Professional Documents
Culture Documents
SOLUTION ACCELERATOR
ENTERPRISE EDITION
This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR
STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, this
document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means
(electronic, mechanical, photocopying, recording, or otherwise), but only for the purposes provided in the express written
permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering
subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the
furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual
property.
Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people,
places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain
name, email address, logo, person, place, or event is intended or should be inferred.
Microsoft, Active Directory, the Office logo, SharePoint, SQL Server, Windows, the Windows logo, Windows NT, and Windows
Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Zero Touch Installation Deployment Feature Team Guide iii
Contents
Using This Guide
This guide is intended to be used as a part of Microsoft® Solution Accelerator for Business
Desktop Deployment (BDD) and is designed to guide a specialist team through Solution
Accelerator for BDD deployment tasks and checkpoints. The goal is to ensure that the deployment
is managed as a specific initiative of the specialist team within the scope of a larger deployment
project. This approach is used to make certain that the decisions taken within this initiative align
with the overall project goals and that the deliverables are well integrated into the total migration
project.
Communication
Key to successful project implementation is each feature team member’s ability to cooperate and
communicate internally, on the one hand, and with other feature or function teams within the
project and project stakeholders on the other. Within the team, each role has equal importance,
even though the roles may vary. Important team decisions are characterized by joint decision-
making.
Across teams and from individual feature teams to the project management team (defined as the
lead team in this document), the process is more formal, with well-defined pathways of
communication. This formality does not prevent informal communication between the teams,
which is encouraged, but does ensure that significant communications are well documented,
occur at the appropriate level, and are directed to the appropriate team members.
An important consideration for feature teams is communicating with the project stakeholders,
which typically include various entities within the customer organization. To avoid confusion,
incomplete or conflicting messages, or misunderstood expectations, the lead team must act as
the official project voice to the stakeholders. In this way, management is always aware of the
state of the customer relationship, and customer satisfaction during the deployment process is
enhanced.
Introduction
This guide contains detailed information about how to deploy Microsoft® Windows® XP
Professional, Windows XP Tablet PC Edition, and Office 2003 Editions using Solution Accelerator
for BDD. The document shows how the automated deployment process should be run to
successfully replace previous Windows operating systems with Windows XP.
This process takes advantage of and combines the results of the other processes in the Solution
Accelerator for BDD solution to accomplish the following tasks:
• Collect hardware and software inventory information by using Microsoft® Systems
Management Server (SMS) 2003 with Service Pack 1 (SP1).
• Migrate existing user profile information by using the Microsoft® Windows® User State
Migration Tool (USMT) version 2.6.
• Installing a Windows XP Professional or Windows XP Tablet PC Edition operating system image
on workstations automatically by using the SMS Operating System Deployment (OSD) Feature
Pack, the Zero Touch Installation (ZTI) scripts, and the ZTI Administration Database
(Admin DB).
• Monitor the deployment process by using Microsoft® Operations Manager (MOM) 2005 and
Solution Accelerator for BDD Reporting.
• Optionally, copy existing user data and preferences from the workstation to a network
deployment server.
• Optionally, create a backup image of the user workstation to a network deployment server.
• Re-partition and format the existing primary hard drive.
• Install a Windows XP Professional or Windows XP Tablet PC Edition operating-system image
that includes enterprise applications such as Office 2003 Editions.
• Dynamically install applications that are specific to the workstation model, such as DVD
software.
• Automatically install previously packaged software specific to the user of the workstation.
• Optionally, restore the user data and preferences that were previously stored on the network
deployment server.
In addition, this process provides guidance on deciding where to place deployment servers and
other planning information.
Background
The work described in this guide typically starts in the MSF Planning phase after a commitment to
plan the deployment has been established. The work will continue through the Deploying phase,
where the workstations are actually re-deployed using the new Windows images.
The MSF Release Management Role Cluster is the primary consumer of the work, because most of
this document focuses on the actual deployment in the production environment. The Release
Management feature team will need to work closely with all the other feature teams to ensure a
timely and successful deployment.
6 Solution Accelerator for Business Desktop Deployment
Prerequisites
Installing, configuring, and using this process for deploying Windows XP operating systems require
personnel who understand and meet certain prerequisites. Those who execute this deployment
process should be familiar with the following concepts:
• USMT 2.6
• SMS 2003 with SP1
• SMS OSD Feature Pack
• MOM 2005
• Remote Installation Services (RIS)
• Microsoft® Windows® Preinstallation Environment (Windows PE) supplied with the SMS OSD
Feature Pack
• Application Compatibility Toolkit (ACT)
• CD image creation
• Network infrastructure, including routers, switches, and firewalls
• Networking services infrastructure, including Domain Name System (DNS), Dynamic Host
Configuration Protocol (DHCP), Windows Internet Naming Service (WINS), and remote access
• Active Directory® directory service infrastructure, including logical and physical design of
infrastructure
• Server capacity planning
• Workstation image creation
• Automated application installation
The Release Management feature team will rely heavily on the development teams that created
the workstation images, USMT process, application packages, network analysis, application
remediation strategies, and hardware inventories to act as escalation contacts for troubleshooting
and resolving problems that arise during the deployment.
Envisioning
The assumption of this guide is that the Envisioning phase of your deployment project is
complete. This guide assumes that you have already chosen to use Solution Accelerator for BDD
in your workstation deployment.
Planning
Figure 2 illustrates the primary activities that occur during the Planning phase. While other teams
are developing images, project plans, and so on, the Release Management feature team is
starting to focus on the existing production environment to decide how to approach the
deployment. The team must look at all the locations and departments whose workstations will be
upgraded and must decide in what order the upgrades will occur.
10 Solution Accelerator for Business Desktop Deployment
Based on your existing environment, you can select any combination of these scenarios in your
deployment. For example, if your organization is only upgrading existing workstation, you need
only the Refresh Computer scenario. If your organization is deploying new workstations for some
the users and upgrading the remaining workstations, you need to use the New Computer and
Refresh Computer scenarios.
Creating the SMS Package That Captures User State Migration Information
To create the SMS package that captures user state migration information, perform the following
steps:
1. Copy the files required for creating the SMS package, which are listed in Table 5, to
\\servername\Packages\OldComputer (where servername is the computer name of the
server hosting the shared folder).
The package sent to the workstation must include the files listed in Table 5. These files are
required to capture the user state information. Table 5 also lists where these files reside
(where servername is the name of the server hosting the shared folder). Copy these files into
a folder that you will use to create the package.
Table 5. Files Required for Creating the SMS Package To Capture User State Information
Files Location
Zerotouchinstallation.vbs \\servername\ZTI
Customsettings.ini \\servername\ZTI
All USMT files \\servername\USMT\*.*
Updateuser.inf \\servername\ZTI
Note By default USMT is installed into the C:\USMT\Bin directory, so be sure to point your USMT share to the Bin
folder to be able to access the source files. The ZTI shared folder is created by sharing the folder were you installed
ZTI.
Note The Packages shared folder contains the all of the source files used to create the OSD packages. You need to
create a folder beneath Packages for each package that you need to deploy.
Creating the SMS Program That Captures User State Migration Information
To create the SMS program that captures user state migration information, perform the following
steps:
1. In the SMS Administrator Console, navigate to Package (where Package is the package you
created in the previous procedure).
2. Expand Package (where Package is the package you created in the previous procedure), right-
click Programs, click New, and then click Program.
Zero Touch Installation Deployment Feature Team Guide 17
3. Complete the Program Property dialog box by using the information in Table 7, and then
click OK.
Table 7. Information Required To Complete the Program Property Dialog Box
On This Tab Do This
General In the Name text box, type OldComputer.
In the Command line text box, type Wscript.exe //b
Zerotouchinstallation.vbs /phase:OldComputer.
Environment In the Program can run text box, select Whether or not a user is
logged on.
Select the Allow users to interact with this program check box.
(username folders) on each workstation, so you will need to include each profile you plan to
migrate.
You also need to know how long the user state migration data must be persisted. You need to
persist the user state migration data in the event that the upgrade fails and you must roll back
the configuration. After you have verified a successful upgrade, you can delete the user state
migration data.
Calculate the storage requirements for user state migration data by multiplying the size of the
user migration state by the number of simultaneous workstations being upgraded (size of
migration × number of simultaneous workstations).
• On a shared folder located on a local server to provide a consistent method of storing user
state migration data or when local storage is not available.
