My unattended Windows XP deployment methods


I frequently need to create ‘base’ images for new computer models my organizations acquire. Until recently, the process was always the same:

  1. Install Windows XP
  2. Enter information, such as license key, at all prompts during the setup process
  3. Apply Windows XP SP2 (my volume license media was only SP1)
  4. Install Microsoft Update client
  5. Download all security and critical updates from Microsoft Update

The Internet connection at one site I work out of was so unbearably slow, I’d start the update process when I went home for the night, and hoped it would be complete by the time I arrived the next morning.

I finally decided I was going to create a slipstreamed, customized Windows XP SP2 CD so I could minimize this repetitive process as much as I could. My goal was to boot from a CD, walk away, and come back a while later and find the setup process completed. This is what’s known as a silent deployment, requiring no user interaction.

Before doing anything, I highly recommend take the time to read the Unattended Windows XP Guide from msfn.org. It was my holy grail during this entire process. I want to thank everyone who contributed to creating this detailed how-to guide.

The first step is to copy your Windows XP volume license CD to a working directory on your hard drive.

Next, you can use several different methods to slipstream updates into your working directory. Personally, I’ve had the best luck using the RyanVM Integrator with RyanVM’s Windows XP post-SP2 update pack, but you may choose to use to use Autopatcher to download the updates, and nLite to slipstream them into the working directory as well. I suggest you pick one method per CD, meaning don’t use both utilities to modify a distribution. Do one or the other, but not both. There are other options for integrating the hotfixes here.

After you’ve slipstreamed the updates, you can optionally integrate device drivers into the distribution using nLite, DriverPacks, or winnt.sif.

The most challenging part of this project for me was creating the unattended answer file. This file is where you input the information that you are prompted for during an interactive Windows XP deployment, such as passwords and network configurations. If you go get the Windows XP SP2 deployment tools, you can use the setup manager to create a base unattend.txt file. Rename this file to winnt.sif, and copy it into the slipstreamed i386 directory . Alternate nLite instructions are here.

Here’s a copy of my winnt.sif

;SetupMgrTag
[Data]
AutoPartition=1
MsDosInitiated=”0″
UnattendedInstall=”Yes”

[Unattended]
UnattendMode=FullUnattended
OemSkipEula=Yes
OemPreinstall=Yes
NoWaitAfterTextMode = 1
NoWaitAfterGUIMode = 1
TargetPath=\WINDOWS
Repartition=Yes
Size1=*
PartitionType1=primary
Filesystem1=NTFS
QuickFormat1=yes
UnattendSwitch=Yes

[GuiUnattended]
AdminPassword=”mypassword”
EncryptedAdminPassword=NO
OEMSkipRegional=1
TimeZone=35
OemSkipWelcome=1
AutoLogon=Yes
AutoLogonCount=1

[UserData]
ProductKey=12345-12345-12345-12345-12345

FullName=”My Name”
OrgName=”My Company”
ComputerName=xpsp2unattended
[TapiLocation]
CountryCode=1
AreaCode=666

[URL]
Home_Page=http://www.mycompany.com

[Proxy]
Proxy_Enable=0
Use_Same_Proxy=1

[Identification]
JoinWorkgroup=WORKGROUP

[Networking]
InstallDefaultComponents=Yes

[Display]
BitsPerPel=16
Xresolution=800
YResolution=600
AutoConfirm = 1

nLite does a good job of tweaking settings for you. If you’d like to do it manually, skip to the bottom of this post where I’ll summarize further customization using the RunOnceEx method.

Once the CD is customized to your satifaction, use the cdimage utility (and it’s optional GUI) to create an .iso file of your newly slipstreamed CD. Make sure you grab the boot.img bootsector as well – this is what makes the CD bootable. Alternate nLite instructions are here.

Lastly, burn your .iso to CD using your favorite tool, such as Nero. I personally use ImgBurn.

