Book Image

Mastering the Microsoft Deployment Toolkit

By : Jeff Stokes, Manuel Singer
Book Image

Mastering the Microsoft Deployment Toolkit

By: Jeff Stokes, Manuel Singer

Overview of this book

Topic The Microsoft Deployment Toolkit (MDT) provides a comprehensive collection of tools, processes, and guidance for automating desktop and server deployments. It considerably reduces deployment time and standardizes desktop and server images. Moreover, MDT offers improved security and ongoing configuration management. Microsoft Deployment Toolkit is the official supported method of creating and customizing Windows images for deployment. Description: Starting from scratch, this book walks you through the MDT setup, task sequence creation, and image deployment steps in detail. Breaking down the various MDT concepts, this book will give you a thorough understanding of the deployment process. Beginning with imaging concepts and theory, you will go on to build a Microsoft Deployment Toolkit environment. You will understand the intricacies of customizing the default user profile in different versions of Windows. Driver handling can be a challenge for larger organizations; we’ll cover various driver concepts including mandatory driver profiles. ]Other important topics like the User State Migration Tool (USMT), configuration of XML files, and how to troubleshoot the USMT are also discussed in the book. We will cover the verifier and Windows Performance Toolkit for image validation scenarios. Furthermore, you will learn about MDT web frontend implementation as well as how to utilize the database capabilities of MDT for deeper deployment options. We’ll wrap it all up with some links to resources for more information, blogs to watch, and useful Twitter handles.

Related Content you might be interested in

Current Title:

Small book image
Mastering the Microsoft Deployment Toolkit
Jeff Stokes | Manuel Singer
May, 2016 | 330 pages
No titles found
Table of Contents (18 chapters)
Mastering the Microsoft Deployment Toolkit
Mastering the Microsoft Deployment Toolkit
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Imaging Concepts and Theory
Imaging Concepts and Theory
Imaging history
Imaging concepts
Imaging tools
Setup
Summary
2
Setting Up Your Environment
Setting Up Your Environment
Setting up MDT for the first time
Exploring the completed reference share
Updating up the deployment share
Importing an OS
Importing Hyper-V drivers
Importing patches
Adding applications to our reference image
Summary
3
Creating Reference Images
Creating Reference Images
Creating a reference image in the management console
Sysprep run supportability
Boot media for the reference task sequence
Summary
4
Default User Profile Customization
Default User Profile Customization
Customizing the image
Summary
5
CustomSettings.ini and Task Sequence
CustomSettings.ini and Task Sequence
The structure of the CustomSettings.ini file
CustomSettings.ini and the Unattend.xml file
Summary
6
Drivers
Drivers
Understanding offline servicing
The MDT method of driver detection and injection
Populating the Out-of-Box Drivers node of MDT
Utilizing model variable to control what drivers are installed
Drivers as applications
Win PE drivers
Summary
7
Image Deployment
Image Deployment
Reference image deployment
Virtual machine creation
Deployment
Deployment share
Deployment scenarios and network considerations
Summary
8
USMT – The User State Migration Tool
USMT – The User State Migration Tool
History
Supported scenarios and minimum requirements
What USMT will migrate and won't migrate
Where to download
How USMT works
ScanState and LoadState syntax
UsmtUtils tool
Customization of XML files
Migration options
Best practices
Troubleshooting USMT
GUI wrappers for USMT
Summary
9
Troubleshooting Deployment Logs
Troubleshooting Deployment Logs
Delving into Windows logs
Microsoft deployment toolkit logs and task sequencer logs
Common errors and frequent pitfalls
Summary
10
Validating the Image
Validating the Image
Driver Verifier
Windows Performance Toolkit
Windows Assessment Toolkit
Summary
11
Database, UserExit Scripts, and Web Services
Database, UserExit Scripts, and Web Services
MDT Configuration Database step by step
UserExit script
Web services
Summary
Additional Enterprise Configuration Items
Additional Enterprise Configuration Items
Reference VM configuration
Securing the MDT process
Windows Imaging and Configuration Designer

Securing the MDT process

In some environments, security concerns are a primary driver, and thus the following questions come up: what can we do to secure the share, and what can we do to validate that the image is not tampered with?

For the first question about securing the share, the following rights are needed to allow MDT to work properly:

  1. \\path\deploymentshare$ rights:

    • In Sharing, remove EVERYONE and add the user account specified specifically in your Bootstrap.ini and CustomSettings.ini file for READ access only

    • NTFS rights would be the following:

      Creator Owner: Full control of subfolders and files only

      Administrators: Full control of this folder, subfolders and files

      System: Full control of this folder, subfolders, and files

      Users: Check the following check boxes:

      • Read and Execute

      • List Folder Contents

      • Read

  2. \\path\referenceshare$ rights:

    • In Sharing, again remove EVERYONE and add your user account used in the capture process for READ and CHANGE rights

    • NTFS no changes needed

For the second part, how do we validate the image integrity?

The simplest way is to use PowerShell to generate a file hash of your WIM file. Use the PowerShell cmdlet get-filehash. The following command is simple enough to add to your process:

Get-FileHash .\install.wim | format-list

You can then validate the returned value by checking the deployment time or in audit processes in same way as the security requires.

Previous Section
End of Section
Next Section