Streamline OS Deployment: A Configuration Manager Guide
Most support issues encountered during operating system deployment (OSD) within System Center 2012 Configuration Manager often stem from misconfigurations of the product itself. While there are no universally simple guidelines for implementing a system as powerful and complex as OSD, this article provides a detailed, step-by-step process. It focuses on configuring System Center 2012 Configuration Manager (ConfigMgr 2012) to capture an existing Windows image from a reference computer.
Furthermore, this guide walks through the creation of a client package essential for installation during deployment. Finally, it covers the process of creating a task sequence specifically designed to deploy and install the captured image onto target machines. Following these steps carefully can help avoid common pitfalls and streamline your deployment process.
Introduction¶
This article assumes you are working within an existing environment. Specifically, it requires a Configuration Manager 2012 site infrastructure to be installed and operational. It also necessitates a primary site running Configuration Manager 2012; these steps are also applicable if you are using a standalone primary site.
Additionally, it is a prerequisite that the Network Access Account is properly configured within your Configuration Manager environment. Boundaries and boundary groups must also be correctly defined and associated. Lastly, Configuration Manager client agents should already be installed on the clients involved in this process.
Overview of the Technology¶
Operating System Deployment (OSD) in System Center 2012 Configuration Manager is a robust tool designed for administrative users. It facilitates the creation and deployment of operating system images. These images can be deployed effectively to both computers already managed by Configuration Manager and to unmanaged machines.
Deployment to unmanaged computers often utilizes bootable media. Examples include CD sets, DVDs, or USB flash drives. The OSD process involves several components working in concert to deliver a complete operating system installation.
Prerequisites¶
Before diving into the configuration steps, ensure your environment meets the specified prerequisites. A properly configured infrastructure is crucial for successful OSD. This includes network access, boundary configurations, and functional client agents.
| Task | Detailed Steps |
|---|---|
| Prerequisites | This guide assumes an existing Configuration Manager 2012 environment with a primary site. The Network Access Account, Boundaries, and ConfigMgr client agents on target clients must be configured correctly. |
| Computers Used in This Exercise | GTRCM12CAS (ConfigMgr 2012 central administration site (CAS) server) GTRCM12PRI1 (ConfigMgr 2012 primary site server) GTRCM12WIN7B (ConfigMgr 2012 client used for capture) GTRCMXP01 (ConfigMgr 2012 client used for deployment) |
These machine names are examples used throughout this guide. Substitute them with the actual names of the servers and clients in your specific environment. Proper planning regarding machine roles and configurations is essential before beginning.
Configure the Components¶
This section outlines the initial configuration steps required on your site server and within the Configuration Manager console. We begin by installing the Windows Deployment Services (WDS) role, which is fundamental for PXE booting. We will then share a folder, configure a distribution point to respond to PXE requests, and finally, copy the necessary boot images to that distribution point.
| Task | Detailed Steps |
|---|---|
| Complete the following steps on the primary site server (GTRCM12PRI1) | |
| Open an elevated command prompt | 1. On the Start menu, navigate to All Programs, then Accessories, and right-click Command Prompt. Select Run as administrator from the context menu to open a command prompt with elevated privileges. This is necessary for executing administrative commands. |
| Share folder Flats as Sources | 2. Execute the command net share Sources=C:\\Flats /Grant:System,Full /Grant:Administrators,Full. This command creates a network share named ‘Sources’ pointing to the local path ‘C:\Flats’. It explicitly grants ‘Full’ permissions to the local System account and the local Administrators group, ensuring necessary access for ConfigMgr. |
| Log off GTRCM12PRI1 | Log off the primary site server to ensure any policy changes or resource access updates take effect. |
| Complete the following tasks on the CAS (GTRCM12CAS) | |
| Start the Configuration Manager Console | 1. Access the Start menu, navigate to All Programs, Microsoft System Center, and Configuration Manager 2012. Select ConfigMgr Console to launch the administrative interface. The console opens to the Administration Overview page, serving as your central management point. |