If you elect to store user migration data on the local workstation, you need to designate a shared
folder in which the ZTI process can store user state migration data. (By default, the process
attempts to store user state data on the local hard disk for Refresh Computer scenarios.) In the
event that there is insufficient disk space for the user state and new image, the ZTI process
attempts to store the information in a shared folder. Providing the shared folder as an alternate
storage location makes the deployment process more reliable. Place the shared folder such that
there is a high-bandwidth connection between the shared folder and the workstations.
• Direct network connection to RIS servers, SMS site servers, and SMS distribution points
(Unsupported network connections include virtual private network (VPN) and wireless
connections.)
Note Workstations that attempt to run an SMS 2003 OSD Feature Pack package over a VPN or wireless connection
will not be able to connect to a distribution point after rebooting into Windows PE, causing the deployment process to
fail.
You can use SMS to help determine whether any existing workstations have inadequate system
resources by using SMS queries and reports. You can upgrade these workstations prior to
deploying Windows XP.
If you determine that some workstation system resources are inadequate for deploying
Windows XP, you can perform one of the following actions:
• Upgrade the system resources on the existing workstations.
• Replace the existing workstations with new workstations.
• Eliminate the existing workstations from being part of the upgrade.
The client computer follows this process to receive configuration information from the ZTI
process:
1. The SMS 2003 site server distributes the SMS OSD Feature Pack image, including the
Zerotouchinstallation.vbs script and the Customsettings.ini file, to the SMS 2003 distribution
point.
2. The target client computer downloads the image and initiates the Zerotouchinstallation.vbs
script.
3. The script examines the Customsettings.ini file included in the image and determines where to
retrieve configurations settings.
4. If configuration settings are stored in ZTI Admin DB, the script retrieves the settings from both
the Customsettings.ini file and from the database. Otherwise, only Customsettings.ini is used.
5. The target computer receives all the necessary configuration settings to complete an
unattended installation
Rules known as group-based rules are applied to groupings of client computers. Other rules,
known as client-based rules are applied to specific client computers. In most environments, you
will need to specify group-based and client-based rules to provide all the necessary configuration
parameters for ZTI.
The group-based rules are stored in the Customsettings.ini file, which is deployed with the ZTI
script in the SMS OSD Feature Pack image to workstations. The client-based rules can be stored in
a Microsoft® SQL Server™ database or in the Customsettings.ini file.
Note Throughout this section, you will see examples of how Woodgrove Bank determined the appropriate ZTI
processing rules.
[DefaultGateway] sections or in the configuration settings stored in ZTI Admin DB (as designated
by the SQL keyword in Listing 5).
In most instances, the workstation groupings can be nested. For example, the [DefaultGateway]
key can be used to designate the Internet Protocol (IP) subnets on which a computer resides
within a geographic location. You can define location by using the settings beneath
[DefaultGateway]. In Listing 6
Note When grouping computers by hardware configuration, you can use a variety of different methods and the script
will search for the substituted value. For instance if you specify Priority=Make, the script would substitute the Make value
it determines through a WMI call and look for the corresponding section, for instance [Dell Computer Corporation].
environments, you might expect a one-to-one mapping between default gateway and a
corresponding section.
[DefaultGateway]
172.16.0.3=NYC
172.16.1.3=NYC
172.16.2.3=NYC
172.16.111.3=DALLAS
172.16.112.3=DALLAS
172.16.116.3=WASHINGTON
172.16.117.3=WASHINGTON
[NYC]
UDShare=\\NYC-AM-FIL-01\MigData
SLShare=\\NYC-AM-FIL-01\Logs
Packages1=NYC00010-Install
Packages2=NYC00011-Install
Administrator1=WOODGROVEBANK\NYC Help Desk Staff
[DALLAS]
UDShare=\\DAL-AM-FIL-01\MigData
SLShare=\\DAL-AM-FIL-01\Logs
Administrator1=WOODGROVEBANK\DAL Help Desk Staff
Listing 6. How [DefaultGateway] Can Be Used To Designate Location-Specific Configuration
Settings
Note The complete source to the Customsettings.ini file used in these examples can be found in Settings in
Customsettings.ini Only in Appendix A, Sample Customsettings.ini Files, of this guide.
In addition to the dynamic list of packages that you can install through Packagesx, you can install
a static list of packages by using the Run SWD Program action in the State Restore Phase. These
methods of installing packages differ as follows:
• Using the Packagesx setting in Customsettings.ini allows you to dynamically control the
packages deployed to workstations, so that you can determine which combination of
applications is installed on a workstation.
• When you use the Run SWD Program, every user who installs a package installs the same list
of applications within that package. As a result, you need to create a new program for each
different combination of applications you want to deploy.
28 Solution Accelerator for Business Desktop Deployment
When you use either method of installing the packages, you must ensure that the SMS package
programs:
• Are enabled
• Require no user intervention
• Can run unattended from a UNC path
• Have source files
Note An additional requirement for dynamically installed packages is that they cannot initiate a
reboot. For more information about the configuration settings available in Customsettings.ini, see Appendix B,
Customsettings.ini Reference, later in this guide.
[00:03:FF:CB:4E:C2]
OSDNEWMACHINENAME=WasW2K
[00:0F:20:35:DE:AC]
OSDNEWMACHINENAME=HPD530-1
OSDINSTALLPACKAGE=DAL00342
OSDINSTALLPROGRAM=CustomXP
[00:03:FF:FE:FF:FF]
OSDNEWMACHINENAME=BVMXP
OSDINSTALLPACKAGE=NYC00002
OSDINSTALLPROGRAM=SpecialXP
Listing 7. How Woodgrove Identified Workstations
30 Solution Accelerator for Business Desktop Deployment
Note For more information on Operating System Image Installation CD Wizard, see the Creating
the ZTI OS Image Installation CD section later in this document. For more information about the
configuration settings available in Customsettings.ini, see Appendix B, Customsettings.ini Reference, later in this guide.
A workstation-based configuration setting typically appears under only one workstation because
the configuration setting is unique to that workstation. In instances in which a configuration
setting is being applied to several workstations, use group-based processing rules, instead.
Remember that if a group-based setting has a higher priority and the configuration setting was
found in that group, the workstation-specific settings are ignored. For more information about ZTI
processing rule priority, see Prioritizing ZTI Processing Rules later in this guide.
[00:03:FF:CB:4E:C2]
OSDNEWMACHINENAME=WasW2K
[00:0F:20:35:DE:AC]
OSDNEWMACHINENAME=HPD530-1
OSDINSTALLPACKAGE=DAL00342
OSDINSTALLPROGRAM=CustomXP
32 Solution Accelerator for Business Desktop Deployment
[00:03:FF:FE:FF:FF]
OSDNEWMACHINENAME=BVMXP
OSDINSTALLPACKAGE=NYC00002
OSDINSTALLPROGRAM=SpecialXP
Listing 8. Workstation Configuration Settings in Customsettings.ini
Listing 9 illustrates excerpts from a Woodgrove Bank Customsettings.ini file in which the
workstation-configuration settings are stored in the ZTI AdminDB database. In this example, the
workstation-based configuration settings are applied after group-based configuration settings
because SQL is the second entry in the Priority attribute (immediately behind
DefaultGateway).
[DefaultGateway]
172.16.0.3=NYC
172.16.111.3=DALLAS
172.16.116.3=WASHINGTON
.
.
.
[NYC]
SQLDefault=DB_NYC
[DALLAS]
SQLDefault=DB_DAL
[WASHINGTON]
SQLDefaul=DB_WSG
[DB_NYC]
SQLServer=NYC-AM-SMS-01
Database=BDDAdminDB
Table=BDDAdminCore
Parameters=MacAddress
[DB_DAL]
SQLServer=DAL-AM-FIL-01
Database=BDDAdminDB
Table=BDDAdminCore
Parameters=MacAddress
[DB_WSG]
SQLServer=WSG-AM-DC-01
Database=BDDAdminDB
Table=BDDAdminCore
Parameters=MacAddress
Listing 9. Workstation Configuration Settings in the ZTI AdminDB Database
Zero Touch Installation Deployment Feature Team Guide 33
The example in Listing 9 shows that each location has unique SQL configuration settings to
connect to the ZTI AdminDB database. For example, at the NYC location, the configuration
settings point to the local SQL Server machine on which the ZTIAdminDB database is stored (NYC-
AM-SMS-01). The database name (BDDAdminDB), the table in the database (BDDAdminCore), and
the query parameter used to locate the workstation (MacAddress) is also listed.
