In this article we will show you how to install and configure WDS role, MDT 2013 and Windows ADK on Windows Server 2012 R2 and use it to network PXE (Preboot Execution Environment) boot of client’s computers for Windows 10 Image basic deployment through the network (deploy Windows 10 with MDT).
How to Deploy Windows 10 with MDT 2013?
We will need the following components:
- Windows Deployment Services – Windows server role, used to boot and deploy operating systems images through the network;
- Microsoft Deployment Toolkit (MDT) 2013 Update ( https://www.microsoft.com/en-us/download/details.aspx?id=48595) – tool to automate the deployment of operating systems for servers and client workstations (Windows 10 support was added only in MDT 2013 Update 1);
- Windows Assessment and Deployment Kit (Windows ADK) for Windows 10 (https://go.microsoft.com/fwlink/p/?LinkId=526740) is a new set of tools for customizing, evaluation and deployment Windows to new computers;
- Windows 10 distribution (ISO image or installation disc) – Windows 10 source files.
Installing Windows Deployment Services role
First of all, you need to install Windows Deployment Services role on Windows Server 2012 R2. This can be done via Server Manager console. In the list of roles, you need to set checkbox at the Windows Deployment Services item and press Next.
In the WDS Role Services component select to install Deployment Server and Transport Server services.
Run the installation of WDS role (it takes about 2-3 minutes).
Tip. Also you can perform installation of Windows Deployment Services role using this PowerShell command:
Install-WindowsFeature -Name WDS -IncludeManagementTools
Microsoft Deployment Toolkit Installing
Install Microsoft Deployment Toolkit (MDT) 2013 Update 1 with the default settings. Just download it and run as administrator file MicrosoftDeploymentToolkit2013_x64.msi.
Installing Windows Assessment and Deployment Kit
Now we need to install Windows Assessment and Deployment Kit (Windows ADK) for Windows 10. Download and run file adksetup.exe.
Select install path (by default C:\Program Files (x86)\Windows Kits\10\)
From the ADK features list, check following:
- Deployment tools – using for Windows image customization at automate installation;
- Windows Preinstallation Environment (Windows PE) – Win PE environment – minimal OS, which developed to prepare computer to installation or servicing of Windows image;
- User State Migration tool (USMT) – set of tools to migrate user data between different computers and domains.
Run Windows ADK installation.
Next we will need Windows 10 distribution source files (in our example – Windows 10 x64 Pro). MDT does not allow you to work directly with the ISO files, so you need to manually extract source files. The easiest way is to mount Windows 10 ISO installation media (SW_DVD5_Win_Pro_10_1511_64BITMLF_X20-82454.iso) from a separate File Explorer to a virtual drive (right click on ISO file and select Mount).
Performing MDT 2013 Configuration to Deploy Windows 10
We are ready to MDT 2013 start configuring. Launch Deployment Workbench console, right click on Deployment Share and create new once (New Deployment Share).
Using Deployment Share Wizard select deployment share path (C:\DeploymentShare).
Change the deployment share name or leave it as default (DeploymentShare$) and click on Next.
Tip. Character “$” in the name of share means that the network shared folder is hidden from network users.
After the end of the wizard, open the folder C:\DeploymentShare.
This directory stores the images of operating systems, drivers, settings, and application packages. This folder is portable and it can be transferred to other MDT server.
Consider the main directories in MDT Deployment Share:
- Applications – application installation files are stored here (MS Office, Adobe Reader, etc.) which will be installed on the deployed system;
- Operating Systems – operating system image files;
- Out-of-Box Drivers – directory with device drivers;
- Packages – update packages packs;
- Task Sequences – task directory;
- Tools – a typical directory with various utilities that can be used in the deploying process.
To allow all network clients to connect to the created network share, you need in Share permissions of folder DeploymentShare$, add Everyone group with Read access permissions.
Next we need to import image of Windows 10. MDT allows you to import operating system image from the Windows source files, wim file or wds image.