| Configure Distribution Point Properties | 2. Within the console, navigate to the Administration workspace and expand Site Configuration > Servers and Site System Roles. Select your primary site server (GTRCM12PRI1). In the details pane displaying Site System Roles, locate and right-click Distribution point. Select Properties to open its configuration. |
| Enable PXE Support | 3. In the Distribution Point properties window, switch to the PXE tab. Check the boxes for Enable PXE support for clients, Allow this distribution point to respond to incoming PXE requests, and Enable unknown computer support. Enabling PXE allows computers to boot and receive deployment task sequences over the network. |
| Configure Boot Image Properties | 4. Navigate to the Software Library workspace, expand Operating Systems, and then select Boot Images. Right-click Boot image (x64) and select Properties. On the Data Source tab, enable the option Deploy this boot image from PXE service point, and then click Apply. This makes the boot image available for PXE booting. |
| Update and Distribute Boot Images | Complete the wizard that appears after applying the changes to update the boot image on the distribution points. Repeat step 4 for Boot image (x86) to enable PXE support for 32-bit architecture boot images as well. |
| Copy Boot Images to Distribution Point | 5. In the Boot Images node, select both the Boot image (x64) and Boot image (x86) by holding down the Ctrl key. From the ribbon bar at the top, select Distribute Content. In the Distribute Content wizard, ensure you select your primary site server (GTRCM12PRI1) as the destination distribution point. This pushes the boot image files to the server configured for PXE. |
| Monitor Distribution (Optional) | You can optionally monitor the distmgr.log file located on the GTRCM12PRI1 server. This log file provides details about the distribution process. You will notice that the PXE configuration on the distribution point is triggered and finalized once the first boot image has been successfully copied to the DP. |
Configuring PXE support on the distribution point is critical for enabling network boots for new or bare-metal machines. By distributing the boot images, you ensure that clients booting via PXE have the necessary minimal operating system environment (Windows PE) to start the Configuration Manager task sequence agent and receive deployment instructions. The shared folder is often used as a temporary location for capturing images or storing source files needed during deployment.
Create a Custom Task Sequence to Capture an Image¶
Capturing an image from a reference computer allows you to create a standardized base image that includes pre-installed software, configurations, and updates. In this section, we will create a custom task sequence specifically designed to prepare and capture an image from a designated client machine, in this case, GTRCM12WIN7B. This captured image will later be used for deploying Windows 7 to other clients.
| Task | Detailed Steps |
|---|---|
| Complete the following task on the CAS (GTRCM12CAS) | |
| Start the Configuration Manager Console | 1. Launch the ConfigMgr Console via the Start menu (All Programs > Microsoft System Center > Configuration Manager 2012 > ConfigMgr Console). The System Center Configuration Manager Console window will open, typically displaying the Administration Overview page, providing access to all management functions. |
| Create a custom task sequence | 2. In the navigation pane, select the Software Library workspace. Expand Operating Systems and then select Task Sequences. In the ribbon at the top of the console, click Create Task Sequence to launch the wizard. |
| Select Custom Task Sequence Template | 1. In the Create Task Sequence Wizard, select the option Create a new custom task sequence. This template provides a blank canvas where you can manually add the required steps for image capture. |
| Name and Configure Task Sequence | 2. Provide a descriptive name for the task sequence, such as “Capture Reference Computer”. Select the appropriate Boot Image (x86) from the list. The boot image is a minimal version of Windows PE that the client will boot into to execute the capture steps. Complete the remaining steps in the wizard to create the basic task sequence object. |
| Edit the Task Sequence | 3. Locate the newly created “Capture Reference Computer” task sequence in the list. Right-click on it and select Edit from the shortcut menu. This opens the Task Sequence Editor, allowing you to add, remove, and configure the steps. |
| Add a Group for Capture Steps | 4. In the Task Sequence Editor, click the Add button and select New Group. Name this group logically, for example, “Capture Image”. Groups help organize task sequence steps, making complex sequences easier to manage and read. |
| Add Capture Steps | 5. Within the “Capture Image” group you just created, add the following three essential steps. Click Add, then Images, and select each step in order: Prepare ConfigMgr Client for Capture: This step prepares the Configuration Manager client installation for Sysprep. Prepare Windows for Capture: This step runs Sysprep (System Preparation Tool), generalizing the Windows installation so it can be deployed to different hardware. Capture Operating System Image: This step actually captures the generalized Windows image into a .WIM file. |
