AD attributes to fully Automating OS deployment with WDS (Windows Deployment Services)

Microsoft provides many tools for deploying an Operating System (Windows 7, Windows 8, Windows Server 2008, Windows Server 2012).  Each has their pros and cons.  Some are easy to setup some a little harder.

One thing I found over the years at Microsoft was when setting up a test system that is physical hardware it is best to do a clean install, thus using WDS. 

The info below was used as part of the Automation system I developed while at the Microsoft Enterprise Engineering Center.  By using WDS with the automation system we were able to simply click on a server in the UI and select Image.  This would then kick off the OS Imaging workflow.
Deployment Steps:

1. Power Server off (via Raritan Switched PDUs and SNMP)
2. Move Network interfaces for server into correct Vlan (via Network Vlan plugin system)
3. Set Active Directory Attributes below for WDS
4. Set KVM interface Name (via Raritan Command Center APIs)
5. Power Server ON (via Raritan Switches PDUs)

 Advantages of using WDS

• No image to maintain for each model
• No images to patch each month
• System is clean and pure
• Bases (install) images are easy to setup (just need the .WIM from the CD)
• Does not require agents to be installed on everything
• Allows for an easy system audit script to be run at the same time
• Don't have to worry about a "safe OS" being installed on some drive

I am not going to go into detail on how to setup WDS or add boot or install images.  This is well documented on MSDN. http://technet.microsoft.com/en-us/library/jj648426.aspx.

I don't recommend using Stand-alone mode if you need a system that needs some resiliency.  The AD integrated option works the best!

A few requirements

• WDS is setup with a boot and install image (and you know the names(
• You have a computer object created with the UUID (netbootGuid) property set

We will be working with 2 AD attributes

• netbootMachineFilePath - http://technet.microsoft.com/en-us/library/cc753134(v=WS.10).aspx
• netbootMirrorDataFile - http://msdn.microsoft.com/en-us/library/dd871382.aspx

netbootMachineFilePath

This attribute specifies what PXE client should be used when the computer boots.  You can use wdsutil /Set-Device /Device:<name> /BootProgram:<path> to set this.

3 common values

• <WDS Server FQDN>\boot\x86\pxeboot.n12 - Tells the PXE client to NOT required F12. If you used the N12 option be sure to run "wdsutil /set-server /resetbootprogram:yes" on the WDS server. If you don't the clients will always be in reboot loop.
• <WDS Server FQDN>\boot\x86\abortpxe.com - Tells the PXE client to abort any PXE boot attempt on that NIC and move to next device in boot order
• <WDS Server FQDN>\boot\x86\pxeboot.com - Tells PXE to request the user to push F12.  Will move to next boot device if they don't.

netbootMirrorDataFile

This attribute holds the following items for a ZERO Touch deployment.

• What boot file (WIM) to use - BootImagePath
• Path to unattend XML file (provides path to install WIM) - WdsUnattendFilePath
• If you want the computer joined to the domain - JoinDomain

As MSDN provides (in link above) the info is in Key=value; format.

Example: to use boot image foo, unattend bar and NOT join the domain

netbootMirrorDataFile=JoinDomain=0;BootImagePath=Boot\x86\Images\foo.wim;WdsUnattendFilePath=wdsclientunattend\bar.xml;

 Note the trailing ;.  See http://www.mikepoulson.com/2013/08/bindlsvc-error-522-from-wds.html for more info.

These items can also be set by running the following WDSUtil commands

• WDSUTIL /Set-Device /Device:<name> /WDSClientUnattend:<path>
• WDSUTIL /Set-Device /Device:<name> /BootImagePath:<path>
• WDSUTIL /Set-Device /Device:<name> /JoinDomain:No