackage
Uninstall People: Get-AppxPackage *people* | Remove-AppxPackage
Uninstall Phone Companion: Get-AppxPackage *windowsphone* | Remove-AppxPackage
Uninstall Photos: Get-AppxPackage *photos* | Remove-AppxPackage
Uninstall Store: Get-AppxPackage *windowsstore* | Remove-AppxPackage
Uninstall Sports: Get-AppxPackage *bingsports* | Remove-AppxPackage
Uninstall Weather: Get-AppxPackage *bingweather* | Remove-AppxPackage
Uninstall Xbox: Get-AppxPackage *xboxapp* | Remove-AppxPackage

 

Remove / Install Any Other Applications & Sysprep

Complete any other software installations or removals you require and then prepare an “unattend.xml” answer file which will be used to configure the system the image is deployed to.

TODO : Details of initial unattend.xml

Copy the “unattend.xml” file to:

C:\Windows\System32\Sysprep\unattend.xml

Then sysprep the target machine using the following command:

C:\windows\system32\Sysprep\sysprep.exe /generalize /oobe /shutdown /unattend:"C:\Windows\System32\Sysprep\unattend.xml"

Image the target machine, capture that .wim!

The next stage is to image the now shutdown machine’s partitions into .wim files. I created a bootable .iso file using the Windows 10 Automated Deployment Toolkit and then copied in the DISM folder (which includes the imagex.exe utility) into the ISO.

Copied from https://msdn.microsoft.com/en-us/windows/hardware/commercialize/manufacture/desktop/winpe-create-a-boot-cd-dvd-iso-or-vhd :

Install the Windows ADK

  • Install the following features from the Windows Assessment and Deployment Kit (ADK):
    • Deployment Tools: includes the Deployment and Imaging Tools Environment.
    • Windows Preinstallation Environment : includes the files used to install Windows PE.

Install Windows PE to a DVD, a CD, or an ISO file

  1. Click Start, and type deployment. Right-click Deployment and Imaging Tools Environment and then select Run as administrator.
  2. Create a working copy of the Windows PE files. Specify either x86 or amd64:
    copype amd64 C:\WinPE_amd64
    
  3. Create an ISO file containing the Windows PE files:
    MakeWinPEMedia /ISO C:\WinPE_amd64 C:\WinPE_amd64\WinPE_amd64.iso
    
  4. To burn a DVD or CD: In Windows Explorer, right-click the ISO file, and select Burn disc image > Burn, and follow the prompts.

 

You can either burn that ISO to a CD or use an ISO virtual drive such as the Zalman ZM-VE400 http://www.zalman.com/contents/products/view.html?no=161 to boot from.

Attach another larger disk drive to the system, or map a network drive from within the Windows 10 PE (Live) environment you’ve booted into and then run the following commands to image the partitions:

  1. Identify the volume letter assigned to the SYSTEM and WINDOWS partitions using the following commands:
    Diskpart
    list vol

    TODO* : IMAGE OF list vol OUTPUT

 

https://technet.microsoft.com/en-us/magazine/hh825626.aspx

 

start /w wdsutil –Export-Image /image:W7SP1 /imageType:Install /imageGroup:W7SP1 /destinationImage /filePath:c:\dism\patchMe.wim /overwrite:yes
start /w dism /mount-wim /wimfile:c:\dism\patchMe.wim /mountdir:c:\dism\mount /index:1
start /w for /R C:\WSUS\WsusContent %f in (*.cab) do dism /image:c:\dism\mount /add-package /packagepath:"%f"
start /w dism /unmount-wim /mountdir:c:\dism\mount /commit
start /w wdsutil –Replace-Image /image:W7SP1 /imageType:Install /imageGroup:W7SP1 /replacementImage /imageFile:c:\dism\patchMe.wim

Manage System restore and Shadow Copies from the command line

thanks to http://www.ghacks.net/2012/10/05/manage-system-restore-from-the-command-line/

  • vssadmin list shadows – This command lists all existing shadow copies on the system
  • vssadmin delete shadows /for=c: /oldest – This command deletes the oldest shadow copy on drive C
  • vssadmin delete shadows /for=d: /all – This command deletes all existing shadow copies on drive D
  • vssadmin delete shadows /for=c: /shadow=ID – Deletes the selected shadow copy. The IDs are listed when you use the list shadows command.
  • vssadmin resize shadowstorage /for=c: /maxsize=2GB – Sets the shadow storage for drive C to 2 Gigabyte. May delete existing restore points starting with the oldest if space is not sufficient to store all System Restore points

WAIK Disable UAC

Addition to WAIK sysprep xml to disable UAC

 http://social.technet.microsoft.com/Forums/en-US/dc625f8b-9a51-4dc0-a573-8cc23cee12f8/can-uac-be-disabled-via-unattendxml-for-server-2008-deployments?forum=mdt

<component name=”Microsoft-Windows-Deployment” processorArchitecture=”amd64″ publicKeyToken=”31bf3856ad364e35″ language=”neutral” versionScope=”nonSxS” xmlns:wcm=”http://schemas.microsoft.com/WMIConfig/2002/State” xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”>
<RunSynchronous>
<RunSynchronousCommand wcm:action=”add”>
<Order>1</Order>
<Path>net user administrator /active:yes</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action=”add”>
<Order>2</Order>
<Path>cmd /c reg add HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem /v EnableLUA /t REG_DWORD /d 0 /f</Path>
<Description>Disable EnableLUA</Description>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action=”add”>
<Order>3</Order>
<Path>cmd /c reg add HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f</Path>
<Description>ConsentPromptBehaviorAdmin</Description>
</RunSynchronousCommand>
</RunSynchronous>
</component>

 

Wise exe switches

Ripped directly from http://www.symantec.com/connect/blogs/wisescript-command-line-options

NOTE: I did find for Aleph that when running the uninstaller (unwise32.exe) I needed to use the shorthand C:Progra~1<<INSTALLDIR>>INSTALL.LOG syntax for it to find the log file.