| Consider Domain Membership | 6. Before running the capture task sequence, it’s crucial to ensure the target reference computer is not joined to a domain. Systems that are domain members cannot be successfully captured using the standard Sysprep and capture process within ConfigMgr task sequences, and the task sequence will fail. NOTE: Systems that are part of a domain cannot be captured and your task sequence will fail! |
| Add Domain Membership Check Group (Optional but Recommended) | 7. To prevent capture failures on domain-joined machines, add another group to your task sequence. Click Add, select New Group, and name it appropriately, such as “Domain membership check”. This group will contain steps to verify and potentially change the domain status. |
| Configure Domain Membership Check Condition | 8. Select the “Domain membership check” group. Go to the Options tab for this group. Here, you can add a condition to determine if the steps within this group should run. Use a WMI query as a condition: SELECT * from Win32_ComputerSystem WHERE Workgroup = NULL. This query returns an instance if the computer is not in a workgroup (i.e., it’s in a domain). The condition should be set to continue if this condition is met. |
| Test the WMI Query | In the WMI query properties, you can run a test. Executing this test on your CAS (GTRCM12CAS) or any domain-joined computer should return an instance count of 1, confirming the query correctly identifies domain membership. On a workgroup computer, it would return 0 instances. |
| Add Step to Join Workgroup | 9. Within the “Domain membership check” group, add a step to join the target computer to a workgroup. Click Add, select General, and choose Restart Computer. Configure this step to restart the computer and specify that it should join a workgroup. Provide a generic workgroup name. NOTE: The target system will restart after executing this task. This step will only run if the WMI condition in the parent group is met (i.e., the computer is domain joined). |
| Create a Device Collection for Capture | 1. Switch to the Assets and Compliance workspace. In the navigation pane, select Device Collections. In the ribbon, click Create Device Collection to start the wizard. |
| Name the Collection | 2. Name the new device collection clearly, for instance, “Capture Image Reference Machines”. This collection will contain the specific computer(s) you intend to capture an image from. |
| Add Reference Computer as Direct Member | 3. In the Create Device Collection wizard, on the Membership Rules page, add a rule. Select Add Rule and choose Direct Rule. Browse for your reference computer (GTRCM12WIN7B) and add it as a direct member of this collection. Complete the wizard to create the collection. Direct membership is suitable when you have a specific, small set of machines for a particular task. |
| Deploy the Task Sequence to the Collection | 1. Locate your new “Capture Image Reference Machines” collection in the Device Collections list. Right-click on it and select Deploy > Task Sequence from the shortcut menu. Select the “Capture Reference Computer” task sequence you created. Configure the deployment settings, such as making it available to Configuration Manager clients and media (PXE), and click through the wizard to finish. Make sure the deployment is available for PXE or bootable media if necessary. |
| Run the Task Sequence on the Reference Computer | 1. Log on to your reference computer (GTRCM12WIN7B) with administrative credentials. Open the Configuration Manager client control panel or Software Center (depending on client version). The deployed task sequence should appear under the “Operating Systems” tab. Confirm the task sequence details and click Install or Run to initiate the image capture process. Confirm the task sequence and run it from the Configuration Manager client interface. The machine will likely reboot into Windows PE to begin the capture. |
Creating a custom task sequence allows granular control over the capture process. The inclusion of Sysprep is vital for generalizing the image, ensuring it can be deployed across different hardware platforms without conflicts. The domain check and workgroup join steps are preventative measures to avoid common capture failures associated with domain-joined machines.
Create a Configuration Manager Client Package¶
A Configuration Manager client package is necessary for installing the Configuration Manager client agent during the operating system deployment task sequence. While the client can sometimes be installed via other methods during OSD, including it as a package within the task sequence provides reliability and ensures the client is properly configured immediately after the OS installation.