Expand branch Deployment Shares -> MDT Deployment share. Right click on Operating systems item and select Import Operating System.
Select Full set of source files and choose drive with mounted Windows 10 ISO image.
Enter destination directory name.
Wizard will copy Windows 10 source files to the folder C:\DeploymentShare\Operating Systems\Windows10Prox64.
Now in Operating Systems section you will see now the image of Windows 10 Pro x64.
Creating MDT Deployment Task Sequence
At the next step you must create new Task Sequence, which represents a bunch of instructions needed to be performed when deploying Windows (installation of drivers, applications, system settings, apps updates, run custom scripts etc.).
Right click on Task Sequences item and select New Task Sequence.
Enter DeloyWin10x64 for the Task sequence ID and “Deploy Windows 10 x64” as the Task sequence name.
Select from the drop-down list one of predefined sequence template. This time we are choosing Standard Client Task Sequence.
Select OS to deploy using this task sequence (Windows 10 Pro x64).
Specify product key. You can either skip entering Windows key or specify GVLK, MAK or retail Windows key.
Specify local administrator password for the operating system being deployed.
Tip. Keep in mind, that the password is stored as a plain text in the Unattend.xml file.
Open properties of the created task and check that it is enabled and available to run on any platforms.
At Task Sequence tab you can see the sequence of steps for deploying operating system on the client (steps based on the previously selected sequence template). This time we will leave it all by the default.
Next run Update Deployment Share. MDT will generate boot images and configuration for deploying operating system.
At first time (directory C:\DeploymentShare\Boot is empty) choose Completely regenerate the boot image and wait till the image generation will be finished (this can take a few minutes).
In folder C:\DeploymentShare\Boot ISO wim images will be generated, based on Windows PE for x86 and x64 platforms. You can use ISO files to directly boot physical or virtual machines, or WIM files to use it with Windows Deployment Services for PXE boot and network deploy of Windows Images.
Tip. We need only wim files (LiteTouchPE_x64.wim and LiteTouchPE_x86.wim) to use PXE booting.
Configuring Boot Images using Windows Deployment Services role
Now we need to configure WDS server role to respond on the clients PXE boot requests.
Open Windows Deployment Services console (Server Manager -> Tools -> Windows Deployment Services), expand Servers node, right click on your server name and select Configure Server.
Select Standalone WDS Server, independent from an Active Directory.
Leave remote installation folder location by default (C:\RemoteInstall).
On PXE settings screen, select Respond to all client computers (known and unknown).
Tip. In an Active Directory domain environment its much more secure to select Respond only to known client computer.
Uncheck the box – Add images to the server now.
The green arrow icon on the WDS server says that it is up and running.
Next we need to add boot images to WDS server, created earlier by using MDT.
Right click on Boot Image –> Add boot image.
Browse to C:\DeploymentShare\Boot folder and select file LiteTouchPE_x86.wim and then LiteTouchPE_x64.wim.
As you can see, LiteTouch WindowsPE (X86) and (x64) images appeared in the list of WDS boot images.
And the last thing we need to do is open WDS server properties and go to the Boot tab.
To prevent accidental loading of clients through PXE and deploying Windows, safest require the user to press the F12 key to use PXE boot. So in PXE Boot Policy section select Require the user to press the F12 key to continue the PXE boot. If you select this option when starting the PXE boot, you will be prompted to press the F12 key to continue booting over the network. If the keystroke does not occur for a certain period of time, the PXE boot will be canceled and the computer will attempt to boot using the boot method next in the BIOS boot priority list.
Note. The option Always continue the PXE boot means that the PXE boot will continue without any need to press a key. The “Continue the PXE boot unless the user presses the ESC key” indicates that the network boot will continue if the user didn’t press the ESC key for a certain time.
Select default boot images for x86 and x64 architectures (including UEFI architecture).
