- SmartDeploy: Rethinking software deployment to remote workers in times of a pandemic - Thu, Jul 30 2020
- Outlook attachments now blocked in Office 365 - Tue, Nov 19 2019
- PolicyPak MDM Edition: Group Policy and more for BYOD - Tue, Oct 29 2019
Configuring CustomSettings.ini
The Bootstrap and CustomSettings MDT rule files
Right-click your MDT Deployment Share and select Properties – Rules. Microsoft supplies the following default CustomSettings.ini for creating a Windows 8.1 reference image:
[Settings] Priority=Default [Default] _SMSTSORGNAME=Contoso UserDataLocation=NONE DoCapture=YES OSInstall=Y AdminPassword=P@ssw0rd TimeZoneName=Eastern Standard Time JoinWorkgroup=WORKGROUP HideShell=YES FinishAction=SHUTDOWN DoNotCreateExtraPartition=YES WSUSServer=http://MDT-01.Test.local:8530 ApplyGPOPack=NO SLSHARE=\\MDT-01.Test.Local\Logs$ SkipAdminPassword=YES SkipProductKey=YES SkipComputerName=YES SkipDomainMembership=YES SkipUserData=YES SkipLocaleSelection=YES SkipTaskSequence=NO SkipTimeZone=YES SkipApplications=YES SkipBitLocker=YES SkipSummary=YES SkipRoles=YES SkipCapture=NO SkipFinalSummary=YES
Be sure to edit the ORGNAME, admin password, time zone, and WSUS/SLShare path. Ideally, your MDT capture environment is separate from the production environment. This provides a simple method to keep separate rules. If you are using an existing CustomSettings.ini in an existing MDT environment, you will at least have to set DoCapture=Yes and SkipCapture=No.
The two settings above and two additional settings are important to the capture process. The DoCapture setting instructs the task sequence to sysprep the image during capture. SkipCapture controls the Capture settings pane in the initial MDT wizard. The JoinWorkgroup setting ensures that domain policies are not set on your reference image. Configuring the WSUSServer setting provides for a faster capture time.
Configuring Bootstrap.ini
You will also have to configure the Bootstrap.ini file so that clients can connect to your network share. As a best practice, use a dedicated account that only has the read/execute permissions to the MDT deployment share and write access to needed folders such as the Capture folder. If needed, here is a sample bootstrap file. Be sure to set the DeployRoot and domain credentials.
[Settings] Priority=Default [Default] DeployRoot=\\MDT-01\DeploymentShare$ UserDomain=TEST.local UserID=MDT_Boot UserPassword= P@ssw0rd SkipBDDWelcome=YES
Save your Bootstrap.ini file and ensure that CustomSettings.ini (located in the Control folder) shows your updated rules. In the Deployment Workbench, right-click your deployment share and select Update Deployment Share. This will generate your boot media. To simplify the creation process, we will boot a VM off of the Lite Touch ISO that is being generated.
The capture process relies on the bootable ISO for ease of use. This setting is on the Windows PE tab
Building your reference image for Windows 8.1
A simple build and capture environment uses two Hyper-V VMs. The first is the MDT server that we previously configured. The second is a client VM that will process the Task Sequence and will provide the reference image. By using a Hyper-V client, you do not have to worry about drivers in your reference image. This version of Windows PE includes the necessary drivers needed to capture a Hyper-V client.
If you haven’t already done so, create a second VM to serve as the client. Assign two virtual processors and at least 4GB of RAM to the machine. These two items alone may shave 20-25 minutes off the build and capture time. If you want to save additional time, consider booting the VM from a RAMDisk and changing the capture process from ImageX to DISM.
The deployment share should have finished updating by now. In the boot folder of the deployment share, there should be a LiteTouchPE_86.ISO. and a LiteTouchPE_X64 ISO. If you are using a GEN2 Hyper-V client, you will need to use the X64 boot media. The network path to this location would look like this: \\MDT-01\DeploymentShare$\Boot. Attach the ISO to a blank VM and take a snapshot. The snapshot provides a quick way for you to restart the capture process in the future.
Start the VM and allow it to boot into Windows PE. Select the capture task sequence that you created in the previous post. Specify the capture path; by default, this is the Capture folder in your deployment share. The account you are using to connect to the MDT deployment share should have write permissions to the folder that will contain the captured reference image. This account is specified in the Bootstrap.ini file.
Ensure that “Capture an image of this reference computer” is selected.
The VM will continue through the Windows installation process. It will install any applications, roles, or features that you configured in the task sequence. It will fully update itself, reboot, and run sysprep. Finally, it will capture the reference machine into a WIM and shut itself down. You’ve completely automated the reference image creation process! The only thing you have left to do is to import the WIM into your Windows 8.1 deployment task sequence.
Read the latest IT news and community updates!
Join our IT community and read articles without ads!
Do you want to write for 4sysops? We are looking for new authors.
Hello,
I captured the image with some customizations, After the deployment it got added to domain. But when I log in with corp credentials some of the customizations are gone(Background image, icon size, logon background image, and some more)
Am I missing anything?
Thanks
Those were probably stored under a user profile. You will need to make those changes to the default profile or set them with Group Policy. I prefer group policy as it makes it easier to change later.
Hi Joseph,
I’m trying to use these instructions to make a WS2016 reference image. I keep getting stopped when I spin up the REF01 VM. The task sequence starts, but then I get an error that I can’t connect to the deployment share (“Possible cause: Invalid credentials). I think this means that something is mis-configured in bootstrap.ini, but I haven’t been able to figure out what.
The instance of MDT is local to the same machine that’s running Hyper V. Can you give me any advice for how to adapt those bootstrap/customsettings ini’s for a self-contained test environment that is not on a domain and is not connected to WSUS? Any help is appreciated, thanks!
-GB
The bootstrap.ini file is in the Control folder under your DeploymentShare. You can remove everything but the deployroot line if you want to test the credentials. After making any changes to that INI file, update your deploymentshare – this will add the new file to your boot media. Make sure that your VM is using the new media that is generated by the update process.
Thanks Joseph. So, when you suggest to remove everything but the deploymentroot line from bootstrap.ini to test the credentials, are you saying that it defaults to using a particular set of credentials (SYSTEM maybe?)?
On another note, can you “explain-like-I’m-5” what bootstrap.ini handles in contrast to what customsettings.ini handles? If possible, I’m only looking for like, 2 sentences on that. I’m all over the details, but I feel like I’m not seeing the big picture.
When you remove the creds, you should be prompted to enter a set. This gives you a bit more room for testing.
ELI5:
Bootstrap.ini has just enough info to get the client connected to the deployment share. It is stored with the boot media.
Customsettings.ini has everything else.