Imaging - Question on Sysprep

SAG

SAG

Well-Known Member
Reaction score
77
Location
Hawaii
Alright, haven't done it this way in a decade, not even sure if it still applies, but... here's the situation.

Got a call from a business I'd never heard of. They were having some IT yahoo setup a new server and 15 workstations. They guy had them order the stuff from Dell and delivered to them. Now he's.... well, in jail. So they have these 15 unpacked Optiplex 3010's and a Dell server... all just sitting there.
Specs on the things are "ok", the server is just a file dump and AD, no major business apps or anything. Currently they have a mishmash of whitebox AMD computers and something that resembles a NAS made of what appears to be duct tape and a half eaten sandwich... but I digress.

My plan:
Setup the server, AD, anything else I feel that would help them out.
Setup one workstation, updated, all applications installed, spit shined and all that.
Image that bad boy, and then just restore the same image to the other 14 desktops.

My question:
Back in the XP days (and before) this could put your pickle in a meat grinder if you didn't sysprep after the image dump - SID issues and all that. Having never been a Winders guy back in those days I never really cared. I've heard the whole SID things wasn't as big a deal as it was believed to be, but still.

Any more if I have a big rollout it's easy enough to talk to Dell and have them custom image the machines before shipped out, but these are all pristine OEM boxes, nothing special.

tl;dr
15 Computers.
Build up one.
Image that built computer and restore to other computers.
Change all computer names and join to domain.
Anyone see any issues?
 
After looking at that, I think Sysprep was the wrong word...
Like I said, it was over a decade ago.
Damn.... it was something. Something to assign a new SID to the system.
I'm lost, and tired as hell right now. Going to go take a nap. Been up for about 30 hours straight.
 
SAG said:
After looking at that, I think Sysprep was the wrong word...
Like I said, it was over a decade ago.
Damn.... it was something. Something to assign a new SID to the system.
I'm lost, and tired as hell right now. Going to go take a nap. Been up for about 30 hours straight.
Click to expand...

Sysprep take care of all the system dependencies so you don't have to worry about anything funny going on.
 
It's amazing what a little sleep can do for you.
Newsid was the utility I was thinking of, thanks for the memory jogger.
And after looking a bit, it appears that it is no longer an issue.

So unless someone tells me otherwise, I'm going to assume that making an image of one machine and dumping it (restore) to the other 14 will cause me no problems when I go to attach them to the domain.
 
SAG said:
It's amazing what a little sleep can do for you.
Newsid was the utility I was thinking of, thanks for the memory jogger.
And after looking a bit, it appears that it is no longer an issue.

So unless someone tells me otherwise, I'm going to assume that making an image of one machine and dumping it (restore) to the other 14 will cause me no problems when I go to attach them to the domain.
Click to expand...

If these are Windows 7 machines, I boot the one workstation you are going to clone into audit mode, make your changes, run sysprep and shutdown.

I have read varying articles regarding new sid not being needed, but from my experience, if I don't sysprep, then prepare for weird errors down the road.
 
dbdawn said:
If these are Windows 7 machines, I boot the one workstation you are going to clone into audit mode, make your changes, run sysprep and shutdown.

I have read varying articles regarding new sid not being needed, but from my experience, if I don't sysprep, then prepare for weird errors down the road.
Click to expand...

Oddly enough I decided to lab test this - just didn't update my thread.
Created a 2008R2 DC VM.
Created 1 Windows 7 VM.
Cloned the VM using Acronis (I wanted this to be as close to real-world as possible).
Created 2 more VMs and dumped the image on them.
Changed all named VM1 VM2 VM3.
Attached to the domain.

Now, they attached fine, no errors on doing that.
But I'm having one hell of a network issue with them. If these were baremetal machines I'd think I had bad cables.

Getting ready to make a fresh VM from scratch and add it to the domain to see how it acts before I accuse the whole "cloning" thing of this mess.

Lab work can be fun in down time.
 
SAG said:
Oddly enough I decided to lab test this - just didn't update my thread.
Created a 2008R2 DC VM.
Created 1 Windows 7 VM.
Cloned the VM using Acronis (I wanted this to be as close to real-world as possible).
Created 2 more VMs and dumped the image on them.
Changed all named VM1 VM2 VM3.
Attached to the domain.

Now, they attached fine, no errors on doing that.
But I'm having one hell of a network issue with them. If these were baremetal machines I'd think I had bad cables.

Getting ready to make a fresh VM from scratch and add it to the domain to see how it acts before I accuse the whole "cloning" thing of this mess.

Lab work can be fun in down time.
Click to expand...