Note If you want to locate workstations by asset tags, change the MacAddress value to AssetTag or any other method
of uniquely identifying the workstation.
reference the information by accessing the workstation-specific settings you stored in the
AdminDB database.
To call a stored procedure from within Zerotouchinstalltaion.vbs, you need to configure
Customsettings.ini as follows:
1. Add a value to the Priority setting, IdentifyComputer, which references a section that defines
the stored procedure as illustrated in Listing 11.
2. Create a section,[IdentifyComputer], that defines a subsection, [DB_IdentifyComputer], which
contains all the configuration settings for the SQL connection to the stored procedure as
illustrated in Listing 11.
3. Complete the section, [DB_IdentifyComputer], which contains all the necessary information to
call the stored procedure as illustrated in Listing 11.
Notice that the stored procedure in Listing 11, IdentifyComputer, is called with the following
parameters:
• MacAddress
• Make
• Model
[Settings]
Priority= DefaultGateway, IdentifyComputer, SQL, Default
.
.
.
[IdentifyComputer]
SQLDefault=DB_IdentifyComputer
[DB_IdentifyComputer]
SQLServer=SERVER1
Database=BDDAdminDB
StoredProcedure=IdentifyComputer
Parameters=MacAddress, Make, Model
Listing 11. Defining Custom Stored Procedure Function in the [Settings] Ssection
Developing
Figure 7 shows the activities that occur during the Developing phase. Most of these activities
involve preparation of the servers used to install applications and migrate existing user data.
These tasks may be repetitive depending on your deployment strategy. Some deployments may
require that the following sequence of server installation, stabilization, and deployment be
repeated several times, either serially or in parallel, to complete an organization-wide
deployment.
36 Solution Accelerator for Business Desktop Deployment
The following sections describe the steps necessary to prepare the deployment process:
• Roles and Responsibilities
• Milestones in the Developing Phase
• Preparing the RIS Server
• Installing Solution Accelerator for BDD
• Configuring the Appropriate Resource Access
• Configuring the ZTI Operating System Image
• Creating the ZTI Operating System Image Installation CD
• Configuring the ZTI Processing Rules
• Preparing the Windows PE CDs and Images
Note For more information about adding additional network drivers to your RIS image, see Preparing the RIS Server in
the Computer Imaging System Feature Team Guide, Enterprise Edition.
Zero Touch Installation Deployment Feature Team Guide 39
You need to perform additional RIS configuration that is specific to using Windows PE in the ZTI
deployment process. To configure the RIS server to support Windows PE in the ZTI deployment
process, perform the following steps:
1. Disable the creation of the Windows PE computer account in Active Directory.
2. Disable Windows PE logging on the RIS server.
3. Automate the RIS Client Installation Wizard.
To disable Windows PE logging on the RIS server, perform the following steps:
1. Modify the registry settings in the Windows PE image on the RIS server.
2. Set read-only access on the Setupapi.log file in the Windows PE image on the RIS server.
3. In the Setupapi.log Properties dialog box, select Read-only, and then click OK.
4. Close Windows Explorer.
To automate the RIS Client Installation Wizard, perform the following steps:
1. Enable the Tools option in the Choice Options dialog box, and disable all other options.
2. Modify the Tools.osc file to enable automated installation.
3. Modify the Login.osc file to further automate installation.
4. Modify the Welcome.osc, Install.osc, and Oschoice.osc files to further automate installation.
Modifying Tools.osc
You need to modify Tools.osc so that RIS automatically selects the default tool without waiting for
interaction.
To modify the Tools.osc file, perform the following steps:
1. On the RIS server, start Notepad.
2. In Notepad, open ToolsPath\Tools.osc (where ToolsPath is the path to the Template folder of
the Windows PE image that you want to modify)—for example,
\RemoteInstall\Setup\English\Images\RIS\I386\Templates.
3. In the Tools.osc file, locate the entry <SELECT NAME="SIF" NOAUTO SIZE=12>, which
Listing 14 shows.
<OSCML>
<META KEY=F3 ACTION="REBOOT">
<META KEY=F1 HREF="TOOLSHLP">
<META KEY=ESC HREF="CHOICE">
<META SERVER ACTION="ENUM TOOLS CMDCONS">
<TITLE> Client Installation Wizard Tools</TITLE>
<FOOTER> [ENTER] continue [ESC] go back [F1] help [F3] restart computer</FOOTER>
<BODY left=5 right=75>
<BR>
<BR>
Use the arrow keys to select one of the following options:
42 Solution Accelerator for Business Desktop Deployment
<BR>
<P left=8>
<FORM ACTION="LAUNCH">
<SELECT NAME="SIF" NOAUTO SIZE=12>
%OPTIONS%
</SELECT>
</FORM>
</P>
<BOLD>Description:</BOLD>  
<TIPAREA>
</BODY>
</OSCML>
Listing 14. Original Version of Tools.osc
4. Remove NOAUTO from the entry, as illustrated in Listing 15.
<OSCML>
<META KEY=F3 ACTION="REBOOT">
<META KEY=F1 HREF="TOOLSHLP">
<META KEY=ESC HREF="CHOICE">
<META SERVER ACTION="ENUM TOOLS CMDCONS">
<TITLE> Client Installation Wizard Tools</TITLE>
<FOOTER> [ENTER] continue [ESC] go back [F1] help [F3] restart computer</FOOTER>
<BODY left=5 right=75>
<BR>
<BR>
Use the arrow keys to select one of the following options:
<BR>
<P left=8>
<FORM ACTION="LAUNCH">
<SELECT NAME="SIF" SIZE=12>
%OPTIONS%
</SELECT>
</FORM>
</P>
<BOLD>Description:</BOLD>  
<TIPAREA>
</BODY>
</OSCML>
Listing 15. Modified Version of Tools.osc
5. Save the file, and then close Notepad.
Customizing Login.osc
To customize Login.osc to provide credentials for authentication, complete the following steps:
1. Use a text editor to open the file \RemoteInstall\OSChooser\English\login.osc.
2. Replace the string "*****" with the username and password values appropriate for your
environment.
For example, if you used OSDUser for the USERNAME value and Deploy101 for the PASSWORD
value, the edited lines are:
<INPUT NAME="USERNAME" MAXLENGTH=255 TYPE=TEXT VALUE=OSDUser>
<INPUT NAME="*PASSWORD" TYPE=PASSWORD MAXLENGTH=20 VALUE=Deploy101>
<OSCML>
<TITLE> SMS OSD Client Installation Wizard Logon</TITLE>
<FOOTER> [ENTER] continue [ESC] clear [F1] help [F3] restart computer</FOOTER>
<META KEY=F3 ACTION="REBOOT">
<META KEY=F1 HREF="LOGINHLP">
<META KEY=ESC HREF="LOGIN">
<META ACTION="LOGIN">
<META ACTION=AUTOENTER>
<BODY left=5 right=75>
Type a valid user name, password, and domain name. You may use the Internet-style logon format (for example:
Username@Company.com).
<FORM ACTION="CHOICE">
  User name: <INPUT NAME="USERNAME" MAXLENGTH=255 TYPE=TEXT VALUE=osduser>
   Password: <INPUT NAME="*PASSWORD" TYPE=PASSWORD MAXLENGTH=20 VALUE=Deploy101>
Domain name: <INPUT NAME="USERDOMAIN" VALUE=%SERVERDOMAIN% MAXLENGTH=255>
</FORM>
Press the TAB key to move between the User name, Password, and Domain name fields.
Note For more information about installing the SMS 2003 OSD Feature Pack, see Microsoft Systems Management
Server 2003 Operating System Deployment Feature Pack Users Guide in the Additional Resources section of this guide.
4. Set the NTFS file system folder permissions on ZTIFolder (where ZTIFolder is the name of the
folder into which you installed the ZTI files)to the following permissions:
Zero Touch Installation Deployment Feature Team Guide 45
Note You also need to include the Sqloledb.rll file in the Windows PE image. For more information about how to include
files in Windows PE images, see the Microsoft Windows Preinstallation Environment User's Guide (Winpe.chm) in the Docs
folder of the Windows PE 2004 CD or review the online documentation related to Windows PE at
http://www.microsoft.com/whdc/system/winpreinst/default.mspx
2. Set the following NTFS file system folder permissions on USMTFolder (where USMTFolder is the
name of the folder in which you installed the USMT files):
• Authenticated Users: Read
• Administrators: Full Control
3. Share USMTFolder (where USMTFolder is the name of the folder <typically Bin> in which you
installed the USMT files)with the following shared folder permissions:
• Authenticated Users: Read
• Administrators: Full Control
Note For the remainder of this document, the shared folder created in this step will be referred to as the USMT
shared folder.