| Task | Detailed Steps |
|---|---|
| Complete the following tasks on the CAS (GTRCM12CAS) | |
| Start the Configuration Manager Console | 1. Launch the ConfigMgr Console via the Start menu (All Programs > Microsoft System Center > Configuration Manager 2012 > ConfigMgr Console). The System Center Configuration Manager Console window will appear, showing the Administration Overview page. This is where you manage packages and applications. NOTE: The System Center Configuration Manager Console window appears to display the Administration Overview page. |
| Create a package from Definition | 2. In the navigation pane, select the Software Library workspace. Expand Application Management, and then select Packages. In the ribbon at the top, select Create Package from Definition. This wizard simplifies package creation for well-known applications like the ConfigMgr client. |
| Select Configuration Manager Client Definition | 3. In the Create Package from Definition Wizard, select the Configuration Manager Client Upgrade 5.0 definition from the list. This definition file contains predefined settings for deploying the ConfigMgr client. |
| Specify Source File Location Option | 4. On the Source Files page of the wizard, select Always obtain files source files from a source folder. This option requires you to specify a network path where the Configuration Manager client installation files are located. |
| Specify Client Source Location | 5. On the Source Folder page, specify the UNC path to the Configuration Manager client source files. The standard location on a primary site server is usually in the SMS site system folder under a path like \\GTRCM12PRI1\sms_pr1\Client. Ensure the account running the task sequence has access to this path. For this exercise, we will use \\\\GTRCM12PRI1\\sms_pr1\\Client as our source location. Complete the remainder of the wizard steps, providing a package name if prompted. |
| Distribute the Content | After the package is created, you must distribute its content to your distribution points. Right-click the newly created Configuration Manager Client package, select Distribute Content, and follow the wizard to select your primary site server (GTRCM12PRI1) and any other necessary distribution points. This makes the client installation files available to target computers during deployment task sequences. |
Creating the client package from a definition ensures that the necessary files and basic command lines for client installation are correctly configured. Distributing this package is essential for enabling the “Setup Windows and ConfigMgr” step in deployment task sequences to function properly. Having the client installed post-OS deployment allows the machine to immediately become managed by Configuration Manager.
Create a Task Sequence to Install Your Image¶
Now that you have captured a generalized operating system image and created a Configuration Manager client package, the next step is to create a task sequence to deploy this image to target computers. This task sequence will automate the process of partitioning the disk, applying the image, installing the ConfigMgr client, and joining the machine to the domain. In this exercise, we will create a task sequence to install the captured Windows 7 image onto a client named GTRCM12XP1.
| Task | Detailed Steps |
|---|---|
| Complete the following tasks on the CAS (GTRCM12CAS) | |
| Start the Configuration Manager Console | 1. Launch the ConfigMgr Console from the Start menu (All Programs > Microsoft System Center > Configuration Manager 2012 > ConfigMgr Console). The console will open, displaying the Administration Overview page. This is where you will manage operating system images and task sequences for deployment. NOTE: The System Center Configuration Manager Console window appears to display the Administration Overview page. |
| Add Your Operating System Image | 2. In the navigation pane, select the Software Library workspace. Expand Operating Systems and select Operating System Images. In the ribbon at the top, click Add Operating System Image. This wizard allows you to import the .WIM file you captured earlier into Configuration Manager. |
| Specify Data Source Location | 3. On the Data Source page of the wizard, specify the UNC path to the captured image file (.wim). This is typically located in the shared folder you designated on your primary site server during the capture process. For this example, the location is \\\\GTRCM12PRI1\\sources\\mycapture.wim. This tells ConfigMgr where to find the image file to import. |
| Import and Distribute Image | 4. Provide a descriptive name for the imported operating system image in ConfigMgr. Complete the remaining steps in the wizard. After the image is imported, you must distribute its content to your distribution points. Right-click the imported image, select Distribute Content, and follow the wizard to select your primary site server (GTRCM12PRI1) and other relevant distribution points. This makes the captured image file available for deployment via task sequences. |
| Create a New Task Sequence to Install Your Image | 1. In the navigation pane, under Operating Systems, select Task Sequences. In the ribbon at the top, click Create Task Sequence. This launches the wizard for creating a deployment task sequence. |
| Select Install Template | 2. In the Create Task Sequence Wizard, select the option Install an existing image package. This template is designed specifically for deploying a pre-captured or existing operating system image (.WIM file). |
| Name and Configure Task Sequence | 3. Provide a name for your task sequence, such as “Deploy Windows 7 Enterprise x64”. Select the appropriate Boot Image (x86) or Boot Image (x64). This is the minimal Windows PE environment the target computer will boot into to run the task sequence. Tip: In this case, you can use either your x86 or x64 boot image. We aren’t running an architecture-based setup.exe like we do when using an Operating System Install package. The boot image architecture only needs to support the target hardware’s boot mode (UEFI/Legacy). |
| Select Image and Administrator Password | 4. On the Install Windows page, select the operating system image you imported in the previous steps. Provide the administrator password that was configured on the reference computer before it was Sysprepped and captured. The task sequence uses this password to manage the system during deployment. |
| Configure Domain Join | 5. On the Configure Network page, select Join a domain. Enter the name of the domain the computer should join. Provide a domain user account and password that has the necessary permissions to join computers to the domain and reset computer accounts. Warning: Never use a domain admin account to do this in production environments! You just need domain join permissions and the right to reset computer passwords. Create a dedicated service account with minimal privileges for OSD. |
| Select ConfigMgr Client Package | 6. On the Install Configuration Manager Client page, select the Configuration Manager client package you created earlier. In the Installation Properties field, provide any necessary client installation parameters. A common parameter is specifying the Fallback Status Point (FSP) or the Site Code. Here, we will use our primary site server name as the FSP: FSP=GTRCM12PRI1. Consult ConfigMgr client installation documentation for other useful properties. |
| User Settings and Other Configurations | 7. On the User State Migration page, clear the This action will capture the user specific settings check box unless you are performing a refresh scenario with user state migration. For bare-metal or replace deployments, this is not needed. On subsequent pages, you can configure whether to install software updates or additional software packages as part of this task sequence. For a basic OS deployment, you can choose not to install updates or software initially, and then complete the wizard. |
| Create a New Device Collection for Deployment | 1. Switch to the Assets and Compliance workspace. In the navigation pane, select Device Collections. Click Create Device Collection in the ribbon to launch the wizard. This collection will target the machines that will receive the operating system image. |
| Name the Deployment Collection | 2. Name the collection clearly, for instance, “Windows 7 Enterprise x64 Deployment Targets”. This name should reflect the purpose or the image being deployed. |
| Add Target Computer as Direct Member | 3. Add the computer(s) you wish to deploy the image to as members of this collection. For targeting a specific machine like GTRCM12XP1, use a Direct Rule. Search for and add the computer object. Complete the wizard to create the collection. |
| Distribute the Task Sequence to This Collection | 1. Locate your new “Windows 7 Enterprise x64 Deployment Targets” collection. Right-click on it and select Deploy > Task Sequence from the shortcut menu. Select the task sequence you just created for installing the image. Configure the deployment settings, such as making it available for PXE boot, bootable media, or via the ConfigMgr client, and schedule it if necessary. Click through the wizard to finish. Ensure the deployment is available via a method suitable for your target machines (e.g., PXE for bare metal). |
Creating a deployment task sequence orchestrates the entire installation process. It starts with booting into Windows PE, then partitions the disk, applies the captured image, injects drivers if needed (not explicitly covered but a crucial step in production), sets up Windows, installs the ConfigMgr client, joins the domain, and can apply further configurations or software. This automation significantly reduces the manual effort required for deploying operating systems.
OSD Task Sequences Known Issues¶
While the OSD process in ConfigMgr is powerful, administrators may encounter specific issues. Microsoft documentation often provides solutions for common problems. Understanding these potential pitfalls can aid in troubleshooting.
- Problems staging a Windows PE 3.1 boot image on Windows XP-based computers in Configuration Manager environments.
- Task sequence failures occurring when software updates applied during deployment require multiple restarts. Complex update scenarios can sometimes disrupt the task sequence flow.
- Issues with task sequences failing to run when custom port settings are used in System Center Configuration Manager 2012 SP1. Network configuration is critical for OSD communication.
- Availability of updates specifically addressing the “Operating System Deployment” feature within Configuration Manager to resolve known bugs or improve functionality. Staying current with relevant updates is important.
These are just a few examples of known issues. It is always recommended to consult the official Microsoft documentation and support resources when troubleshooting specific problems encountered during OSD implementation.
Streamlining OS deployment with Configuration Manager involves careful planning and precise configuration of various components, including distribution points, boot images, client packages, and task sequences. By following the steps outlined in this guide for capturing and deploying a custom image, you can build a foundation for an automated and efficient operating system deployment process in your environment. This approach helps ensure consistency across deployed machines and reduces the time and effort required for large-scale rollouts.
What challenges have you faced when implementing OSD in ConfigMgr, and how did you overcome them? Share your experiences or ask questions about the steps outlined in this guide below!
Post a Comment