Thursday, March 19, 2015

Installing and Configuring Microsoft Deployment Toolkit (MDT) 2013 on Windows Server 2012 R2

In this post we are going to be covering slides 10-14 from my presentation, the live installation and configuration demo. Let’s get started!  For this demo, I will be using two systems, the first is my MDT 2013 server, running Windows Server 2012 R2. The second is my MDT client/target, to which I will be deploying Windows Server 2012 R2 from a volume license ISO. On the MDT server, I will start by downloading the Microsoft Assessment and Deployment Kit (ADK) for Windows 8.1 which can be found here:http://www.microsoft.com/en-us/download/details.aspx?id=39982.
Click Download:
MDT-1000
Click Run:
MDT-1001
I would always recommend downloading the ADK to a local folder or network share, since these files take a while to download and are commonly used in many Microsoft products, including System Center. Select a local or network path and click Next:
MDT-1002
Click Next:
MDT-1003
Accept the license agreement:
MDT-1004
After many minutes (or even hours), the ~3GB files will finish downloading. When complete, re-launch the ADK setup wizard by executing adksetup.exe from the path specified earlier:
MDT-1005
If the installation files are detected, the installer will simply prompt for an installation directory. Click Next:
MDT-1006
Click Next:
MDT-1007
Accept the license agreement:
MDT-1008
Uncheck all features except Deployment Tools, Windows Preinstallation Environment (Windows PE), and User State Migration Tool (USMT). These are the only features required for the MDT Server. Click Install:
MDT-1009
After a couple minutes, the installation will finish. Click Close:
MDT-1010
Next, we’ll download the MDT 2013 install files from: http://www.microsoft.com/en-us/download/details.aspx?id=40796. Click Download:
MDT-1011
Select all files and click Next:
MDT-1012
Click Save for each file, putting the files in an MDT folder:
MDT-1013
Once each of the five files have been downloaded, launch MicrosoftDeploymentToolkit2013_x64.msi:
MDT-1014
Click Next:
MDT-1015
Accept the license agreement and click Next:
MDT-1016
Click Next:
MDT-1017
Click Next:
MDT-1018
Click Install:
MDT-1019
Click Finish:
MDT-1020
On Windows Server 2012 R2, click the Start menu:
MDT-1021
As with many newly installed applications, you’ll find the app shortcuts are a bit buried in Windows Server 2012 R2 until you get used to it. From the Start interface, click the Down arrow in the bottom left for all programs:
MDT-1022
A new Microsoft Deployment Toolkit section is created. Launch the Deployment Workbench (New):
MDT-1023
The first time launched, you’ll see a nice overview of MDT 2013:
MDT-1024
Right click Deployment Shares in the left navigation and select New Deployment Share:
MDT-1025
Change the deployment share path or leave defaults and click Next:
MDT-1026
Change the deployment share name or leave defaults and click Next:
MDT-1027
Change the deployment share description or leave defaults and click Next:
MDT-1028
Review and uncheck each of the default options and click Next:
MDT-1029
Review and click Next:
MDT-1030
Click Finish:
MDT-1031
Open Computer Management. Expand Local Users and Groups and right click Users to select New User:
MDT-1039
A local user account with rights to the MDT share will be very beneficial for deployments. Create a local user, set password never expires, and enter a password that can be safely stored in plain text without much risk (not a super secretive password):
MDT-1040
By default the deployment share is created with Everyone Full Control permissions. To review, find the deployment folder, right click and go to the Sharing tab. Click Advanced Sharing:
MDT-1041
Click Permissions:
MDT-1042
Note Everyone is added by default with Full Control (security is controlled by NTFS permissions on the folder):
MDT-1043
On the Security tab of the share, note that Users have Read & Execute, List Folder Contents, and ReadNTFS permissions. This is perfect for our newly created MDT user to access the share during deployments:
MDT-1044
Back in the Deployment Workbench, right click the new deployment share and select Properties:
MDT-1033
Under the Rules section, drop the following block of options at the end of the [Default] section:
SkipComputerName=YES
SkipDomainMembership=YES
SkipUserData=YES
SkipCapture=YES
DoCapture=NO
SkipLocaleSelection=YES
SkipTaskSequence=NO
SkipTimeZone=YES
SkipApplications=YES
SkipSummary=YES
SkipBDDWelcome=YES
TimeZone=004
TimeZoneName=Pacific Standard Time
After you’re fairly experienced with MDT, you can read up and review all of the CustomSettings.ini options in various documentation articles and blogs online. Once each option has been added, click Edit Bootstrap.iniin the bottom right:
