Creating Windows Deployment Media

You can generate network boot and offline deployment media for Windows OS deployments from the Bundle and Media Manager Dashboard.

From the MDT Bundle Creators and Windows Media tab, select Create Deployment Media to complete one of the following tasks:
  • Generate an iso file to burn a CD/DVD media
  • Create a USB deployment media on a mounted USB key, which can be formatted before creation.
  • Generate USB key content for later creation of USB deployment media.
Depending on your selection, the CD, DVD, or USB media can include:
  • WinPE only (network boot): In this case, when WinPE starts from the media, the target boots and connects to the Bare Metal OS deployment server (PXE server) to receive the binding menu.
  • WinPE and one or more bootable images (offline deployment): In this case, when the boot operation completes on the target, the binding menu is displayed. The user at the target can select the profile to deploy from the media.
Based on the Windows Deployment Kit installed on the selected computer, the correct version of Windows Preinstallation environment (WinPE) is downloaded from the specified Bare Metal OS deployment server and included in the media.

Deployment Media type selection - Bundle and Media Manager dashboard
Note: The OS Deployment Server from which you download the files that are needed for creating the media must be at Version 7.1.1.17 or later.
During the media creation process, files are stored in a temporary folder on the selected Bare Metal OS deployment server. By default, the temporary folder is created in the system TEMP folder. When the process completes, the folder is erased. To specify a different path for the temporary folder, complete the following steps before you create the media:
  1. From the subscribed computers list, locate the Bare Metal OS deployment server and edit the computer settings.
  2. Add the custom setting BAREMETAL_CURRENT_MEDIATMP and specify the new path in the value field. This path must already exist on the selected server. If the specified path is not found, the temporary folder is created in the default path.
  3. After the task completes successfully, create the media.
Important: When you create network boot or offline deployment media for UEFI targets that have the Secure Boot firmware option enabled, you must use an MDT Bundle with WinPE 4 or later and you must disable enhanced error detection in the profiles that you deploy to these targets.
Note: To deploy from a deployment media, the needed drivers must be explicitly bound in the deployment engine binding matrix ("Current Manual Binding" column) in the Driver Bindings.
Note: If the Bare Metal Server providing the deployment media files is not local onto the creator machine, and the creator machine client version is 10.0.8 or later, an additional step for allowing the creator machine to download via https from the Bare Metal Server computer is needed before launching the creation task. Any one of the following alternative steps should be in place before launching the deployment media creation:
  • Import on the Bare Metal Server web interface, a certificate signed by a Public CA. See Managing Bare Metal OS Deployment Servers.

    or

  • Export from a browser connected to the Bare Metal Server web interface, the self signed certificate the server uses for https communications (the *.crt file) and copy it to the folder <bigfix client folder>\TrustedDownloadCerts (by default it's "C:\Program Files (x86)\BES Client\TrustedDownloadCerts) in the creator machine.

    or

  • Add to the client running on the creator machine the setting _BESClient_Download_UntrustedSites with value as 1.

Creating network boot media

The use of network boot media is useful in situations where a DHCP server is not available, or when there is a firewall that is preventing PXE traffic.

To create a network boot CD/DVD or USB media complete the following steps:
  1. On the Media Type pane select the target, then select Create Network Boot Media, and click Next.
  2. Select the OS Deployment server from which the files used to create the media are downloaded, and click Next.
  3. Depending on the deployment kit that is installed on the selected target, the Create Deployment Media page displays the version of WinPE that is included in the media. You can specify, select, or change the following settings:
    1. The OS architecture .
    2. Optionally, you can choose to include all available WinPE drivers in the media. This option is useful only when you have a new computer model which is not listed among the available models in the Driver Library, and a binding grid cannot be generated to associate the correct drivers for the devices. A preferable alternative is to add the new computer model to your BigFix environment in one of the following two ways:
      • Install an operating system on the computer of that model and connect it to the BigFix infrastructure through a BES client.