3. Multiply the size of the database you calculated in step 1 by the number you determined in
step 2: This is the size of the data portion of the database.
For example, if you want to deploy to approximately 10,000 computers and you have three
administrators, the size of the data portion of the database will be 150 MB (3.5 KB × 10,000 ×
(3 + 2)).
4. Multiply the size of the data portion of the database you calculated in step 3 by 1.5. This is the
size of the transaction log portion of the database.
For example, if you determine that the data portion of the database is 150 MB, the size of the
transaction log portion of the database will be 225 MB (150MB × 1.5).
5. Add the size of the data portion and the transaction log portion of the database to determine
the total size of the AdminDB database.
You must ensure that the SQL Server you select to host the AdminDB database has sufficient disk
capacity to store the AdminDB database.
Configuring the Database and Log Settings for the AdminDB Console
The AdminDB console need to be configured so that the console uses the appropriate data source
for the database you created earlier in the process. In addition, you need to configure the location
where the console will store log files.
To configure the database and log settings for the AdminDB console, perform the following steps:
1. Use an Extensible Markup Language (XLM) editor such as Microsoft® Office FrontPage® 2003
or Notepad to edit the AdminDB\GUI\Bddadmindb config file (where AdminDB is the folder
in which you copied the AdminDB folder).
2. Modify the SQL OLE DB connect string located at approximately line 19 to connect to
SQLServer (where SQLServer is the same SQL Server machine that SMS uses), as shown in
Listing 16.
<add key="ConnectionString" value="Provider=sqloledb;Data Source=(SQLServer); Integrated
Security=SSPI;Initial Catalog=BDDAdminDB" />
Listing 16. Configuring the name of the SQL Server that hosts the AdminDB database
3. Modify the SQL OLE DB connect string located at approximately line 19 to connect to
Database (where Database is the name of the AdminDB database), as shown in Listing 17.
48 Solution Accelerator for Business Desktop Deployment
6. Repeat steps 3–5 for each client access account you need to create.
7. In the SMS Administrator Console, navigate to the Component Configuration node, as
illustrated in Figure 9.
50 Solution Accelerator for Business Desktop Deployment
You can divide the authentication requirements into authentication required for:
• The Package Selection phase.
• All other phases.
LocalImage=Yes
WizTitle=XPSP2
AllowMachineName=No
SiteCode=SMS
ManagementPoint=SERVER1:80
Reserved1=5EDBD289503F9DA5B84F6BA5320EACCB250DA92CA96A46E265F7732A4071BF0BD196976C659D66
Reserved2=E35E5E17C5AD023A280D3DBC9D5C0DF0042E583113F3A183CE7A9DDE0E15640B29D4AFC6BE517A
Reserved3=66AEA099AE219FD2A1AB1C4E97D1D3E9C67E58F60B
[UserCommand]
CommandLine=""\\Server1\SMSPKGE$\SMS00001\ZeroTouchInstallation.vbs" /phase:NewComputer" /scriptlog
NetworkShare=\\Server1\SMSPKGE$\SMS00001
Reserved1=2BDEF2AE706BC58AEA1B1DF04F0BD8CF5C0AAB5DDB1F43E25F2D6967E794E2F62416DCD3736A27
Reserved2=965B5E10C5D97A355AA70B0082C94BADE1A90C403969116AF008F0618690CDAFB7A374FD7E7E56
Reserved3=C3ABADA631DDDC0686C3C3CFF748EB6F0E5FCE89AD
Where:
• Unencryptedcredentials.ini is the name of the file that contains your unencrypted
credentials (as illustrated in Listing 19).
• Encryptionkey.txt is the name of the file that contains the key pair used for encryption.
• Decrypt.vbs. Used to decrypt the credentials stored in Encryptedsettings.ini and place the
unencrypted credentials in a file by using an encryption key stored in another file.
Cscript Decrypt.vbs Encryptedcredentials.ini Encryptionkey.txt Unencryptedcredentials.ini
Where:
• Unencryptedcredentials.ini is the name of the file that contains your unencrypted
credentials (as illustrated in Listing 19).
• Encryptionkey.txt is the name of the file that contains the key pair used for encryption.
Note Encrypt.vbs and Decrypt.vbs are installed during the BDDEnterprise.msi process.
[Server]
NYC-AM-FIL-01=WOODGROVEBANK\NYCUtil;P@ssword
DAL-AM-FIL-01=WOODGROVEBANK\DALUtil;password!
[SQL]
NYC-AM-SQL-04=sa;password
Field Value
Name Zero Touch Installation—State Capture
Command Zerotouchinstallation.vbs/phase:StateCapture
line
Files \\servername\ZTI\Customsettings.ini
\\servername\ZTI\Dbnmpntw.dll
\\servername\ZTI\Zerotouchinstallation.vbs
\\servername\ZTI\Sqloledb.rll
\\servername\ZTI\Updateuser.inf
\\servername\USMT\*.*
Listing 20 shows a sample Updateuser.ini. In this example, all user profiles are migrated except
any user profiles for users that exist:
• On the local computer (%Computername%\*).
• In the APPDOMAIN domain (APPDOMAIN\*).
[IncludeUsers]
*\*
.
.
.
[ExcludeUsers]
%Computername%\*
APPDOMAIN\*
6. Complete the custom actions by using the information listed in Table 27, where servername is
the name of the server hosting the shared folder.
Table 27. Configuration Information for the Preinstall Phase Actions
Field Value
Name Zero Touch Installation—Preinstall
Command Zerotouchinstallation.vbs/phase:Preinstall
line
Files \\servername\ZTI\Customsettings.ini
\\servername\ZTI\Dbnmpntw.dll
\\servername\ZTI\Zerotouchinstallation.vbs
\\servername\ZTI\Sqloledb.rll
Note If the Logs or Migdata shared folders, created earlier in the process, are located on a server other than the
distribution point containing your image packages, you will need to add a Connect to UNC custom action as the first item
in the Preinstall phase. The syntax of this action would be something like %UDShare%.
1. In the SMS Administrator Console, expand Image Packages, expand Package, then click
Programs (where Package is the name of the package you want to configure).
2. In the details pain, double-click Program (where Program is the name of the program that you
want to configure).
3. In the Program Properties dialog box, click the Advanced tab (where Program is the name
of the program that you want to configure).
4. In the Phase drop-down list, select State Restore, and then click Add.
5. In the list of action types, select Custom, and then click OK.
6. Complete the custom actions by using the information listed in Table 29, where servername is
the name of the server hosting the shared folder.
Table 29. Configuration Information for the State Restore Phase Actions
Field Value
Name Zero Touch Installation—State Restore
Command Zerotouchinstallation.vbs/phase:StateRestore
line
Files \\servername\ZTI\Capicom.dll
\\servername\ZTI\Customsettings.ini
\\servername\ZTI\Dbnmpntw.dll
\\servername\ZTI\Zerotouchinstallation.vbs
\\servername\ZTI\Sqloledb.rll
\\servername\ZTI\Updateuser.inf
\\servername\USMT\*.*
\\servername\SMS_XXX\OSD\OSDSWDExec.exe (where XXX is the site code of
your SMS site server)
\\servername\\SMS_XXX\OSD\OSDConnectToUNC.exe (where XXX is the site
code of your SMS site server)
Note For troubleshooting purposes in your lab environment, you may want to include the /debug:true switch to the
end of your command line in each phase. This causes OSD to retain the C:\MININT directory, instead of deleting it, when
complete. This allows you to review the logs when any error occurs.
Note The Zerotouchinstallation.vbs file must reside on the same server as the
distribution point on which your image packages reside, because you do not have
the option to provide a second set of credentials to connect to a different server
(Connect to UNC).
Windows PE Settings If additional network drivers are required, select the Include
additional network drivers from this location check box, and
then type DriverPath (where DriverPath is the fully qualified path to
any additional network drivers required in your environment).
If additional storage drivers are required, select the Include
additional storage drivers from this location check box, and
then type DriverPath (where DriverPath is the fully qualified path to
any additional storage drivers required in your environment).
Click Next.
Create CD Image In the Name text box, type CDName (where CDName is the name
of the CD image).
In the File name text box, type CDFileName (where CDFileName is
the file name for the CD image).
