In Part 1 of this series we created our new LAB, we got the System Center 2012 Configuration Manager ISO and extracted it, then copied it to our Active Directory server. We then created the System Management container in AD, delegated permissions to the container, extended the Schema for Configuration Manager. We then opened TCP ports 1433 and 4022 for SQL replication between sites, installed some prerequisites like .NET Framework 4.0, added some features and then downloaded and installed SQL Server 2008 R2 SP1 CU6. We then configured SQL Server using SQL Server Management Studio for security and memory configurations prior to running the Configuration Manager 2012 setup to assess server readiness. Finally we installed a central administration site (CAS). In Part 2 we setup our Primary server with SQL Server 2008 R2 SP1 CU6. We then installed Configuration Manager 2012 on our primary server (P01) and verified that it was replicating to our central administration site (CAS) server. Then we configured Discovery methods for our Hierarchy and then configure Boundaries and Boundary Groups.
In Part 3 we configured Discovery methods and configured boundaries and created a boundary group, we then configured them for Automatic Site Assignment and Content Location. In Part 4 we added the Application Catalog roles to our Hierarchy. We then configured Custom Client Device Settings and then deployed those settings to the All Systems collection on site P01. After that we created Custom Client User Settings and deployed them to the All Users collection in order to allow users to define their own User and Device affinity settings. In Part 5 we installed the WSUS server role (it is required for the Software Update Point role). We then installed the Software Update Point role on our CAS and Primary servers and we configured the SUP to support ConfigMgr Client Agent deployment which is a recommended Best Practice method of deploying the Configuration Manager Client Agent.
In Part 6 we prepared our server for the Endpoint Protection Point role, and installed that role before configuring custom client device settings and custom antimalware policies. We then deployed those custom client device settings and custom antimalware policies to our newly created Endpoint Protection collections. In Part 7 we added operating system deployment ability to our hierarchy by adding Windows 7 X64. We used the Build and Capture process to capture a WIM image which we can later deploy to targeted computers using network boot (PXE). PXE boot requires specific settings on our distribution points and the boot images used to deliver the operating system WIM images were therefore also enabled for PXE support.
In Part 8 we added Applications to our Software Library and configured the requirements in the Deployment Type to add new abilities to the application delivery process. We monitored the approval process of our applications and saw how requirements can influence whether an application is installed or not and we noted the difference between deploying to Users versus Devices. Now we will take a look at how Automatic Deployment Rules can be used to automate the deployment of windows updates on Patch Tuesday using a recurring schedule to patch your infrastructure using Software Updates.
In Part 9 we created some folders and collections using a PowerShell script to make targeting of Windows Updates easier, we then performed a full synchronization of our Software Update Point before creating an Automatic Deployment Rule (ADR) for Windows 7 monthly updates for Patch Tuesday. In Part 10 we monitored our previously created ADR and monitored the downloading and deployment of those updates both to the distribution points and finally to our Windows 7 client computers. We reviewed the process in fine detail in order to understand the sequence of events when an ADR is run on a schedule.
In Part 11 we upgraded our Hierarchy to System Center 2012 Configuration Manager Service Pack 1 and now we shall begin using some of the new features that Service Pack 1 provides, one of which is the ability to Deploy Windows 8 and another is the PowerShell integration.
Introduction
System Center Configuration Manager 2012 Service Pack 1 has changed the method used to create and deploy operating systems, the first major change is in the build and capture task sequence itself, previous to SP1 you would select the operating system installation files (setup.exe) however now you can point to the install.wim file directly from the DVD in the build and capture task sequence. Indeed you don’t even need to use a build and capture process anymore (if that’s what you prefer), you could go straight to creating the deploy task sequence and deploy Windows 8 using the install.wim from the original media.
Most organizations however will want to customize their Corporate image somewhat and using the build and capture process still allows us to do that. One of the features that is notably missing in Windows 8 is .Net 3.5, so we’ll add that in our Build and Capture process. In this post we’ll create a new Windows 8 image using the Build and Capture method and later deploy that image with the .Net 3.5 feature pre-installed, we will also see how we can accomplish some of these steps using Powershell CMDLets that are built into the product, so be warned there will be a lot of PowerShell used in this post and from this point onwards, so you may as well get used to it . Trust me, if you feel afraid of PowerShell, don’t be, go through every step in this guide and you’ll feel much better once it’s all complete.
