After muchos fiddling this week (its half term after all!), we have setup our Server 2008 x64 box with both WDS (in normal (win7 & vista) modes), MDT 2010, and WAIK and started to get a feel for it.
We would be rolling out 'new computer' installations using MS terminology always, not upgrades or refreshes etc, since we are a very "hot-desking" environment, and all docs are stored on the server, with mandatory profiles for both staff and students.
Following the excellent IT Idiots guide on creating an unattended Lite Touch installation, I have successfully managed the following:
1) Created a Lite Touch x86 PE Boot Image (using MDT 2010), imported into WDS, and PXE booted to this image, all fine.
2) Used MDT 2010 to get an unattended install of Win7 x86 onto a HP dc7700 SFF PC. I followed their guide to the letter (bar office 2007, since I hope to install this via GPO) and it worked brilliantly.
It just prompted me for a logon credentials to attach to the Deployment Share, set a computer name, ask to join the domain, and choose an OU in AD with which to place the machine in. (I don't mind this at the moment, since I can fiddle with machines in Workgroups before adding to domains and applying largely XP based policies). It then went off, did its stuff, rebooted, logged in and finished the installation as local administrator.
I have found a few minor issues so far (with no easy solutions).
1) It didn't install my modem driver, even though I provided MDT with the driver in its out of box drivers section. Do I need to tell the unattended.xml file to use this driver at a certain point, and how do I do this? This happened on more than one type of HP workstation.
I am not sure whether it might have something to do with the driver being unsigned, as when I tried to install the driver using the wizard manually, when told to look in the driver folder, it couldn't find one. When forcing the issue, it was fine, but complained that the driver would probably not work (even though its the correct one off HP's website!!). Once installed by hand no issue, although I would like to automate this. I know with RIS and the sif you could turn off driver signing policy with the "ignore" property. Is there a way to do this in MDT 2010?
2) The one time I tried to join it to the domain (using settings in the unattended.xml file) it fell over (not sure why) at present. I think it may have had something to do with the auto-login as local admin to finish the installation, but I have yet to sort this out.
3) I did try capturing my machine image with the modem driver, by setting up a 'sysprep and capture' task sequence. This worked okay and successfully captured a wim image back to the deployment share as I wanted.
However, when trying to use the new image (with driver) it installed okay, but the driver wasn't installed, and it wasn't doing a complete unattended install. When I tried to create a new unattend.xml with the captured image and new task sequence it fell over and complained. I even tried to copy a blank CLG file from the Win7 DVD but this didn't work either.
I do not think that this is the correct way to do things in Win7 and the OS should be hardware independant, meaning that one image fits all (with the correct drivers of course). Going back to my original post about how to get the modem driver to install using the IT Idiots method, albeit tweaked to allow my modem driver would really be helpful.
4) Activation and Licensing - this has given me a headache all afternoon.
We are a SA school, and from the licensing website, have been provided with a KMS key, and two MAK keys for Windows 7. I understand the process of how MS would like KMS to work, and that we need at least 25 activations of Win7 before they work properly (not a problem, we have 700 machines). We have even used a MAK key by hand to activate Win7 x86, which worked okay.
I have entered one of the MAK keys into the Unattend.xml config, for both Oobe and specialize sections, but have yet to try a redeploy using this, as we got kicked out by the caretakers this afternoon, and it was snowing so had to make a quick dash home, all safe now though!
4) You should not provide any key if using Windows 7 enterprise and a KMS server which is the preffered method. It will find the KMS and activate all by itself on the first boot. If you are using Pro it won't do this unless you use a special KMS key but as you have SA you should be using Enterprise anyway as its better (includes bitlocker).
Thanks for your help. It appears that I was using Pro...maybe I will look into obtaining Enterprise then, or see if we are licensed for it...
With regards to the modem driver issue, I looked at HP's website again at the drivers for the device. They were updated yesterday (I hadn't checked this until tonight), so might be worth a look to see if the new drivers is now signed or sorts the issue.
I also found out to see if the drivers that get imported into MDT 2010, are also WHQL certified, which is a nice feature.