Wizard Complete Click Finish.
In the .iso image that you create, there is a file named Ripinfo.ini. Ripinfo.ini is an answer file used
by RIS to automate the installation of your operating system. When you are booting Windows PE
from a RIS server, Ripinfo.ini also includes:
• The command line for the script used to automate your installation
• The list of available packages in the image.
You need to update your images when either of the items listed above change. While you can edit
the Ripinfo.ini file directly, it is recommended that you create a new image by using the Operating
System Image Installation CD wizard. The wizard will automatically update Ripinfo.ini to reflect
any changes in the command line or available packages.
determined the appropriate ZTI processing rules to use in your organization. Now you need to
configure those rules in the Customsettings.ini or in the AdminDB database.
To configure the ZTI processing rules, perform these steps:
1. Configure group-based rules in Customsettings.ini.
2. Modify the AdminDB database schema.
3. Configure workstation-based rules.
4. Update ZTI processing rules in the SMS OSD Feature Pack image.
Note For more information about determining the appropriate ZTI processing rules, see Determining the Appropriate
ZTI Processing Rules earlier in this guide. For more information about the Customsettings.ini file, see Appendix B,
Customsettings.ini Reference, later in this guide.
<!-- Column values --> <!-- Graphic section In the <!-- Column values --> section, modify
--> in the the column description and data type listed.
BDDadminDB.hta file
Update AdminDB Modify the schema documentation to reflect
schema documentation the actual schema.
Update AdminDB .csv Modify the .csv documentation to reflect the
documentation actual schema.
Bddadmindb-Create.sql \database folder Use SQL Query Analyzer to modify the script
to create the tables based on the modified
schema.
Zero Touch Installation Deployment Feature Team Guide 65
6. Disable Bddadmindb.hta file debugging by replacing all occurrences of ’On Error Resume
Next with On Error Resume Next.
The AdminDB console has other functions that are outside the processes described here. Table 32
lists the additional functions and provides a brief description of how to use them.
Table 32. Other AdminDB Console Database Functions and Their Descriptions
Functions Description
Update Allows you to perform maintenance on existing database entries (add, delete,
and update); use this function when you want to modify the AdminDB database
based on the .csv file instead of replacing the entire database
Export Exports the existing database entries to a .csv file
Rollback Restores the database to the version prior to the last Import or Update action
performed
Each Replace or Update function creates a complete backup of the AdminDB database. The
Rollback function uses this backup to restore the database to a state prior to the last Import or
Update action performed. The database backups are performed on a username-by-username
basis.
For example, if two ZTI administrators, Admin-A and Admin-B, are responsible for managing a
single AdminDB database, a separate backup of the last Replace or Update action is maintained
for each administrator, which can result in lost information. Consider the sequence of actions and
their results listed in Table 33.
Table 33. Example of Database Actions and the Results of Performing a Rollback
Action Results
Admin-A performs an Backup copy of the database is made for Admin-A
Zero Touch Installation Deployment Feature Team Guide 67
Note Because a backup copy of the AdminDB database information is persisted for each ZTI administrator, limit the
number of ZTI administrators to reduce the disk space used by the AdminDB database.
For each SMS OSD Feature Pack image that you need to update, perform the following steps:
1. Copy the modified Customsettings.ini file to \\servername\ZTI. (where servername is the
name of the server hosting the shared folder).
2. On the SMS site server or workstation on which you installed the SMS 2003 OSD Feature Pack,
start the SMS Administrator Console.
3. In the SMS Administrator Console, browse to OSDPackage (where OSDPackage is the name of
the SMS OSD Feature Pack image that you want to update).
68 Solution Accelerator for Business Desktop Deployment
4. Right-click OSDPackage (where OSDPackage is the name of the SMS OSD Feature Pack image
that you want to update), click All Tasks, and then click Update Operating System
Package Files.
5. Right-click OSDPackage (where OSDPackage is the name of the SMS OSD Feature Pack
image that you want to update), click All Tasks, and then click Update Distribution Points.
6. Close the SMS Administrator Console.
Note For more information about how to add WMI support to Windows PE, see the Microsoft Windows Preinstallation
Environment User's Guide (Winpe.chm) in the Docs folder of the Windows PE 2004 CD.
Zero Touch Installation Deployment Feature Team Guide 69
You can also use the Computer Imaging System Configuration Tool (Config.hta) to add WMI
support to Windows PE. Config.hta is included as a utility in Solution Accelerator for BDD.
Config.hta allows you to build, configure and customize images. Config.hta also lets you
determine actions to occur after the operating system installation is complete. For more
information about creating images by using Config.hta, see Computer Imaging System Feature
Team Guide, Enterprise Edition in Additional Resources later in this guide.
Modifying Winbom.ini
To make the appropriate modifications to Winbom.ini, perform the following steps:
1. Open the Winbom.ini file in Notepad.
2. Beneath the WinPE section, open a new line, and then type Quiet=Yes.
3. Save the file, and then close Notepad.
4. Copy the Winbom.ini file to the I386\System32 folder in the Windows PE image you created.
To add support to your RIS image for additional network adapters, copy the files shown in Table
35 (where RISImagePath is the path to the root of the RIS image—for example,
D:\RemoteInstall\Setup\English\Images\WinPE15).
Table 35. Source Network Driver Files and Where To Copy Them in a RIS Image
Copy These Files To
*.sys • RISImagePath\I386
• RISImagePath\I386\system32\drivers
*.inf • RISImagePath\I386
• RISImagePath\I386\inf
*.din, *.bin, *.exe, or other • RISImagePath\I386
files
• RISImagePath\I386\system32
For more information about adding additional network adapters to RIS, see the following
resources:
• Microsoft Knowledge Base Article 823658: “The Operating System Image You Selected Does
Not Contain the Necessary Drivers for Your Network Adapter.” This error message occurs
during the text-mode part of Setup when you use RIS to deploy an operating system image.
(Refer to the Addition Resources section of this guide.)
Zero Touch Installation Deployment Feature Team Guide 71
• Microsoft Knowledge Base Article 246184, “How To Add Third-Party OEM Network Adapters to
RIS Installations,” which is available in the Additional Resources section of this guide.
Stabilizing
Figure 12 shows the detailed activities that must be performed during the Stabilizing phase prior
to initiating the deployment to production workstations. These activities include testing each
server component as well as testing the Windows PE CDs to assure proper operation. The results
of this testing are documented in a test report, which is one of the deliverables.
Figure 13. Sequence of lab testing and pilot deployment in the deployment process
During the lab tests and pilot deployments, you need to:
• Test the Solution Accelerator for BDD Deployment Process As early as possible in your
deployment process, start testing components of your deployment plan. In the early stages,
the type of your testing will be more proof-of-concept and focus on individual components. In
the later stages, testing will focus on the overall process. For more information about testing
the Solution Accelerator for BDD deployment process, see the Test Feature Team Guide and
the Test Case Workbook.
• Document Common Deployment Problems and Resolutions As you are going through
the various stages of testing and pilot deployments, document any deployment problems that
you encounter along with a resolution. For some examples of common deployment problems
and resolutions, see Appendix I, Resolving Common ZTI Deployment Problems, later in this
guide. The deployment problems listed in this appendix are those found during the testing of
these procedures in a lab environment and actual deployments. However, you need to
perform your own testing to discover any issues that are unique to your environment.
• Document Troubleshooting Procedures and Diagnostic Tools You need to document
any troubleshooting procedures and diagnostic tools used during lab testing and pilot
deployments. For information about common deployment problems, see Appendix J, ZTI
Troubleshooting Procedures and Diagnostic Tools, later in this guide.
• Revise Deployment Plans After you have completed your lab tests and pilot deployments,
revise your deployment plans to reflect any issues and resolutions that you discovered. Ensure
these revised plans are provided to the deployment teams along with the deployment
problems and resolutions, troubleshooting procedures, and diagnostic tools.
Deploying
With the Deploying and Stabilizing phases complete, the servers are ready to process workstation
deployments. Figure 14 provides the detailed task breakdown for the Deploying phase.
Zero Touch Installation Deployment Feature Team Guide 75
Transitioning to Operations
After the initial deployment is complete and proper workstation operation has been verified, the
process is transitioned from a deployment initiative to an operating initiative. The information
technology (IT) operations group is then responsible for the ongoing workstation maintenance and
support. This process is typically well structured and formal, where documentation, knowledge,
and other materials are formally transferred from one group to another.
the team will know that those workstations should operate as before and should not initiate
support calls based on the deployment.