        or

      • PXE boot a computer of that model to a Bare Metal server where the Management Extender for Bare Metal targets is installed and running.
    3. The type of media: CD/DVD, mounted USB key, or USB key content. You can optionally select to format the USB-mounted media. For the USB content, you must specify a target directory. Two scripts are downloaded in the specified target directory, formatUSB.cmd and MakeUSB.cmd Depending on your selections, some restrictions might apply. See Network boot media limitations.
    4. Specify the connection details for the target PXE boot. By default, the OS Deployment server that the target contacts when the PXE boot operation is complete is automatically discovered. You can specify the connection parameters either explicitly or at boot time. You must always specify the password of the administrative user on the OS Deployment Server.
    5. Select the type of network configuration settings that are assigned to the client at boot time. By default, a dynamic IP address is assigned (DHCP). Alternatively, you can specify a static IP address, network mask, and gateway address. If you specify static network settings, you can overwrite them at boot time by checking the corresponding option.
    6. You can optionally specify to have the user start the boot sequence on the target. In this case, a prompt is displayed on the target and the boot sequence begins only when the user responds to the prompt.
    7. If the network boot media must connect to a bare metal server of version 7.1.1.20.311.12 or lower, you must select the specific option.
  4. When you have completed your selections, click OK. The information that you provided is validated before the media creation task begins.
Network boot media requirements and limitations: The following restrictions apply to network boot media:
  • If you select the USB Key content media type, you must format the USB key with a single bootable FAT32 partition of at least 512 Megabytes. To format the USB key, you can use the formatUSB.cmd script. USB keys that are formatted as NTFS file systems are not supported on UEFI targets.
  • If you select mounted USB key and no formatting option, for the key to work on UEFI targets, you should first format the key with a single bootable FAT32 partition of at least 512 Megabytes.
Important:
  • When a target connects to a bare metal server using a network boot CD, a binding menu with all available profiles on that server is displayed. However, because the WinPE that is included in the boot media is downloaded and started on the target, only profiles with an MDT Bundle with the same WinPE version can be deployed successfully.

Creating offline deployment media

Offline deployment media can be used when the target has no connection to the OS Deployment Server or when the network connection is slow. Some typical situations are small branch offices with slow links and no local deployment server, isolated computers that are disconnected from an internal network, or notebook users that cannot connect to the local area network or are using a modem. When you create offline deployment media, all necessary files for the deployment are downloaded.

From the Bundle and Media Manager dashboard, click the MDT Bundle Creators tab, select a target from the list and click Create Deployment Media. The Media Type window is displayed:

To create an offline deployment CD/DVD or USB media complete the following steps:
  1. On the Media Type window, select the target, then select Create Offline Deployment Media, and click Next.
  2. In the OS Deployment Server and Bare Metal Profiles pane, select theOS deployment serverto which the files used to build the media are downloaded.
  3. The Bare Metal Profiles available at the selected OS deployment server are displayed. The profiles that you can choose from are filtered and meet the following requirements:
    • contain MDT Bundle Version 3.6 or later with the level of WinPE compatible with the deployment kit installed on the target where you are creating the media.
    • contain OS images that are compatible with the deployment kit installed on the target where you are creating the media.
    Profiles that do not meet these criteria are not displayed. Select one or more profiles to include in the media you are creating. Click Next.
    Note: If the profiles you select have a hostname rule containing variables for IP or MAC addresses, their values are substituted with zero (0) at runtime. For example, Win10-[IP] becomes Win10-[0000] on the target.
    Important: If you are creating deployment media for UEFI targets that have the Secure Boot firmware option enabled, the profiles you select to include in the media must not have enhanced error detection enabled. Ensure that the profiles you include meet this criterion, or edit them to disable enhanced error detection before you create the media.
    Note: When you select more than one profile of OS images with different architecture (32-bit and 64-bit), the WinPE 64-bit will be included in the media, and it will not be possible to successfully deploy 32-bit OS image. When you are adding more that one profile of OS images, the OS images must be of the same architecture.
  4. In the Create Deployment Media window, some selections are already made, based on your input in the previous window.
    • You can optionally choose to inject available drivers in WinPE
    • You must specify the password of the administrative user on the OS Deployment server that you selected in the previous window. The password is needed only if the target used for creating the media is not an OS Deployment server.
    • Select the type of media you want to create. If you select the USB Key content, you must specify an output directory. Two scripts are downloaded in the specified directory, formatUSB.cmd and MakeUSB.cmd. Depending on the selected media type, some restrictions might apply. See Offline deployment media limitations
    • You can optionally specify to have the user start the boot sequence on the target. In this case, a prompt is displayed on the target and the boot sequence begins only when the user responds to the prompt.
  5. When you completed your selections, click OK. The information that you provided is validated before the media creation task begins.
Offline deployment media requirements and limitations: The following restrictions apply to offline deployment media:
  • If your media type is a mounted USB key:
    • If you select the Format the USB key option, the USB media must be seen as a fixed disk and not as removable. Typically, Flash Drive USB cards are seen as fixed disks and can be used.
    • If you do not choose the formatting option, you must first format the key with two partitions, of which the first must be a bootable FAT32 partition of at least 1024 Megabytes, and the second partition a non-bootable NTFS partition, large enough to store the selected images. The USB media must be seen as a fixed disk and not as removable.
  • If your media type is USB Key Content:
    • If your USB key is a fixed disk, and you want to format it with two partitions, you can either format it with the formatUSB.cmd script or manually. If you want to format the key manually, the first partition must be a bootable FAT32 partition of at least 1024 Megabytes, and the second partition a non-bootable NTFS partition, large enough to store the selected images.
    • If the USB key is removable and you want format it with a single partition for deployment on both BIOS and UEFI targets, you must format it manually as a FAT32 bootable partition, then run the makeUSB.cmd script. Furthermore, the image included in the Bare Metal profile must not be larger than 4 GB.
    • For deployment on BIOS targets only, if the USB key is removable, you must format it manually with a single NTFS partition and then run the makeUSB.cmd script.
Note: To complete the operating system deployment successfully on the target, ensure that the hard disk device on your target is configured before the CD/DVD or USB media device in the boot sequence. Then, force the boot from the media device to start the deployment. Alternatively, only for CD/DVD media, select the Boot at User Request option during the creation of the media.