Note: Throughout this post I provide sample PowerShell commands for you to execute, unless otherwise mentioned these have only been tested on Configuration Manager 2012 Service Pack 1, in other words, Cumulative Update 1 is not installed unless I directly refer to it.
Step 1. Connect to Windows PowerShell
In this post we will familiarize ourselves with some of the Configuration Manager PowerShell integration provided in System Center 2012 Configuration Manager Service Pack 1. PowerShell gives you the ability to automate many functions and this ability is now integrated in the console. To enable Powershell integration from within the console click on the blue drop down menu in the top left corner of the console and select Connect via Windows PowerShell.
A PowerShell command window should appear, select [A] Always run when prompted, note that the site code of your Configuration Manager site that you are connected to (in this case the CAS) is listed.
In the screenshot below you can see the same action performed on our Primary site P01, notice the difference in display output.
ok Now that we’ve connected to Powershell, in the CAS PowerShell console let’s list the commands available.
Get-Command -Module ConfigurationManager
That will scroll off screen as there are so many commands available
you may want to output that to a text file so that you can scroll through it at your leisure or search for a command. To create a list of available PowerShell commands, we will use PowerShell’s Out-File command. Create a folder on D:\ called D:\Temp and then do the following:
Get-Command -Module ConfigurationManager | Out-File D:\temp\CM12_PowerShell_Commands.txt
This list is specifically for Configuration Manager 2012 SP1, if you install Cumulative Update 1 (I have not on this lab, however I’ve installed it on a separate non-CAS hierarchy) then you’ll get access to even more PowerShell CMDLets. Here’s a list I created using the command above.
CM12_PowerShell_Commands.txt 74.84K 0 downloads
if you want to get help on any PowerShell cmdlet try using get-help command eg:
get-help Update-CMDistributionPoint
Tip: you can also use the PowerShell cmdlets without opening the console, change directory to the adminsconsole\bin folder and start up a powershell console and then use the following line
Import-Module “D:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1”
Now that you know how to use the PowerShell integration we’ll return to it later in this guide.
Step 2. Copy the Windows 8 media
Perform the following on the CAS server as SMSadmin
Mount your Windows 8 ISO and copy the entire contents to an appropriately named folder in the sources folder structure on the CAS server, for example I’ve copied mine to
\\cas\sources\os\os_media\windows8x64
Step 3. Add the Windows 8 X64 Install.WIM file
Perform the following on the CAS server as SMSadmin
In the Operating System Deployment section of the Software Library workspace, select Operating System Images and right click, choose Add Operating System Image
Point the wizard to the Install.WIM file in the sources folder of your extracted media files, eg: \\cas\sources\os\os_media\windows8x64\sources\install.wim.
Tip: Prior to SP1 you would not use the Install.WIM file directly from the media as Windows would end up on D:\, however Service Pack 1 has the ability to deal with this natively and adds a new Configuration Manager variable called OSDPreserveDriveLetter
On the General screen, fill in information about the Windows 8 image you are adding and edit the version or description info so that it clearly points out that this is the Install.WIM file that you are using (to make it clear later when adding Windows 8 images to any Deploy Windows 8 task sequences).
and continue the wizard through to completion.
Step 4. Distribute the Windows 8 X64 image
Perform the following on the CAS server as SMSadmin
We could update our content to our distribution points by selecting the image just added, right clicking and choose Distribute Content, however we want to use PowerShell in this instance to update the WIM file to our distribution point.
Enter the following command in your PowerShell console (use the one started in Step 1.)
Start-CMContentDistribution –OperatingSystemImageName "Windows 8 Enterprise" –DistributionPointName "P01.server2008r2.lab.local"
Obviously replace the OperatingSystemImageName with the name you used and replace DistributionPointName with the FQDN of your Distribution Point.
Once done, open the distmgr.log in CMTrace on your CAS server to monitor the status of the content distribution
Once distributed you can verify it’s status via the Configuration Manager console or via PowerShell using
Get-WmiObject –NameSpace Root\SMS\Site_CAS –Class SMS_PackageStatusRootSummarizer –Filter "PackageID='CAS00012'"
The output should look similar to below, look for Installed=1 and Targeted=1 this means that the package is distributed successfully.
Tip: You can get detailed information about these WMI classes on MSDN here http://msdn.microsoft.com/en-us/library/hh949534.aspx
Step 5. Create a Build and Capture Task Sequence
Perform the following on the CAS server as SMSadmin
A build and capture task sequence is normally used to create a custom WIM file containing your Operating System and some key applications used in your organization, those applications would normally be referred to as ‘FAT’ applications as they are usually big in size (think Office 2013 or SAP). The image generated by this process can later be used in a separate Deploy Task Sequence and in that task sequence you can have several custom steps and smaller applications such as WinZip. Creating a custom wim file this way does allow for greater flexibility and reduced installation time, however you may have to update this reference image once every quarter or so to include updates to your applications and of course Windows Updates themselves.
Navigate to the Windows 8 Build folder in Task Sequences, right click and choose Create Task Sequence.
When the wizard appears choose the second option, Build and Capture a reference operating system. Give it an appropriate task sequence name and make sure to choose an X64 boot image when building an X64 operating system otherwise the Capture process will fail.
Click next when done. For the Install Windows step, click on browse and select our Install.WIM file we added earlier. The only images you’ll be able to select here are either previously added WIM files or previously captured WIM files.
Note: You can not select Operating System Installers in this step. If you want to select an Operating System Installer (setup.exe) complete the task sequence wizard and then edit the task sequence and edit the step after it’s created to point to an Operating System Installer (for example for Windows XP).
Enter the local administrator password which is useful if your Build and Capture task sequence fails for whatever reason
In the Configure Network step, join a workgroup, do not join the domain (keep the image clean)
The Install Configuration Manager client step should point to the FQDN of your site server hosting the Software Update Point role (if you followed this series of guides that will be our Primary server, P01) if you want to install updates during the task sequence, in that case use the following SMSMP=P01.server2008r2.lab.local for installation properties
In the next step select All Software Updates
Install some applications that you’d like included in your reference image, this is just a lab so I don’t have much, you would typically want to install FAT applications like Office or SAP here
Fill in some details about the image
Fill in a the details for a Capture account and verify that they work before continuing
Continue through the wizard until completion.
Step 6. Create a SXS package for adding Windows Features
Perform the following on the CAS server as SMSadmin
We want to add the .NET 3.5 Windows 8 feature to our reference image and to do so we’ll create a package with the source files required for adding roles and features to Windows 8. As the reference image will not be domain joined (it will join a workgroup) we cannot use a Run Command Line step with the Run As User option to specify a Domain User, instead we’ll create a package (using PowerShell) and copy that locally on our Windows 8 reference computer and install the feature using DISM.
Browse to the location where you copied the Windows 8 DVD and locate the sources\sxs folder, copy that folder (and all it’s subfolders and files) to a new location. Such as in the screenshot below, this will be the source files for our SXS package.
Once done, open up our PowerShell connection again, and issue the following command to create our package (change it to suit the path of your SXS package):
New-CMPackage –Name "Windows 8 SXS" –Version "X64" –Description "Windows 8 SXS files needed for adding features, © windows-noob.com April 2013." –Language "English" –Manufacturer "Microsoft" –Path "\\cas\sources\os\os_media\Windows 8 X64 Features"
Ok now that we’ve created the package using PowerShell, the next job is to distribute it to our distribution point P01, so issue the following command
Start-CMContentDistribution –PackageName "Windows 8 SXS" –DistributionPointName "P01.server2008r2.lab.local"
Once again you can monitor distmgr.log for details of the package distribution or use PowerShell to see its status
Get-WmiObject –NameSpace Root\SMS\Site_CAS –Class SMS_PackageStatusRootSummarizer –Filter "PackageID='CAS00015'"
Like in the screenshot below
Or you can do it the old fashioned way and verify in the console itself
Step 7. Edit the task sequence
Perform the following on the CAS server as SMSadmin
Next we will add two steps to our Build and Capture task sequence, locate the task sequence in the console, right click and choose Edit
The task sequence opens, select the Setup windows and Configuration manager step and choose the Add drop down menu, General, Run Command Line
and edit it so that it corresponds with the screenshot below
Next create another Run Command Line step called add .NET 3.5 Features using DISM and use the following command line:
And that’s our editing done, Apply the changes and close the task sequence editor.
Step 8. Deploy the task sequence
Perform the following on the CAS server as SMSadmin
Next we want to deploy our Build and Capture Windows 8 X64 Enterprise task sequence to our Build Windows 8 collection (if you have not yet created that collection do so now, it should be a device collection with no members).
We will use the following PowerShell CMDLet:
Start-CMTaskSequenceDeployment –Name "Build and Capture Windows 8 X64" –CollectionName "Build Windows 8" –Comment "© windows-noob.com April 2013" –Deploypurpose "Available"
Side note: After doing this you’ll have to manually edit the deployment to make it available to Configuration manager clients, media and PXE as per the screenshot below, currently in Configuration Manager 2012 SP1.
This has been automated in the Powershell updates from CU1 however the command to install is different
Note: the command below will NOT work on Configuration Manager 2012 SP1 without the CU1 update installed (and the resulting MSP file for the Powershell cmdlets run in order to give you access to the new PowerShell updates…).
Start-CMTaskSequenceDeployment –TaskSequencePackageId "CAS00013" –CollectionName "Build Windows 8" –Comment "© windows-noob.com April 2013" –Deploypurpose "Available" –MakeAvailableTo "ClientsMediaAndPXE"
Step 9. Import a computer and PXE boot
Perform the following on the CAS server as SMSadmin
Now we are ready to import computer object into Configuration Manager’s database, we do this because the computer is not yet known to Configuration Manager. To do this we need to know the Mac address and computername, lets call the computername W81.
If you are using CU1 you can use PowerShell to import your new computer object (the command below returns an error in SP1, the error implies that your collection “Build Windows 8” does not exist, ignore the error, it just doesn’t work in SP1. If you don’t need or want to update to CU1 then import the computer object using computer association.)
Import-CMComputerInformation –ComputerName = "W81" –MacAddress= "00:11:22:33:44:55" –CollectionName= "Build Windows 8"
If you are not using CU1 then import the computer information manually (as the Powershell CMDLet doesn’t work currently) as described in this post.
Once the computer has been imported, wait a few minutes before verifying that it shows up in the collection, do not continue until it is present in the collection. Once it appears PXE boot the virtual machine
Press F12 when prompted and select our task sequence
and off it goes…eventually it will get around to installing the .NET 3.5 feature
and then it will continue before preparing the OS
running Sysprep and then rebooting to capture the image
and that is it for this post, you’ve learned how to Build a reference image of Windows 8 X64 Enterprise, you’ve installed some apps and enabled the .NET 3.5 feature and finally you’ve captured it for later installation in a Deploy Task Sequence (the next part of this series will cover that.)
In addition, you’ve done many of the steps above using PowerShell, how awesome is that !
cheers
niall.
Recommended Reading
- Cmdlets in System Center 2012 Configuration Manager SP1 – http://technet.micro…y/jj849987.aspx
- Description of Cumulative Update 1 for System Center 2012 Configuration Manager Service Pack 1 – http://support.micro…b/2817245/en-us
- PowerShell Basics – http://blogs.technet…ell-basics.aspx
- Windows PowerShell: Scripting Crash Course – http://technet.micro…e/hh551144.aspx
- Cmdlets in System Center 2012 Configuration Manager SP1 – http://technet.micro…y/jj849987.aspx
PowerShell/Configuration Manager Blogs
- Kaido Järvemets – http://cm12sdk.net/?page_id=10
- Raphael – http://cm12automation.codeplex.com/
- David O Brien – http://www.david-obrien.net/
Pingback: using System Center 2012 Configuration Manager | MS Tech BLOG