Not sure what virtualizer you are using, but you didn't by chance forget to change the network type from "NAT" to either bridged or internal? I know I've done this before....more than once :o
 
SilverLeaf said:
Not sure what virtualizer you are using, but you didn't by chance forget to change the network type from "NAT" to either bridged or internal? I know I've done this before....more than once :o
Click to expand...

It's on one of my ESX hosts, I use it specifically for this kind of fun.
So far the "fresh" W7 VM has attached and is running fine.
 
dbdawn said:
If these are Windows 7 machines, I boot the one workstation you are going to clone into audit mode, make your changes, run sysprep and shutdown.

I have read varying articles regarding new sid not being needed, but from my experience, if I don't sysprep, then prepare for weird errors down the road.
Click to expand...

I stumbled across this article during research about the same type of question. It is written by the man that wrote NewSID. Interesting reading to say the least.

http://blogs.technet.com/b/markrussinovich/archive/2009/11/03/3291024.aspx
 
SAG said:
It's amazing what a little sleep can do for you.
Newsid was the utility I was thinking of, thanks for the memory jogger.
And after looking a bit, it appears that it is no longer an issue.

So unless someone tells me otherwise, I'm going to assume that making an image of one machine and dumping it (restore) to the other 14 will cause me no problems when I go to attach them to the domain.
Click to expand...

dbdawn said:
If these are Windows 7 machines, I boot the one workstation you are going to clone into audit mode, make your changes, run sysprep and shutdown.

I have read varying articles regarding new sid not being needed, but from my experience, if I don't sysprep, then prepare for weird errors down the road.
Click to expand...

We actually do something very similar to this process for ALL of our Windows reinstalls. Basically, we install Windows onto one computer and when we create a new account, we boot it up into Audit Mode. We get everything the way it needs to be to include programs, updates, etc. In our case, we do not update the drivers because these will be deployed onto multiple types of computers with their own specific set of drivers, but in your case, it may be beneficial to update all the drivers on this image. Once you have everything the way you want it, you can do one of two things.

1. You can sysprep and generalize the install and then put it on a DVD (which takes time) that you can deploy on each of those computers. Basically, you would go through the same installation process as before, but everything you did would for the most part be applied to the install. This process by the way will take longer than a normal install because the image will be larger than the original.

2. The process that we take is the same as above, except that instead of putting the image on DVD, we actually clone the hard drive instead, but not before shrinking down the partition. So basically, we go through the whole install process, do our customizations in Audit Mode, shrink down the partition, then shut down and generalize. For instance if you have a 500gb hard drive you are working on, instead of cloning that whole hard drive, you would simply shrink that partition to say 50gb and then when you clone that hard drive, all you have to do is stop the cloning process after about 57000mb using ddrescue. The cloning process takes about 15 minutes or less this way. Once done, you pop in the hard drive and it will immediately ask you to create a new account INSTEAD of having to go through the whole Windows install process. Just make sure that when you are done, you extend the partition in Windows to the full capacity of the hard drive or your desired partition size. The shrinking and extending can obviously all be done through Disk Management in Windows and only takes a few seconds to do.

Basically, in our shop, we can get a Windows install done with all the updates, drivers, and programs in less than an hour with this process.

Optionally, you can do a third option, but because I am not a network or server guy, I am not sure how this will work out for you, but it would be the easiest and quickest way. Basically, you would install everything as you normally would, but not in Audit Mode. You would then clone this hard drive onto each of the other hard drives and then make any necessary changes to make everything work properly on the network. I would suggest shrinking down the partition before cloning the hard drives and as before, extend them again.
 
Last edited:
SAG said:
After looking at that, I think Sysprep was the wrong word...
Like I said, it was over a decade ago.
Damn.... it was something. Something to assign a new SID to the system.
I'm lost, and tired as hell right now. Going to go take a nap. Been up for about 30 hours straight.
Click to expand...

  1. Sysprep IS still used!
  2. It comes bundled with the OS under \Windows\System32\sysprep\sysprep.exe
  3. You will want to select OOBE, Generalize, Shutdown (on the reference computer)
  4. THEN you take a reference image.

While it is true the SIDs are not as critical as they were once said to be, it will still cause havoc with counting licencing for products like McAfee ePO agent, AND it will cause computers to kick each other out of WSUS reports, etc... Hence, it is highly advisable to still be concerned with each computer having a unique SID.


Personally, I would install the server first thing and make certain it does ALL the network's DNS and DHCP, hosts Active Directory, AND Windows Deployment Services (WDS).