[expand Title=”You can apply the following command line options to the WSE file. Command line options let you compile as well as set properties.”]

/c file.wse
Compiles the installation script.
/c /s file.wse
Compiles the installation script silently. You can use this option with the /d option.
WiseScript Installations Command Line Options

You can apply the following command line options to compiled .EXE files.

/M
Runs the installation in manual mode, prompting for system directories (examples: Windows, System).
/M=filename
Specifies a value file for installation.
/S
Installs in silent (automatic) mode with no end user choices.
Uninstall Command Line Options

You can apply the following command line options to the WiseScript Express uninstall executable file, unwise.exe or unwise32.exe.

/Z
Removes empty directories, including the one containing Unwise.
/A
Automatic mode. The Wise splash screen appears on the destination computer, and the uninstall proceeds immediately with no end user choices, except for questions about uninstalling shared files.
/S
Silent mode. The uninstall proceeds silently with no splash screen, no dialogs, and no end user choices.
/R
Rollback mode.
/U
Removes the Select Uninstall Method dialog, which means the end user does not see options for a custom, automatic, or repair uninstall.
When you use command line options for the uninstall program, you must send it the path to the log file as a parameter. It must be the log file that is in the same folder as unwise.exe. If the path to the log file contains spaces, it must be surrounded by quotation marks.

Example:
“C:Program FilesApplicationUNWISE.EXE” /A “C:Program FilesApplicationINSTALL.LOG” Application Uninstall[/expand]

Windows Automated Installation using WAIK and PXELinux

This will be a rather lengthy initial post describing the process by which I’ve:

  1. Automated the installation of a Windows 7 PC using the WAIK scripted installation method
  2. Captured an image (.wim file) of the Windows 7 installed PC
  3. Injected drivers into the .wim file
  4. Automated the offline injection of Windows updates into the .wim file every month

PXE Windows PE covered in http://www.monkeyandlamb.co.uk/itblog/pxelinux-windows-pe

_____________________________________________________________________________________

1. Automated the installation of a Windows 7 PC using the WAIK scripted installation method

The first task was to automate the installation of a Windows 7 PC using an answer file, the WAIK tools enable the creation of such a file and a great guide can be found on technet:
http://technet.microsoft.com/en-us/library/dd349348(v=ws.10).aspx 

I used the above article and some other sources online to create a “Autounattend.xml” file <<LINK TBC>> which when dropped onto a USB stick and attached to the target machine allowed automatic installation of Windows 7 Ent SP1 just by booting from the DVD.

This got me into “Audit” mode which is a pre-sysprep mode enabling me to make some basic additions to the machine before imaging.

I first installed the drivers that were missing and then rebooted (automatically returning to “Audit” mode!).

Next is ran the cmd “winsat prepop” which runs the Windows Assessment tool and allows Aero themes to run.

I then changed to the default aero theme and installed the VMWare tools drivers so they don’t nerf physical installations!!!

Finally I created the directory “C:WindowsSetupScripts” and copied my own personalised “SetupComplete.cmd” file which is just a batch file I created to clear the Autounattend.xml files from the system and then execute a registry key deletion by inserting a key that’s copied onto the target machines root C: drive by the PXELinux imaging process and finally to install our package deployment software (WPKG) if required and then to reboot.

If nothing else it’s definitely worth removing the Unattend.xml files used during the automated installation as these could contain delicate information:

del /Q /F c:windowssystem32sysprepunattend.xml
del /Q /F c:windowssystem32syspreppantherunattend.xml
del /Q /F c:windowspantherunattend.xml

The last step is to sysprep the machine specifying the Unattend.xml file you plan to use to deploy the image to your target machine(s).
Note: this is very different to the “audit mode” Autounattend.xml crafted and used to create this initial base image.

The sysprep command I used (after copying Unattend.xml into “C:\Windows\System32\Sysprep” dir was:

C:\windows\system32\sysprep\sysprep.exe /generalize /oobe /shutdown /unattend:"C:\windows\system32\sysprep\unattend.xml"

_____________________________________________________________________________________

2.  Capture an image (.wim file) of the Windows 7 installed PC

Booting from the Win 7 PXE image with imagex.exe included now allows imaging of the target machine.

Need to ensure you have suitable media to save disk .wim image to.

imagex is very easy to learn with /? for my project I needed both the Windows 7 SYSTEM partition and the PRIMARY OS partition. so two commands were required:


imagex.exe /capture C: Z:\disk-image-SYSTEM.wim /compress fast /verify "disk-image-SYSTEM"

imagex.exe /capture D: Z:\disk-image-PRIMARY.wim /compress fast /verify "disk-image-PRIMARY"

 

To continue to tidy up the image after injecting drivers and updates it needs to be re compressed occasionally:

 

imagex /export “G:\DeploymentShare\Operating Systems\ED\ED.wim” 1 c:\ED.wim /compress maximum