All other WDS server settings leave by the default.
Restart WDS service via Console (All tasks ->Restart).
Important. WDS server and the client computer that we want to deploy via PXE must be placed in the same IP subnet (VLAN), like in our test environment for this article. If the client computer and WDS server are located on different networks, it is necessary to configure IP Helper and additional DHCP server options 60 and 67.
Adding Device Drivers to the MDT
With MDT, you can install any device drivers on your computers during the deployment of a Windows 10 image. Right-click the Out-of-Box Drivers folder and select New Folder.
Specify the folder name (you can create driver folders by OS version or by the computer model). Then right-click on the created folder and select Import Drivers. In the window that appears, specify the source directory, which contains the driver files (it is important that drivers are needed in unpacked form, i.e., in the form of a folder in which .inf files are located in). Click Next > Next > Finish.
Perform these steps for all devices for which Windows 10 could not find the driver (do not forget that there are 32 and 64-bit drivers for different versions of Windows 10).
After the drivers are added, it remains to update the deployment share. Drivers will be installed on the deployed Windows 10 computer automatically. There is nothing extra to do. The default simple PnP ID drivers detection method is used.
If a large number of drivers for various devices are added to your MDT server, then in order to speed up the OS deployment, it is advisable to link the hardware drivers to different device models and/or OS versions.
To do this, in MDT 2013 you need to use filtering with Selection Profiles. After importing the drivers, you need to create a selection profile for each driver folder. Then (Advanced Configuration > Selection Profiles > New Selection Profile > Windows 10 x64 and select the appropriate directory with drivers in Out of Box Drivers folder).
Add a custom Task Sequence in the Preinstall stage to your deployment Task Sequence with the type Inject Drivers.
Then in the Task Sequence settings at the Preinstall stage, select the correct profile and enable the Install only matching drivers from the selection profile option.
When booting over the network, the computer boots using the boot image obtained from the WDS server. If the boot image doesn’t contain the required network card drivers, then the computer won’t be able to connect to the WDS server to select and then boot the Windows 10 installation image. Therefore, for some computer models, you need to inject an additional network drivers using the MDT management console (to the LiteTouchPE_x64.wim and LiteTouchPE_x86 .wim images).
In addition, you can integrate drivers into a WIM image file or copy them into the $OEM$ subfolder, and specify the path to it in the autounattend.xml file.
It’s important to mention that the unattend.xml answer file can be added to the WIM image itself, by putting it in the %WINDIR%\Panther\Unattend folder, but for MDT you will still need a separate external file to run inside the Task Sequence.
Testing Windows 10 Deployment over Network
We are now ready to test the boot of network clients from WDS server over LAN (PXE boot). For this test we use a virtual machine running on VMWare ESXi hypervisor. Run VM and press F12 several times to begin network boot from PXE.
Press F12 for network service boot.
Tip. Because Boot screens on VMs appear very quickly, it is almost impossible to have time to press F12. So we need to set the highest priority to boot device Network boot from Intel E1000 in BIOS of VM.
Machine will connect to WDS server and show you a list of available Windows PE boot media. In standard Windows Boot Manager dialog select desired operating system to boot from. Select to boot Lite Touch Windows PE (x86).
The system will load over the network wim image file of WinPE environment and offer to begin the installation of Windows 10 using Microsoft Deployment Tool Wizard.
Click on Run the Deployment Wizard to install a new Operating System button to start the step by step wizard of Windows 10 Image installation on the client computer.
In our example it was also necessary to specify UNC path to the network folder DeploymentShare$ on MDT server (\\10.1.1.170\DeploymentShare$) and user credential to access it.
It remains to choose desired Task Sequence that you created earlier in your MDT 2013 (Deploy Windows 10 x64) and start a network deployment of Windows 10 Image on this computer.
In this article we showed you how to combine MDT 2013 and WDS server in order to create deployment infrastructure to deploy Windows 10 with MDT 2013.