Choosing an automated server installation strategy involves several design considerations, including the hardware and network infrastructure available for deployment. For example, a lower-bandwidth topology changes the approach. The deployment design chosen also determines how much manual intervention is required to deploy Windows.
When considering a deployment strategy, you should look at the number of machines to be installed. Also consider how many of the machines share the same role and have the same hardware.
An important step in understanding the concepts involved in deployment is learning the components that go into a deployment. Deployment is driven by image files that contain the state of a computer, including its operating system and all settings, from a given point in time. You can use several tools in Windows Server 2012 to create images. This chapter concentrates on two: Windows Deployment Services (WDS) and the Windows Assessment and Deployment Kit (ADK).
Three primary phases are involved in Windows deployment: Design, Deployment, and Update.
During the Design phase, you build an initial base or reference image. This is typically accomplished using tools such as WDS, sysprep, or the ADK. Part of the ADK is the Windows System Image Manager (Windows SIM), which assists in working with answer files.
Answer files
XML-formatted answer files provide the settings that you would normally configure when running through a manual installation of Windows. Things such as disk partitioning and network settings can be configured through an answer file so that you don’t have to be involved in the setup process for each and every machine deployed. You typically use Windows SIM to create the answer files, but thanks to their XML format, you can edit them with any plain-text editor.
The Deployment phase uses that captured image along with WDS to apply the image to one or more computers in the organization.
An Update and Manage phase enables you to update and manage the images as changes occur to the reference image. During this phase, you can use tools such as Deployment Image Servicing and Management (DISM) and sysprep to edit images.
Images
Windows images contain the information necessary to install a copy of Windows onto another machine. Included in this information are the settings and components specific to the computer onto which the image will be installed.
Two primary types or classes of images are available: boot and install.
BOOT IMAGES
Boot images (boot.wim), used to boot the target computer, include the setup executable as well as the WDS client. Windows DVDs also contain boot.wim files from which other boot images can be built. Boot images are typically added to WDS via the Add Image Wizard by navigating to the source DVD of the operating system. The boot.wim file is normally located in the sources folder of a Windows installation DVD.
Boot images come in two forms: Capture and Discover. Capture images enable the computer to capture an image of itself as a .wim (Windows Image) file. Capture images are typically taken when the computer is fully configured, with all its applications and roles. Once captured, the image is called a reference image and should be maintained as needed for environmental changes, such as updates or role and configuration changes.
You create Capture images inside WDS by selecting one of the available boot images and then using the Create Capture Image Wizard. The final step in the Create Capture Image Wizard gives the option to add the Capture Boot Image back to the WDS server, as depicted in Figure 1-1.
FIGURE 1-1 Creating a Capture image and then adding it back to the WDS server.
After a Capture image is created, it can then be deployed to the server by ensuring that the server receiving the image is set to boot from the network with Preboot Execution Environment (PXE). The client can then be captured.
-------------------
NOTE USING SYSPREP
You must run the sysprep tool on the computer to be captured or it won’t be available for image capture. The typical sysprep command is sysprep /generalize /shutdown.
-------------------
The other boot image type, Discover images, runs the installation setup.exe in WDS mode.This enables the client to locate the WDS server to obtain an install image. Discover images are typically used for client computers that can’t use PXE boot or in data center scenarios where PXE might be limited by policy.
INSTA LL IMAGES
Install images (install.wim) contain the files customized for the particular image being deployed. WDS can use boot.wim and install.wim from the product DVD during the createimages phase, or it can use customized images for each phase.
DISM can mount both .wim files as well as Virtual Hard Disk (VHD or VHDX) files for servicing.When an image is serviced, you use the Image Capture Wizard to upload it back into the WDS server.
Windows Deployment Services
The basis for deploying Windows is the Windows Deployment Services role in Windows Server 2012. By default, the Windows Deployment Services role installs two roles: Deployment Server and Transport Server. These roles require a working DHCP server on the network, a DNS server on the network, and an NTFS volume. They also require that the account installing the Windows Deployment Services role be a member of the local administrators group.
-------------
NOTE TRANSPORT SERVER ROLE
The Transport Server role is used in environments without Active Directory Domain Services (AD DS), DNS, or DHCP available. The Transport Server role also excludes the WDS image store. The Deployment Server role depends on the Transport Server role, but you can use the Transport Server role as a standalone role.
-------------
By default, the DHCP server and the WDS servers run on different machines because WDS communicates with clients using DHCP. However, if DHCP and WDS run on the same computer, you need to add DHCP Option 60 to the DHCP scope on which client computers will communicate with the WDS server. Option 60 enables the client computers to learn about the WDS server in the DHCP response packet.
In an environment with AD DS, clients can be prestaged. Doing so has the advantage of providing additional security because you can configure the WDS server to respond only to prestaged clients. Computers are prestaged (sometimes called known) when a computer account is created in the domain for that client computer. An Auto-Add policy option in WDS creates the computer account automatically.
The next objective, “Plan and Implement a Server Deployment Infrastructure,” looks closer at WDS.
Bare metal/virtual deployment
Bare metal or virtual deployments are meant for installations on computers that have no operating system. Computers eligible for bare metal deployment need to be Preboot Execution Environment (PXE) capable, and the network capacity needs to support large transfers.
Deployment to bare metal servers has these general requirements:
- The client computer must be capable of network booting (PXE).
- The client computer must be configured to boot without user interaction.
-You need to create two unattended installation files: one for the WDS screens and one for the setup process itself.
When a client computer boots, it selects a boot image automatically. You can configure this with the following syntax:
WDSUTIL /Set-Device /Device:<name> /BootImagePath:<Relative Path>
The computer must be prestaged for this to work. Alternatively, you can set a default image globally for all clients on the Boot tab of the WDS server Properties sheet (see Figure 1-2).
FIGURE 1-2 Use the Boot tab of the WDS server Properties sheet to configure the response to PXE boot requests.
Be conscious not to create a boot loop when planning a virtual deployment. If the computer is configured to boot to the network, it will continue to do so even after the installation takes place, thus continually reinstalling the image. To get around this, configure the hard drive to have higher boot order priority than the network or configure the computer to require F12 to continue booting by using the WDSUTIL /set-server /resetbootprogram:yes command.
The following partitioning schemes are recommended:
For UEFI/GPT Computers:
■■ Windows RE Tools ■■ MSR ■■ Recovery Image
■■ System ■■ Windows
For BIOS Computers:
■■ System ■■ Windows ■■ Recovery Image