I hope this has given you some idea of the many ways you can create an unattended, slipstreamed Windows XP CD. Click the links below for more information on the following subjects:

winnt.sif

$OEM$ folder

cmdlines.txt

registry tweaks database

Additional information

Here’s I use this batch file, along with two .reg files, to customize some of my Windows XP settings. This section is entirely optional. To quickly summarize the process:

  • Create a $OEM$ directory in the root of your slipstreamed CD.
  • Inside the $OEM$ directory, create a cmdlines.txt file. Inside that file, enter the following:

[COMMANDS]
“RunOnceEx.cmd”

  • Save and close the cmdlines.txt file
  • Inside the $OEM$ directory, create a file named RunOnceEx.cmd.
  • Paste the following into the RunOnceEx.cmd file, then save the file. This will import the two .reg files listed below into the registry with our customizations.

@echo off

rem cmdow used to hide window from end user
rem see http://unattended.msfn.org/unattended.xp/view/web/31/ for more info

rem set environment variable
SET KEY=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

rem title of window
REG ADD %KEY% /V TITLE /D “Making changes to the default setup” /f

REG ADD %KEY%50 /VE /D “Importing HKLM Registry Tweaks” /f
REG ADD %KEY%50 /V 1 /D “REGEDIT /S hklm.reg” /f

REG ADD %KEY%60 /VE /D “Importing HKCU Registry Tweaks” /f
REG ADD %KEY%60 /V 1 /D “REGEDIT /S hkcu.reg” /f

exit

  • Next, create a file in the $OEM$ directory called hkcu.reg. Paste the following text into hkcu.reg, then save the file. This file will contain the HKEY_CURRENT_USER registry keys that RunOnceEx.Cmd will import

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Control Panel\Desktop]
“MenuShowDelay”=”20”

;Disable the Desktop Cleanup Wizard
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\CleanupWiz]
“NoRun”=dword:00000001

;Disable Recent Documents Menu
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“NoRecentDocsMenu”=hex:01,00,00,00

;Remove “Shortcut to” on shortcuts
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer]
“link”=hex:00,00,00,00

;Alphabetically sort start menu
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2]

; This will disable all of the following:
; Balloon Tips
; Folder Contents Info Tips
; Explorer Pop-Ups
; Show Info Tips
; Start Menu Tips
; Notification Area Tips
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
“EnableBalloonTips”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
“FolderContentsInfoTip”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\tips]
“Show”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
“StartButtonBalloonTip”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
“ShowInfoTip”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“NoSMBalloonTip”=dword:00000000

; show file extensions in explorer
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
“HideFileExt”=dword:00000000

;Classic search, full path in title bar and address bar.
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]
“FullPath”=dword:00000001
“FullPathAddress”=dword:00000001
“Use Search Asst”=”no”
“Settings”=hex:0c,00,02,00,1b,01,e7,77,60,00,00,00

;Force Classic Control Panel
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“ForceClassicControlPanel”=dword:00000001

  • Lastly, create a file in the $OEM$ directory called hklm.reg. Paste the following text into hklm.reg, then save the file. This file will contain the HKEY_LOCAL_MACHINE registry keys that RunOnceEx.Cmd will import

Windows Registry Editor Version 5.00

; auto logon as administrator during first boot
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Winlogon]
“DefaultUserName”=”administrator”
“DefaultPassword”=”mypassword”
; going to temporarily disable autoadminlogon and try via guiunattended in winnt.sif
; autoadminlogon=1 is enabled =0 is disabled
; “AutoAdminLogon”=”1”
; “AutoAdminLogonCount is number of times to autologon
; “AutoAdminLogonCount”=”1”

;Use this to force the Classic style of the Control Panel
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“ForceClassicControlPanel”=dword:00000001

;Disables Windows Tour bubble popup
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\Tour]
“RunCount”=dword:00000000

;Remove Shared Documents from My Computer
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{59031a47-3f72-44a7-89c5-5595fe6b30ee}]

;Disable Welcome Screen and uses Classic Logon
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Winlogon]
“LogonType”=dword:00000000

2 Responses to “My unattended Windows XP deployment methods”

  1. Johannes Says:

    http://www.heise-security.co.uk/articles/80682

    This may also be interesting.

  2. AutoPatcher is back (sort of) « thebackroomtech’s list of utilities Says:

    […] AutoPatcher is back (sort of) November 26, 2007 — Julie You can find the updated AutoPatcher Updater here. In case you’re not familiar with AutoPatcher, it’s a wonderful program that slipstreams Microsoft patches and updates into a Windows XP distribution point or CD. I’d integrate the updates of my choice into a CD to use for my unattended Windows XP deployments. […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: