Installing Windows 7 is not hard when installing fresh, it’s pretty fast and easy. But when you’re deploying it in an organization, you should probably automate as much as possible, including the installation of software after the operating system. There are various levels of automation you can set up for Windows 7 deployments, but what I’ve done is some very basic setup using the Microsoft Deployment Toolkit 2010 that works for me without going too deep into setup and configuration–remember I’m trying to save time! I’m not doing a fast deployment and I’m OK with some manual tweaks at the end, I just want to make the initial load faster and preinstall some applications. There are several other resources you can look at for a more in-depth view of the options and configuration; I’m just going to polish the IRC chat I had with Justin Moore earlier mentioning an overview of the process as I did it, along with a list of silent install commands for the apps I’m auto-installing at the end of deployment. For more depth, try these that either I’ve used or friends have mentioned:
- Deploying Windows 7 – Part 5: MDT 2010 Enhancements (from WindowsNetworking.com)
- Windows 7 Deployment Class from author of DeployVista.com (a blog with more deployment info)
- The Deployment Guys (Microsoft Technet Blog)
- MDT 2010 Webcast (a webcast from the Deployment Guys blog above)
First I downloaded MDT 2010 from Microsoft, installed it and then opened the Deployment Workbench. You’ll need the AIK (Automated Installation Kit) for Windows 7 as well for some of the steps later, which is huge (1.7 GB), so you might as well get that started downloading now, too.
What I did to learn is I found some Microsoft pages with info on MDT and some videos that showed the basics, and I watched/followed one of them, but I don’t recall exactly which video it was that I found. You don’t want to focus on the AIK, I did a while back and it’s more for OEMs like Dell making system images for presale. Similar tools; the MDT uses AIK but has the Workbench that you do most stuff from (or that I did most stuff from :-)
I did read the help in Workbench a lot, and did some Googling, plus that walkthrough video that I can’t seem to find. The documentation built-in to MDT is actually pretty good, I recommend digging in. The basic idea is you need to know what steps to go through in the Deployment Workbench. You aren’t necessarily creating an “image” for deployment as you are making the installation more automated, providing install media from a network share and also packaging some applications with silent installs together. You can optionally build a Windows 7 box, capture it with ImageX, and pull that into MDT to deploy (with or without additional applications installed during deployment) but I didn’t go that far, I’m using a stock Windows 7 Enterprise image (I imported both the 64-bit and 32-bit install discs).
Basically in MDT, you go to Deployment Shares, and create a new one. You’re basically creating a network share that will hold all the install files. You take the Windows 7 DVD for example, and Import it into the Operating Systems “subfolder” of the Deployment Share you create within MDT, and it copies the disc into a subfolder of that share for you and lets you set some properties and name the image. I haven’t done so, but there’s another folder called Out-of-Box Drivers you can import drivers into for your specific hardware.
As for application install after deployment, there were two applications I couldn’t get to install silently and thus won’t work to be installed automatically. Those two apps were iTunes and Shelby v5 (our Church Management System). Shelby doesn’t have a silent install option but it’s easy to manually install afterwards. iTunes is supposed to pass your arguments to it’s .exe installer into the .msi files inside, but it failed for me every way I tried it (always left some component uninstalled) so I gave up. You can use 7-Zip to extract the iTunes install file into it’s component .msi files and manually install them (careful of the order) if you want, which works but is “unsupported” by Apple (not that I’ve ever contacted them for support). For now, I’m not installing iTunes automatically either. I spent a few hours on iTunes so I’m pretty confident of how messed up it is :-)
In general, anything you can install silently with command line arguments will work, and anything else won’t. For Adobe Reader, I downloaded Adobe’s Customization yep Reader works fine; I actually used the Adobe Customization Wizard to make an .mst (MSI transform) and install the version with the transform so my preferences are applied and the transform automatically specifies a silent install (based on how I configured it in the wizard).
Within MDT’s Deployment Workbench, inside your Deployment Share’s Applications folder, you add applications that you want to be able to select to install during each deployment. You can create folders to organize the applications (as they display for you to select during deployment), and you can show or hide applications as you wish. You can also crate Application Bundles, which basically install a group of other applications you’ve already defined. You can use both features together to create applications but hide them (even in their own folder, like “Linked Only” or “Bundled Only” or some such), but put them all in a bundle with one name for easy selection at install time. I also created separate folders for apps that have both a 32-bit version and a 64-bit version so I can select the apppropriate one for each system as needed.
For example, I created a Mozilla Firefox application, and one each for Adobe Flash 10 ActiveX and Plugin versions (you must complete a licensing agreement just as for Adobe Reader to get the .msi versions of the ActiveX and Plugin versions of Flash for deployment like this). I hid them and put them in a subfolder, but created a “Firefox and Flash Player” app in the root that is just a Bundle that installs all three at one time, and it works great.
The Deployment Share has another “subfolder” in the tree called Task Sequences. You’ll want to create a Task Sequence for each OS (one for 32-bit and one for 64-bit in my case), giving each sequence a unique number (I just started at one, then used two for the second one, etc.). Make it a Standard Client Task Sequence (the default in the wizard), select the OS version at the next step, and optionally specifiy a product key (you can enter this during deployment or after install as well). Fill out some basic organization name info and default IE homepage, then set a Local Administrator password (optional–I left this blank here and specify it at install time in the wizard as well), and click Next one last time to create the Task Sequence.