From the reference machine, I would tap F12 (it is a Dell) and select "Onboard Network Controller" (You may have to enable Network Boot or On /w PXE in the BIOS on the Network Controller.)

From there have WDS configured with a BOOT image that can CAPTURE a system. Grab your image. Then setup WDS to deploy stuff...


Now, do the other 13 systems and image them from WDS.


Other logical tasks:
  • Migrate the data from the ductape NAS to a file server
  • Create user accounts and assign proper rights via Active Directory
  • Migrate any Application's and their Data to the File Server, too.
  • Create the ICONS (Group Policy Preferences)
  • Setup WSUS
  • Maybe Automate the WDS deployment with Answer Files
  • Perhaps set some policies to Harden their Web Browsers
  • Perhaps setup groups for OU Adminisrators in AD
  • Perhaps setup a Group in AD for Server Administrators
  • Perhaps setup a group in AD for Remote Desktop Users
  • Perhaps setup a group in AD for Computer Admins
  • Of course use Restrited Groups Policies and WMI Filtering to apply these AD Groups to the proper Local Groups on the proper computers.
  • Consider setting up Auditing & Showdow Services
  • Consider Setting up Disk De-Duplication for the File Server(s)
  • Perhaps setup DFS even if you have only one server
  • Perhaps setup Print and Document Services
  • Perhaps setup a Backup Plan!!!!
 
PCX said:
We actually do something very similar to this process for ALL of our Windows reinstalls. Basically, we install Windows onto one computer and when we create a new account, we boot it up into Audit Mode. We get everything the way it needs to be to include programs, updates, etc. In our case, we do not update the drivers because these will be deployed onto multiple types of computers with their own specific set of drivers, but in your case, it may be beneficial to update all the drivers on this image. Once you have everything the way you want it, you can do one of two things.

1. You can sysprep and generalize the install and then put it on a DVD (which takes time) that you can deploy on each of those computers. Basically, you would go through the same installation process as before, but everything you did would for the most part be applied to the install. This process by the way will take longer than a normal install because the image will be larger than the original.

2. The process that we take is the same as above, except that instead of putting the image on DVD, we actually clone the hard drive instead, but not before shrinking down the partition. So basically, we go through the whole install process, do our customizations in Audit Mode, shrink down the partition, then shut down and generalize. For instance if you have a 500gb hard drive you are working on, instead of cloning that whole hard drive, you would simply shrink that partition to say 50gb and then when you clone that hard drive, all you have to do is stop the cloning process after about 57000mb using ddrescue. The cloning process takes about 15 minutes or less this way. Once done, you pop in the hard drive and it will immediately ask you to create a new account INSTEAD of having to go through the whole Windows install process. Just make sure that when you are done, you extend the partition in Windows to the full capacity of the hard drive or your desired partition size. The shrinking and extending can obviously all be done through Disk Management in Windows and only takes a few seconds to do.

Basically, in our shop, we can get a Windows install done with all the updates, drivers, and programs in less than an hour with this process.

Optionally, you can do a third option, but because I am not a network or server guy, I am not sure how this will work out for you, but it would be the easiest and quickest way. Basically, you would install everything as you normally would, but not in Audit Mode. You would then clone this hard drive onto each of the other hard drives and then make any necessary changes to make everything work properly on the network. I would suggest shrinking down the partition before cloning the hard drives and as before, extend them again.
Click to expand...

Don't use DDRESCUE or DD for that matter to clone an Operating System. Use this only to clone an ENTIRE partition (or drive) including the free space.

Typically speaking this is not an imaging tool. It is sector based. I would highly recommend using a file-based program like ImageX, KACE, etc.

DDRESCUE is for those situations where you have a dying hard drive that can't even be booted because it has a dirty flag that needs CHKDSK... but you know the disk is going bad, so you sector copy it to a NEW Hard Disk... Then you run CHKDSK on the new disk etc... OR it is for forensics (i.e. copying an origional source disk etc). It is NOT an imaging tool.

If you really feel the need to image, with ultra free/open-source tools check out PartImage, PartClone... but NTFS support is still 'Experimental" many years later. Personally, I would stick with the official Microsoft tools that run in Windows PE.
 
NETWizz said:
Don't use DDRESCUE or DD for that matter to clone an Operating System. Use this only to clone an ENTIRE partition (or drive) including the free space.

Typically speaking this is not an imaging tool. It is sector based. I would highly recommend using a file-based program like ImageX, KACE, etc.