• Are pending deployment. The Operations feature team needs to know if workstations in the
group are still pending deployment. For those workstations, they will forward support issues
back to the Deployment feature team.
In addition, you need to communicate any updates to troubleshooting procedures and diagnostic
tools since the last group of workstations was transitioned.
Note For more information about troubleshooting procedures and diagnostic tools, see Appendix I, Resolving Common
ZTI Deployment Problems, later in this guide.
Additional Resources
• MSF Team Model
http://www.microsoft.com/downloads/details.aspx?FamilyID=c54114a3-7cc6-4fa7-ab09-
2083c768e9ab&DisplayLang=en
• DiskPart
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-
us/diskpart.mspx
• Computer Imaging System Feature Team Guide, Enterprise Edition
Included in Solution Accelerator for BDD
• Lite Touch Deployment Feature Team Guide, Enterprise Edition
Included in Solution Accelerator for BDD
• Microsoft Knowledge Base Article 823658, “The Operating System Image You Selected Does
Not Contain the Necessary Drivers for Your Network Adapter”
http://support.microsoft.com/?id=823658
• Microsoft Knowledge Base Article 246184, “How To Add Third-Party OEM Network Adapters to
RIS Installations”
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B246184
• Description of Client Installation Wizard Screens for Remote Installation Services
http://support.microsoft.com/default.aspx?scid=kb;en-us;268325
• SMS 2003 SP1 Product Overview
http://www.microsoft.com/smserver/evaluation/overview/default.asp
• Business Desktop Deployment User State Migration Feature Team Guide
http://www.microsoft.com/technet/itsolutions/techguide/mso/bdd/bddusmt.mspx
• Microsoft Systems Management Server 2003 Operating System Deployment Feature Pack
Users Guide
Included in the SMS 2003 OSD Feature Pack
Zero Touch Installation Deployment Feature Team Guide 79
[Settings]
Priority= MACADDRESS, DefaultGateway, Default
CustomKeysUserData=UDShare,UDDir,UDProfiles,SLShare,OSInstall,Packages(*),Administrators(*)
CustomKeysSysprep=ComputerName,TimeZone,JoinDomain,MachineObjectOU
OSDVariableKeys=OSDINSTALLSILENT,OSDINSTALLPACKAGE,OSDINSTALLPROGRAM,OSDNEWMACHINENAME
ScanStateArgs=/i:miguser.inf /i:migapp.inf /i:migsys.inf /i:sysfiles.inf /i:updateuser.inf /v:7 /x /s /f /o
/c
LoadStateArgs=/v:7 /c
UserExit=ZTIUserExit.vbs
[Default]
UDShare=\\NYC-AM-FIL-01\MigData
SLShare=\\NYC-AM-FIL-01\Logs
UDProfiles=*\*
OSDINSTALLSILENT=1
OSDINSTALLPACKAGE=NYC00001
OSDINSTALLPROGRAM=InstallXP
TimeZone=010
JoinDomain=WOODGROVEBANK
MachineObjectOU= OU=Workstations,DC=americas,DC=corp,DC=woodgrovebank,DC=com
ComputerName=%OSDNEWMACHINENAME%
UDDir=%OSDCOMPUTERNAME%
OSInstall=Y
[DefaultGateway]
172.16.0.3=NYC
172.16.111.3=DALLAS
172.16.116.3=WASHINGTON
[NYC]
UDShare=\\NYC-AM-FIL-01\MigData
80 Solution Accelerator for Business Desktop Deployment
SLShare=\\NYC-AM-FIL-01\Logs
Packages1=NYC00010-Install
Packages2=NYC00011-Install
Administrator1=WOODGROVEBANK\NYC Help Desk Staff
[DALLAS]
UDShare=\\DAL-AM-FIL-01\MigData
SLShare=\\DAL-AM-FIL-01\Logs
SQLDefault=DB_DAL
Administrator1=WOODGROVEBANK\DAL Help Desk Staff
[WASHINGTON]
UDShare=\\WSG-AM-FIL-01\MigData
SLShare=\\WSG-AM-FIL-01\Logs
Administrator1=WOODGROVEBANK\WSG Help Desk Staff
[00:03:FF:CB:4E:C2]
OSDNEWMACHINENAME=WasW2K
TimeZone=004
[00:0F:20:35:DE:AC]
OSDNEWMACHINENAME=HPD530-1
TimeZone=008
[00:03:FF:FE:FF:FF]
OSDINSTALLPACKAGE=NYC00002
OSDINSTALLPROGRAM=SpecialXP
OSDNEWMACHINENAME=BVMXP
[SysprepInfMapping]
ComputerName=UserData
TimeZone=GuiUnattended
JoinDomain=Identification
MachineObjectOU=Identification
[Settings]
Priority= DefaultGateway, SQL, Default
CustomKeysUserData=UDShare,UDDir,UDProfiles,SLShare,OSInstall,JoinDomain
CustomKeysSysprep=ComputerName,TimeZone,JoinDomain,MachineObjectOU
OSDVariableKeys=OSDINSTALLSILENT,OSDINSTALLPACKAGE,OSDINSTALLPROGRAM,OSDNEWMACHINENAME
ScanStateArgs=/i:miguser.inf /i:migapp.inf /i:migsys.inf /i:sysfiles.inf /i:updateuser.inf /v:7 /x /s /f /o
/c
LoadStateArgs=/v:7 /c
UserExit=ZTIUserExit.vbs
Zero Touch Installation Deployment Feature Team Guide 81
[Default]
UDShare=\\NYC-AM-FIL-01\MigData
SLShare=\\NYC-AM-FIL-01\Logs
UDProfiles=*\*
OSDINSTALLSILENT=1
OSDINSTALLPACKAGE=NYC00001
OSDINSTALLPROGRAM=InstallXP
TimeZone=010
JoinDomain=americas.corp.woodgrovebank.com
MachineObjectOU= OU=Workstations,DC=americas,DC=corp,DC=woodgrovebank,DC=com
ComputerName=%OSDNEWMACHINENAME%
UDDir=%OSDCOMPUTERNAME%
OSInstall=Y
[DefaultGateway]
172.16.0.3=NYC
172.16.111.3=DALLAS
172.16.116.3=WASHINGTON
[NYC]
SQLDefault=DB_NYC
[DALLAS]
SQLDefault=DB_DAL
[WASHINGTON]
SQLDefaul=DB_WSG
[DB_NYC]
SQLServer=NYC-AM-SMS-01
Database=BDDAdminDB
Table=BDDAdminCore
Parameters=MacAddress
[DB_DAL]
SQLServer=DAL-AM-FIL-01
Database=BDDAdminDB
Table=BDDAdminCore
Parameters=MacAddress
[DB_WSG]
SQLServer=WSG-AM-DC-01
Database=BDDAdminDB
Table=BDDAdminCore
Parameters=MacAddress
[SMS]
SQLServer=NYC-AM-SMS-01
Database=SMS_NYC
Table=v_Program
Parameters=PackageID,ProgramName
[SysprepInfMapping]
ComputerName=UserData
TimeZone=GuiUnattended
JoinDomain=Identification
MachineObjectOU=Identification
82 Solution Accelerator for Business Desktop Deployment
[Settings]
Priority= DefaultGateway, MACADDRESS, SQL, Default
CustomKeysUserData=UDShare,UDDir,UDProfiles,SLShare,OSInstall,JoinDomain
CustomKeysSysprep=ComputerName,TimeZone,JoinDomain,MachineObjectOU
OSDVariableKeys=OSDINSTALLSILENT,OSDINSTALLPACKAGE,OSDINSTALLPROGRAM,OSDNEWMACHINENAME
ScanStateArgs=/i:miguser.inf /i:migapp.inf /i:migsys.inf /i:sysfiles.inf /i:updateuser.inf /v:7 /x /s /f /o
/c
LoadStateArgs=/v:7 /c
UserExit=ZTIUserExit.vbs
[Default]
UDShare=\\NYC-AM-FIL-01\MigData
SLShare=\\NYC-AM-FIL-01\Logs
UDProfiles=*\*
OSDINSTALLSILENT=1
OSDINSTALLPACKAGE=NYC00001
OSDINSTALLPROGRAM=InstallXP
TimeZone=010
JoinDomain=americas.corp.woodgrovebank.com
MachineObjectOU= OU=Workstations,DC=americas,DC=corp,DC=woodgrovebank,DC=com
ComputerName=%OSDNEWMACHINENAME%
UDDir=%OSDCOMPUTERNAME%
OSInstall=Y
[DefaultGateway]
172.16.0.3=NYC
172.16.111.3=DALLAS
172.16.116.3=WASHINGTON
[NYC]
UDShare=\\NYC-AM-FIL-01\MigData
SLShare=\\NYC-AM-FIL-01\Logs
UDProfiles=*\*
JoinDomain=americas.corp.woodgrovebank.com
MachineObjectOU= OU=Workstations,DC=americas,DC=corp,DC=woodgrovebank,DC=com
SQLDefault=DB_NYC
[DALLAS]
UDShare=\\DAL-AM-FIL-01\MigData
SLShare=\\DAL-AM-FIL-01\Logs
JoinDomain=americas.corp.woodgrovebank.com
Zero Touch Installation Deployment Feature Team Guide 83
UDProfiles=*\*
SQLDefault=DB_DAL
[WASHINGTON]
UDShare=\\WSG-AM-DC-01\MigData
SLShare=\\WSG-AM-DC-01\Logs
UDProfiles=*\*
JoinDomain=americas.corp.woodgrovebank.com
[02:12:01:03:01:01]
OSDINSTALLSILENT=1
OSDINSTALLPACKAGE=NYC00004
OSDINSTALLPROGRAM=NYC_VM
OSDNEWMACHINENAME=WasCL01
TimeZone=004
[00:0D:56:9B:44:9E]
OSDINSTALLSILENT=1
OSDINSTALLPACKAGE=NYC00002
OSDINSTALLPROGRAM=NYC_GX270
OSDNEWMACHINENAME=WasCL02
TimeZone=004
[00:0D:56:9B:42:5E]
'All CL03 info located on the AdminDB
'OSDINSTALLSILENT=1