Formatting and loading USB key content

When you are creating network boot or offline deployment USB key content, all files that are needed for booting from the network or for offline deployments of operating systems on targets are stored in the specified folder on the selected target. In this path, two scripts that are named formatUSB.cmd and makeUSB.cmd are downloaded. You can run these scripts to format and load the folder content on the USB key. To run the scripts, open a Windows shell with administrative privileges.

Offline deployment media preparation:
formatUSB.cmd
Use this script to format your offline deployment USB key with a bootable FAT32 partition and a non-bootable NTFS partition. Complete the following steps:
  1. Insert the USB key. The USB key must be empty, and identified as a local disk.
  2. Run the script from a shell with administrative privileges by specifying the drive letter that is assigned to it, an extra drive letter that is not currently assigned to another disk, and the disk number. For example:
    formatUSB.cmd F G 1
  3. When the formatting step completes, use the makeUSB.cmd script to complete the USB key preparation.
Run the script without arguments to view the disk configuration. The disk numbers are displayed in the first list. The drive letter is displayed in the second list. The letter must be identified as type 'Partition'.
makeUSB.cmd
Use this script to populate your bootable offline deployment USB key:
  1. Insert the USB key. Ensure that the key was previously formatted with a bootable FAT32 partition and an extra NTFS partition. You can use formatUSB.cmd to format the key.
  2. Run the script from a shell with administrative privileges, by specifying the USB key drive letters. The first letter must be the FAT32 partition. For example: 
    makeUSB.cmd F G
    You can use a USB key with a single partition. For the key to work on UEFI targets it must be formatted FAT32, not NTFS. For example: 
    makeUSB.cmd F
Network boot media preparation:
formatUSB.cmd
Use this script to format your network boot USB key with a single bootable FAT32 partition:
  1. Insert the USB key. The key must be empty.
  2. Run the script from a shell with administrative privileges, by specifying the drive letter that is assigned to the USB key, and the disk number. For example: 
    formatUSB.cmd F 1
  3. When the formatting step completes, use the makeUSB.cmd script to complete the USB key preparation.
Run the script without arguments to view the disk configuration. The disk numbers are displayed in the first list. The drive letter is displayed in the second list. The letter must be identified as type 'Partition'.
makeUSB.cmd
Use this script to populate your network boot USB key:
  1. Insert the USB key.
  2. Ensure that the USB key was previously formatted with a single bootable FAT32 partition. You can use formatUSB.cmd script to format the key.
  3. Run the script from a shell with administrative privileges, by specifying the USB drive letter. For example: 
    makeUSB.cmd F
Important: When you run formatUSB.cmd, make sure that you specify the correct disk number and drive letter. Failure to do so might cause unrecoverable damage to your computer. All partitions on the USB key are erased.