DDRESCUE is for those situations where you have a dying hard drive that can't even be booted because it has a dirty flag that needs CHKDSK... but you know the disk is going bad, so you sector copy it to a NEW Hard Disk... Then you run CHKDSK on the new disk etc... OR it is for forensics (i.e. copying an origional source disk etc). It is NOT an imaging tool.

If you really feel the need to image, with ultra free/open-source tools check out PartImage, PartClone... but NTFS support is still 'Experimental" many years later. Personally, I would stick with the official Microsoft tools that run in Windows PE.
Click to expand...

I understand what it is mainly used for (which is one of the main reason why we use it), but for it's speed, easy of access (at least for us with our setup) and considering that we have been using ddrescue in this manner for years without any issues, we see no problem using it. That said, I am totally open to using other tools if they are in some way more beneficial. It's just that ddrescue is already on our diagnostic/data recovery/transfer machines and is an easy go to tool that has never given us any issues, even when only cloning part of a hard drive to retrieve one or two partitions. In our experience, as long you clone enough of the hard drive to get the full partition, you should not have any issues. Like I said, we been doing this for a while and on hundreds of hard drives with no issues. In either case, the concept is there, replace ddrescue with whatever tool suits you, just make sure you get both the system partition and OS partition or you will have to do a startup repair on the OS every time.
 
Last edited:
PCX said:
We actually do something very similar to this process for ALL of our Windows reinstalls. Basically, we install Windows onto one computer and when we create a new account, we boot it up into Audit Mode. We get everything the way it needs to be to include programs, updates, etc. In our case, we do not update the drivers because these will be deployed onto multiple types of computers with their own specific set of drivers, but in your case, it may be beneficial to update all the drivers on this image. Once you have everything the way you want it, you can do one of two things.

1. You can sysprep and generalize the install and then put it on a DVD (which takes time) that you can deploy on each of those computers. Basically, you would go through the same installation process as before, but everything you did would for the most part be applied to the install. This process by the way will take longer than a normal install because the image will be larger than the original.

2. The process that we take is the same as above, except that instead of putting the image on DVD, we actually clone the hard drive instead, but not before shrinking down the partition. So basically, we go through the whole install process, do our customizations in Audit Mode, shrink down the partition, then shut down and generalize. For instance if you have a 500gb hard drive you are working on, instead of cloning that whole hard drive, you would simply shrink that partition to say 50gb and then when you clone that hard drive, all you have to do is stop the cloning process after about 57000mb using ddrescue. The cloning process takes about 15 minutes or less this way. Once done, you pop in the hard drive and it will immediately ask you to create a new account INSTEAD of having to go through the whole Windows install process. Just make sure that when you are done, you extend the partition in Windows to the full capacity of the hard drive or your desired partition size. The shrinking and extending can obviously all be done through Disk Management in Windows and only takes a few seconds to do.

Basically, in our shop, we can get a Windows install done with all the updates, drivers, and programs in less than an hour with this process.

Optionally, you can do a third option, but because I am not a network or server guy, I am not sure how this will work out for you, but it would be the easiest and quickest way. Basically, you would install everything as you normally would, but not in Audit Mode. You would then clone this hard drive onto each of the other hard drives and then make any necessary changes to make everything work properly on the network. I would suggest shrinking down the partition before cloning the hard drives and as before, extend them again.
Click to expand...

Does this work with Windows 8(8.1)and/or EUFI partitions?
 
Here's a process that works

I've used this process to clone W7 machines with a lot of success. It requires 2 USB thumb drives in addition to the "reference" computer. Since I have several different models, what I do is generate the correct *.WIM file and store it on my server.

When I have to image a particular model, I copy the correct .WIM file onto the imaging usb stick.

Building a Standard Image of Windows 7: Step-by-Step Guide
==============================================

http://technet.microsoft.com/en-us/library/ee523217(v=ws.10).aspx
 
You must log in or register to reply here.

Similar threads

thecomputerguy
Oprah says, "and you get a violation, and YOU get a violation, and YoU get a ViOlation!"
Replies
11
Views
234
DRPCNZ
DRPCNZ
GTP
Install Linux on an Old Macbook
Replies
19
Views
621
xrobwx71
xrobwx71
thecomputerguy
Story Time. Simple install went to hell in a handbasket REAL quick! Learned some things!
Replies
16
Views
1K
Sky-Knight
Sky-Knight
Appletax
[SOLVED] Intel Rapid Restore Driver Causes BSOD - DRIVER_POWER_STATE_FAILURE
Replies
3
Views
546
Appletax
Appletax
YeOldeStonecat
Lenovos new ThinkPad X9 series
Replies
4
Views
228
twwabw
twwabw
Back
Top