'OSDINSTALLPACKAGE=NYC00002
'OSDINSTALLPROGRAM=NYC_GX270
'OSDNEWMACHINENAME=WasCL03
'TimeZone=004
[00:0B:CD:73:0E:CB]
OSDINSTALLSILENT=1
OSDINSTALLPACKAGE=NYC00002
OSDINSTALLPROGRAM=NYC_GX270
OSDNEWMACHINENAME=WasCL04
TimeZone=004
[00:0F:1F:A0:7E:60]
'Replacement scenario from CLI-04 to CLI-06
'UDDir is in AdminDB
OSDINSTALLSILENT=1
OSDINSTALLPACKAGE=NYC00003
OSDINSTALLPROGRAM=NYC_D600
OSDNEWMACHINENAME=WasCL06
'UDDIR=NYC-AM-CLI-04
TimeZone=004
[DB_NYC]
SQLServer=NYC-AM-SMS-01
Database=BDDAdminDB
Table=BDDAdminCore
Parameters=MacAddress
[DB_DAL]
SQLServer=DAL-AM-SMS-01
Database=BDDAdminDB
Table=BDDAdminCore
84 Solution Accelerator for Business Desktop Deployment
Parameters=MacAddress
[SMS]
SQLServer=NYC-AM-SMS-01
Database=SMS_NYC
Table=v_Program
Parameters=PackageID,ProgramName
[SysprepInfMapping]
ComputerName=UserData
TimeZone=GuiUnattended
JoinDomain=Identification
MachineObjectOU=Identification
• CustomKeysSysprep
• OSDVariableKeys
• ScanStateArgs
• LoadStateArgs
The UserExit value is optional. Each of these sections is described in further detail later in this
guide.
Priority
The Priority value determines the sequence and section of where to find configuration values.
Each section will be searched in the order specified. Once all the required custom key values are
found, the remaining sections are not used.
The supported values for Priority are listed in Table 42.
Table 42. Priority Key Values and their Description
Priority Key Values Description
DefaultGateway Each TCP/IP default gateway address (for example, 10.1.1.1) will be used to
find a similarly-named section (for example, [10.1.1.1]) in the configuration
file. The section does not have to exist. If it is found, it will be searched for
custom key values not yet populated.
LocalDataName Any local machine value known to the ZTI script can be used to identify a
section name in the configuration file. For example, specifying “HostName”
would cause the script to look for a section with the current machine name.
Some values, like “MacAddress”, will result in multiple section names being
checked, since a machine can have multiple MAC addresses. The values
that can be specified for <LocalDataName> are: OSVersion, HALName,
Hostname, AssetTag, SerialNumber, Make, Model, Product, UUID, IPAddress,
MacAddress.
<CustomSection> One or more specific section names can be specified. For example, if
“MySection” were included in the Priority list, the [MySection] section would
be searched for any custom key values not yet populated.
Example:
Priority=MacAddress, DefaultGateway, Default
CustomKeysUserData
This value defines the custom user data keys that must be populated for the ZTI process.
The supported values for CustomKeysUserData are listed in Table 43.
Table 43. CustomKeysUserData and Their Description
CustomKeysUserD Description
ata
UDShare Share to save User Data
UDDir Directory under UDShare to save User Data
UDProfiles User profile on local machine to save. You can specify multiple users by
separating the users with a comma.
SLShare Share to save log file from custom scripts.
86 Solution Accelerator for Business Desktop Deployment
OSInstall Flag value to control the deployment process. This flag must be set to Y for
an operating system image to be deployed to the machine. (If OSInstall is
not listed in the CustomKeysUserData key list, images can be deployed to
any machine.)
Packages(*) A collection of package IDs and programs that should be installed on a
machine during the State Restore phase. The (*) designator marks this key
as a collection, so values are added to the collection as they are
encountered (building a list); duplicates are ignored. Values must be
specified in the “NNN00000-Program” format, where “NNN00000” is the
SMS package ID and Program is the SMS program name.
Administrators(*) A collection of groups or users that should be added to the Administrators
group (or the localized or renamed equivalent) on the deployed machine.
The (*) designator marks this key as a collection, so values are added to the
collection as they are encountered (building a list); duplicates are ignored.
PowerUsers(*) A collection of groups or users that should be added to the Power Users
group (or the localized or renamed equivalent) on the deployed machine.
The “(*)” designator marks this key as a collection, so values are added to
the collection as they are encountered (building a list); duplicates are
ignored.
DriverPath or The UNC path specified by this custom key will be copied to the local
DriverPath(*) machines “\Drivers” directory. All “\Drivers” subdirectories will be scanned
looking for drivers; any not already included in the Sysprep.inf’s
“OemPnpDriverPath” value will be added to that path (subject to the 4096
character limit on this value).
ImageSize The actual size of the OS image (contained in the OS.WIM file) which should
be used instead of a size estimate.
ImageSizeMultiplier If ImageSize is not specified, this value is used as a multiplier with the size
of the OS image (contained in the OS.WIM file). The size will be multiplied
by this value to get an estimated size at deployment. If not specified, a
default value of 2.5 will be used (assuming 2.5X compression within the
WIM file).
Example:
CustomKeysUserData=UDShare, UDDir, UDProfiles, SLShare, OSInstall, Packages(*), Administrators(*),
PowerUsers(*), DriverPath, ImageSize
CustomKeysSysprep
This value defines the data keys that will be used to update the Sysprep.inf file, which controls
how the machine is initially configured when the operating system first starts up. Each value
specified should correspond to a value in the Sysprep.inf file. The [SysprepInfMapping] section
must contain one entry for each of these values which specifies the section of the Sysprep.inf file
that contains the specific value.
A list of common values for CustomKeysSysprep are listed in Table 44. Any value can be
supported; it just needs to be to defined on the CustomKeysSysprep line and in the
[SysprepInfMapping] section.
Table 44. CustomKeysSysprep and Their Description
CustomKeysSyspr Description
ep
ComputerName Computer name to be assigned to the workstation.
Zero Touch Installation Deployment Feature Team Guide 87
Example:
CustomKeysSysprep=ComputerName, TimeZone, JoinDomain, MachineObjectOU
OSDVariableKeys
This value defines the data keys that are needed to automate or control the SMS 2003 OSD
Feature Pack image installation process.
The supported values for OSDVariableKeys are listed in Table 45.
Table 45. OSDVariableKeys and Their Description
OSDVariableKeys Description
OSDINSTALLSILENT This value must be set to a value (normally 1) to indicate that the
SMS 2003 OSD Feature Pack Image Installation Wizard should not be
displayed. In order for this to work properly, the next three values
must be specified as well.
OSDINSTALLPACKAGE This value specifies the SMS package ID (for example, SMS00001) for
the OS package that should be installed on the machine.