MDT-1034
Under the [Default] section, drop the following block of options:
UserID=MDT
UserDomain=WS12R2MDT01
UserPassword=P@ssw0rd01
KeyboardLocale=en-US
SkipBDDWelcome=YES
Close the Notepad document and you will be prompted to save changes:
MDT-1035
Click Save:
MDT-1036
Click Apply to save changes to CustomSettings.ini for the deployment share:
MDT-1037
Click OK:
MDT-1038
Next, we’ll import the Operating System images (WIM) for Windows Server 2012 R2. To do this, I will very handily double click to Mount the volume license ISO:
MDT-1045
The next drive letter available for my MDT server was E:\ so the installation media is now mounted using that drive:
MDT-1046
In the Deployment Workbench, right click Operating System and select Import Operating System:
MDT-1047
Select Full set of source files and click Next:
MDT-1048
Type E:\ to use the recently mounted ISO. Click Next:
MDT-1049
Enter a destination directory name (I typically just clean up the default name that was detected). Click Next:
MDT-1050
Click Next:
MDT-1051
Upon completion (typically a couple minutes) click Finish:
MDT-1052
Typically, I do some cleanup since I won’t need most of the WIM files imported. For now, I’ll delete the three WIM files and leave Server Datacenter. To do so, select each file, right click and select Delete:
MDT-1053
I’ll select Completely delete and click Next:
MDT-1054
Click Next:
MDT-1055
Click Finish:
MDT-1056
Next, I’ll rename to clean up the WIM file name to “Windows Server 2012 R2 Datacenter.wim”:
MDT-1057
Right click Task Sequence and select New Task Sequence:
MDT-1058
Enter DEPLOY-WS2012R2 for the Task sequence ID and a name to be selected using the deployment wizard, “Deploy Windows Server 2012 R2” for example. Click Next:
MDT-1059
Select Standard Server Task Sequence from the drop-down and click Next:
MDT-1060
Select the Operating System from the list and click Next:
MDT-1061
Your choice to enter a product key, or do this later. Click Next:
MDT-1062
Enter a name, organization, and home page. Click Next:
MDT-1063
Enter a password that you don’t mind having stored in plain text as this is kept within the Unattend.xml file. The administrator password can always be changed post-deployment. Click Next:
MDT-1065
Click Next:
MDT-1066
Click Finish:
MDT-1067
Next, we’ll modify the task sequence to enable Windows Updates. Right click the new task sequence and select Properties:
MDT-1068
Under the State Restore section, there are two entries for Windows Update which are both disabled by default. Highlight each of these tasks and click the Options tab:
MDT-1069
Uncheck Disable this step to enable the step.
MDT-1070
Repeat for the second Windows Update entry:
MDT-1071
Uncheck Disable this step and both tasks should now be enabled. This will come in hand later when we start slipping in applications to the task sequence. Click OK to save all changes to the task sequence:
MDT-1072
Optionally (and highly recommended), the default Microsoft Solutions Accelerator background can be replaced by using an identically sized and bit depth BMP file in the following location: C:\Program Files\Microsoft Deployment Toolkit\Samples\Background.bmp:
MDT-1073
Finally, let’s package everything up to create a LiteTouch ISO file for booting. In the Deployment Workbench, right click the deployment share and select Update Deployment Share:
MDT-1074
Leave defaults and click Next:
MDT-1075
Click Next:
MDT-1076
Upon completion, click Finish:
MDT-1077
Once the deployment share has been updated the first time, the LiteTouchPE_x64.iso files are created under the \Boot folder in the deployment share.  These ISO files can be used to directly boot physical and virtual machines, or integrated into Windows Deployment Services for PXE booting to deploy MDT images.
MDT-1078
For this blog post, I have attached the LiteTouchPE_x64.iso file to a new virtual machine. On first boot, the machine will boot from optical media and start the process:
MDT-2000
Using the Bootstrap.ini and CustomSettings.ini options I provided, only a single question must be answered during deployment:
MDT-2001
Optionally, two additional lines can be added to the Bootstrap.ini file to skip this screen and automatically deploy a task sequence of your choosing. These options are:
SkipTaskSequence=YES
TaskSequenceID=DEPLOY-WS2012R2
This can be very helpful when creating MDT Media, a topic that I will likely cover in a future blog post.
Upon completion, the wizard will indicate success of failure. Click Finish:
MDT-2002
http://blog.itvce.com/2013/10/27/installing-and-configuring-microsoft-deployment-toolkit-mdt-2013-on-windows-server-2012-r2/