Once your apps are defined as well as your task sequences, and your operating system install images are imported, right-click on the name of the deployment share under the Deployment Shares root in the Workbench, and choose to Update Deployment Share. This wizard will create the stuff needed to actually deploy from the share, including the LiteTouch boot images (images are also created in .wim format, and I imagine you can set it up in WDS (Windows Deployment Services) on Windows 2008 (or 2003 with updates) to use PXE booting to deploy as well if you want to get into that). I’m using the boot CD method. After the Deployment Share Update completes, use Windows Explorer to browse to the deployment share folder, and then go to the Boot subfolder. You should find a LiteTouchPE_x86.iso file and a LiteTouchPE_x64.iso file as well as the .wim versions and .xml configuration files as well. Burn the .iso files to CDs (Windows 7 support right-click-and-burn for ISOs, plenty of free options for other OSes).
Now you can boot whichever version you want on a computer, and depending on the architecture version of the CD each will only give you the OS options that are compatible on the deployment share. Basically you boot to a UI from the LiteTouch boot disc that asks for username/password/domain to access the Deployment Share. The share location is all hardcoded during the Update Deployment Share process. I don’t have it in front of me and haven’t done it since Monday, but the basic steps it goes through are: It asks for computer name, and whether you want to join the domain (if you do, it prefills the same user/pass/domain you entered earlier for share access which is handy). Then you pick which OS from the list, and on the next screen it shows you a list of apps in the folders you set up earlier (this list is pulled from the share, so if you Update the share later with app changes you don’t need to burn the disc again, in case that’s not obvious). You just check the boxes of the ones you want (like I have a 32-bit and 64-bit 7-Zip app, and I have to select which. Also, my VIPRE antivirus app has two installers depending on if I want it to be in the Laptops or Desktops group by default, so I pick the right one as well).
Then hit Finish, and come back in about an hour or so depending on the system, and it’s logged in as Local Admin with a status window showing you any errors (or not) from the app installs. I just did it for a new laptop on Monday, was very easy! I still had to install some drivers since I didn’t add them to the deployment share.
Here are the apps I got to install silently: Adobe Reader 9.2, Firefox 3.5.5, Flash Player 10 (plugin & ActiveX), CDBurnerXP 4.2.7.1801, Pidgin 2.6.4, LogMeIn Free 4.0.982, RDP Enable Script (custom batch file that enables RDP and firewall hole for it), VIPRE, 7-zip, and Office Enterprise 2007 (customized with .mst). The Deployment Workbench will actually let you create an Office 2007 customization and run the wizard and everything for you right from the app properties, which is nice, though I had my own .mst already that I used. For each app I created I selected the option to create an Application with Source Files so it would copy the whole install folder to the Deployment Folder. Also, there’s some stuff you can do that lets you automatically run the USMT on XP for example, backing up user profile to a folder on the hard drive or on the network, then have the MDT deployment run USMT again restoring state after the install, all automatically…I saw it in the video I watched but didn’t get it working (I didn’t try).
Here are the silent install commands I used for the apps I got working, for reference:
Adobe Reader 9.2
msiexec /i AcroRead.msi ALLUSERS=TRUE TRANSFORMS=AcroRead.mst /quiet
Microsoft Office Enterprise 2007
setup.exe
You can use the Office Products tab when editing the application definition to customize the app, or if you already have a .mst transform, put it in the Updates folder inside the Office installation structure and it will be automatically applied, no need to pass it in as an argument.
CDBurnerXP (the .msi, available as a separate download)
msiexec /i cdbxp_setup_4.2.7.1801.msi AI_DESKTOP_SH=0 AI_QUICKLAUNCH_SH=0 AI_STARTUP_SH=0 VIEWREADME=0 /qn
Pidgin
pidgin-2.6.4.exe /DS=0 /SMS=1 /S
LogMeIn Free (I’ll leave you to get it; the way I do it it prompts for the account to join it to after install, but it’s possible to find ways to make it auto-join to a LogMeIn.com account)
msiexec /i LogMeIn.msi /qn
Sunbelt Software VIPRE Enterprise (create MSI deployment files from the console)
MSIEXEC /I SBEAgent-ProfileNameHere.msi ALLUSERS=TRUE /quiet
7-Zip 32-bit (.msi is available if you dig on their site as a separate download, default for 32-bit is .exe)
msiexec /i 7z465.msi /qn
7-Zip 64-bit
msiexec /i 7z465-x64.msi /qn
Mozilla Firefox
Firefox Setup 3.5.5.exe -ms
Adobe Flash Player 10 for IE (ActiveX)
msiexec /i install_flash_player_10_active_x.msi /qn
Adobe Flash Player 10 for Firefox (Plugin)
msiexec /i install_flash_player_10_plugin.msi /qn
Java (get the FULL OFFLINE installer here) (thanks to Justin Moore for finding this one and commenting!)
jre-6u17-windows-i586-s.exe /s ADDLOCAL=ALL
I hope that’s helpful to someone! Or maybe me in the future :-)