OSDINSTALLPROGRAM This value specifies the OS program name (for example, ZTI Install)
within the specified OS package that should be executed. All ZTI
custom actions should be defined as part of this OS program
definition.
OSDNEWMACHINENAME For new machines, this value must be populated so that the SMS 2003
OSD Feature Pack knows what name to assign to a new machine. This
value can be set to * to indicate that Windows should generate a
name during mini-setup; the value can then be overridden later in the
process by ZTI through editing the Sysprep.inf file.
Example:
OSDVariableKeys=OSDINSTALLSILENT, OSDINSTALLPACKAGE, OSDINSTALLPROGRAM, OSDNEWMACHINENAME
ScanStateArgs
This value specifies the arguments that should be passed to the USMT Scanstate process. The ZTI
script will determine which version of Scanstate to call (Scanstate.exe for Unicode systems,
Scanstatea.exe for ANSI systems) and will insert the appropriate logging, progress, and state
store parameters. If this value is not included in the settings file, the user state backup process
will be skipped.
Example:
ScanStateArgs=/i:miguser.inf /i:migapp.inf /i:migsys.inf /i:sysfiles.inf /i:updateuser.inf /v:7 /x /s /f /o
/c
88 Solution Accelerator for Business Desktop Deployment
LoadStateArgs
This value specifies the arguments that should be passed to the USMT Loadstate process. The ZTI
script will insert the appropriate logging, progress, and state store parameters. If this value is not
included in the settings file, the user state restore process will be skipped.
Example:
LoadStateArgs=/v:7 /c
UserExit
This value specifies the name of a script that should be called as part of the phase processing.
This enables custom script functions to be called during the ZTI processing without modifying the
main ZeroTouchInstallation.vbs script. It will be called twice:
• After machine information has been gathered but before the processing for this particular
phase has been performed. In this case, the exit can set a parameter (bSkip) to indicate that
the remaining process for this phase should be skipped.
• After the normal processing for the phase has been completed, allowing the exit to change
any of the values retrieved.
A sample user exit function written in VBScript can be seen in Appendix G: Sample User Exit
Function later in this guide.
Example:
UserExit=MyUserExit.vbs
• The “Subsection” key specifies the name of another section that should be checked for custom
key values. The value of the “Subsection” key can include variables, e.g. “%Model%”, which
will automatically be replaced with the actual value.
In each case the syntax is as follows and described in Table 48:
[<CustomSection>]
SQLDefault=<SQLSection>
UserExit=<UserExitScriptFile>
Subsection=<CustomSectionWithVariables>
<CustomKeyName>=<KeyValue>
[Dell-Latitude D600]
CustomKeyName=CustomKeyValue
<CustomKeyName> One of the custom key names specified in the [Settings] section.
<KeyValue> The value that should be assigned to the specified custom key name
(assuming the custom key does not already have a value).
Zero Touch Installation Deployment Feature Team Guide 91
Database=<SQLDatabaseName>
Table=<SQLTableName>
StoredProcedure=<SQLStoredProcedureName>
Parameters=<Any local key or custom key>
UseEncryptedFile=<True | False>
EncryptedFile=<EncryptedFileName>
DomID=<DomainUserID>
DomPwd=<DomainPassword>
DBID=<DatabbaseUserID>
DBPwd=<DatabasePassword>
<CustomKeyName>=<SQLColumnName>
Dim iRetVal
LogInfo sLogFile, "User exit started: " & sType & " " & sWhen & " " & sDetail, LogTypeInfo
' Check to see if Windows PE is running from a different drive than the first disk partition
' (as identified by OSD). If this is the case, then this is a new machine and we can
' repartition and format the drive.
EXIT FUNCTION
End if
Else
LogInfo sLogFile, "USEREXIT: Windows PE is running from the system drive, must be a refresh.",
LogTypeInfo
End if
Else
LogInfo sLogFile, "USEREXIT: No user exit processing is required.", LogTypeInfo
End if
UserExit = Success
End Function
Listing 28. User Exit function example in Visual Basic
Figure 18 illustrates a sample ZTIDiskPart.txt file used by ZTIUserExit.vbs to create the partitions.
In Listing 28 you can see where the ZTIUserExit.vbs calls DiskPart.exe and passes ZTIDiskPart.txt
as a parameter.
select disk 0
clean
create partition primary
assign letter=c:
active
exit
Figure 18. ZTIDiskPart.txt parsed by ZTIUserExit.vbs
Both ZTIuserexit.vbs and ZTIDiskPart.txt must be included in the package that you are distributing
to the workstation. For more information on updating OSD packages, see Microsoft Systems
Management Server 2003 Operating System Deployment Feature Pack Users Guide in Additional
Resources earlier in this guide.
102 Solution Accelerator for Business Desktop Deployment
Microsoft TechNet
Located at http://www.microsoft.com/technet/ Subscriptions
With a TechNet subscription, the latest Microsoft technical information is delivered monthly on
CD-ROM or DVD-ROM discs, avoiding the need to download the content from the Microsoft
TechNet web site. A fully-searchable knowledge base is also included, to help improve the
productivity of IT Professionals.
that implements the PXE protocol. Assuming that a boot server implementing this extended
protocol is available, the boot server sends an offer containing the IP address of the server that
will service the client. The client uses TFTP to download the executable file from the boot server.
Finally, the client initiates execution of the downloaded image.
The initial phase of this protocol piggybacks on a subset of the DHCP messages to enable the
client to discover a boot server (that is, a server that delivers executable files for new computer
setup). The client may use the opportunity to obtain an IP address (which is the expected
behavior), but is not required to do so.
The second phase of this protocol takes place between the client and a boot server, and uses the
DHCP message format simply as a convenient format for communication. This second phase of
the protocol is otherwise unrelated to the standard DHCP services. The next few pages outline the
step-by-step process during PXE client initialization.
For more information on troubleshooting PXE boot-related issues in RIS, see Knowledge Base
Article 244036: Description of PXE Interaction Among PXE Client, DHCP, and RIS Server at
http://support.microsoft.com/kb/244036/EN-US/
This message can occurs because OSD may not have the appropriate credentials to access the
\\servername\Logs folder, when the \\servername\Logs folder resides on a server other than the
distribution point. For more information on providing the appropriate credential for the different
deployment phases, see Configuring Access for Deployment Phases earlier in this guide.
Figure 19 is an excerpt from an OSD log file that illustrates how to find the error code in
OSDAgent.log. In this excerpt, the error code reported is 5001
.
.
.
<![LOG[The operating system installation failed. Please contact your system administrator for assistance.
The action "Zero Touch Installation - Validation" failed with exit code 5001]LOG]!><time="15:43:51.576+000"
date="09-19-2004" component="OSDAgent" context="" type="3" thread="856" file="actionengine.cpp:1567">
.
Zero Touch Installation Deployment Feature Team Guide 107
.
.
Figure 19. Excerpt from the OSDAgent.log file that contains error code 5001
108 Solution Accelerator for Business Desktop Deployment
• Creates a stored procedure, called IdentifyComputer, which creates a unique computer name,
and then updates the AdminDB database with the new computer name, the MAC address, the
make of the workstation, and the model of the workstation.
Note In the new machine scenario, you may want to include additional logic in the IdentifyComputer"stored procedure
to automatically populate the OSDINSTALLPACKAGE and OSDINSTALLPROGRAM columns (for example, based on the
make and model passed). The current version of the script does not have this feature implemented.
use [BDDAdminDB]
GO
SET QUOTED_IDENTIFIER ON
GO
110 Solution Accelerator for Business Desktop Deployment
SET ANSI_NULLS ON
GO
SET NOCOUNT ON
IF @Cnt = 0
BEGIN
BEGIN TRAN
OSDInstallSilent, OSInstall)
VALUES (@MacAddress, @Make, @Model, @NewName, @NewName, '1', 'Y')
COMMIT TRAN
END
GO
SET QUOTED_IDENTIFIER OFF
GO
SET ANSI_NULLS ON
GO
Zero Touch Installation Deployment Feature Team Guide 111
.
.
.
[IdentifyComputer]
SQLDefault=DB_IdentifyComputer
[DB_IdentifyComputer]
SQLServer=SERVER1
Database=BDDAdminDB
StoredProcedure=IdentifyComputer
Parameters=MacAddress, Make, Model
Listing 30. Excerpt from the Customsettings.ini file that calls the IdentifyComputer stored
procedure