/build/static/layout/Breadcrumb_cap_w.png

K2100 Best Practices

Just wanted to get everyone's opinion on how I'm going about imaging with the K2 and get any pointers to make things easier to manage my images. Right now I am building an image using VM's. After it is fully updated I install all the base applications (i.e. Anti-Virus, 7zip, Greenshot, .Net, Silverlight) and core configurations (i.e. Disable IPv6, Disable UAC, add Firewall Exceptions). I take a screen shot of the image once I'm pleased with it as a "Golden Image." I add my unattend.xml to the proper folder and sysprep the machine. Once it shuts down I boot into the KBE and capture the image. I then apply post actions such as installing the AMP Agent, Office, etc. I deploy machines that test successfully. I get no hiccups and I only have to activate Windows and Office before handing it off to a user. I feel like this is a solid methodology but would like to know if some of you have any pointers to make this better. I'm all ears.....!


1 Comment   [ + ] Show comment
  • Thanks everyone for the input. I am sticking with my procedure for the time being but am going to change a few of the installations to Post Install Tasks opposed to having them in the image when captured. Again, thank you all..... - jsunderman 11 years ago

Answers (7)

Posted by: Johnzko 11 years ago
Orange Senior Belt
0

Its good.

But i install Antivirus, 7-ZIP, Adobe etc. later because i can faster add ne versions of the applikations. If you make every month a new masterimage thats ok.

 

But my mind is already the image as few as possible.

Hope it helps.

 

Posted by: nheyne 11 years ago
Red Belt
0

Office is a pretty big postinstall task, any reason why you don't include it in your image?

I also use your VM approach for the snapshot ability, which comes in handy with Sysprep especially.  Although I do a CopyProfile on a physical machine otherwise I lose some graphics capability.

Posted by: dugullett 11 years ago
Red Belt
0

I do pretty much the same thing except I have everything post install. I let GPOs handle firewall, and UAC. You can also set these in your unattend.xml.

My snapshot has Windows updates turned on. I load the snapshot. Run the updates I need, and then sysprep. In my unattend.xml I have Windows updates turned off so I do not need to worry about turning them back off.

I have three main images that I updated every few months. I want to test copying my unattend.xml to C:\windows\panther as a preinstall to see if I can just have one "Golden Image", but just have separate preinstall tasks for each. I just haven't had time to test this yet.

Posted by: BHC-Austin 11 years ago
4th Degree Black Belt
0

Seems like a pretty good procedure. I like using VMs to prepare my images as well, keeps from having to tie up hardware resources. I agree with Johnzko, though. We don't include any software in the image unless it's just too complicated to install after the fact. This makes updating which version is installed easier.

The other thing we do different in our organization is we let our K1000 do the "heavy lifting" of app installs. In Healthcare there are a lot of complicated app installs that we could never seem to get to work right as Post Install Tasks. So we use "bread crumbs" in the registry, along with Custom Inventory and Smart Labels to install the needed software from the K1000. The K2000 just lays down the basics: OS image, drivers, K1 agent, and the "bread crumbs". We also use wsusoffline to install updates as a post install task. This way we only have to update the folder that stores the updates, rather than having to capture a whole new image.

Posted by: SMal.tmcc 11 years ago
Red Belt
0

I have found out that disabling IPv6 in the master image does no good.  the hardware is recreated post sysprep so IPv6 is enabled again.  I had to add the disable after the machine comes out of sysprep, doing it as a post task even did not help.  I added a run once to run on the machines first boot after post sysprep reboot.

this is my postinstallation line to kill ipv6

start /wait reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v ipv6kill /d "reg.exe add \"HKLM\SYSTEM\CurrentControlSet\services\Tcpip6\Parameters\" /v DisabledComponents /t REG_DWORD /d 4294967295 /f"

 

Posted by: SMal.tmcc 11 years ago
Red Belt
0

also if you are using the 100 meg partition and sysprep you can add all your drivers ahead of sysprep to create a univerasal image.  This also works with windows 8.1 so far

http://www.itninja.com/blog/view/creating-a-windows-7-sysprep-image-without-having-to-install-any-drivers-at-post-install-tasks

Posted by: cserrins 11 years ago
Red Belt
0

It is not recommened to install anti-virus or any type of agent software (like the K1000) into your golden image.

I'm with johnzko, I install all my software as a PO because that way when I update my golden image I only have to update windows, the other software gets updated in the PO task or a network share so its always up-to-date.

Corey
Lead L3 Enterprise Solutions Consultant, K2000
If my response was helpful, please rate it!

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