In this post, You will learn about bare metal deployment using the configuration manager (Windows 10 2004 Using SCCM). The bare metal scenario occurs when you have a blank machine you need to deploy or an existing machine you want to wipe and redeploy without needing to preserve any existing data.
Introduction
The setup starts from a boot media, using a CD, USB, ISO, or Pre-Boot Execution Environment (PXE). You can also generate full offline media. The target can be a physical computer or a virtual machine.
The deployment process for the new machine scenario is as follows –
- Start the setup from boot media (CD, USB, ISO, or PXE).
- Wipe the hard disk clean and create a new volume.
- Install the operating system image.
- Apply device drivers by detecting device manufacturers.
- Install applications.
- Apply Customization | Additional settings if needed.
- After taking these steps, the computer is ready for use.
Prerequisites
- Ensure you are running with the latest supported version of Configuration Manager.
- Boot images are updated or regenerated.
- Make sure that you added network and storage drivers to the boot image.
- Configured the boot image to deploy from a PXE-enabled distribution point.
Learn about the supported lists of the versions of Windows 10 for Configuration Manager, Check Microsoft Blog.
Note – It’s important to extract the downloaded Windows 10 ISO Content in a folder. Create a folder, and Mount the ISO using File Explorer or any other available options.
Download Windows 10 2004 ISO
You can download Windows 10 2004 version ISO from VLSC (Volume Licensing Service Center).
- Right-click on the ISO file in file explorer. Click on Mount.
You will notice that Windows 10 ISO will create a disc drive that you can use to access contents. Select all contents and copy them to a folder.
Import Windows 10 operating system image
Open Configuration Manager Console, Go to Software Library > Operating Systems > Operating System Images.
In Data Source, click Browse and specify the network shared path to the install.wim from the Windows 10 Source directory where you extracted the source of an ISO file.
Select the option to Extract a specific image index from the specified WIM file. Then select the Image index from the drop-down list. Click Next.
You can now specify to automatically import a single Image index rather than all image indexes in the file, using this option results in a smaller image file.
On the General page, assign the Name, Version, and Comment. Click Next.
Review the provided information, and click Next to complete the wizard.
Wait for a moment, while exporting is in progress.
After successfully completion, click Close to exit the wizard.
The Operating System Image is successfully imported to Configuration Manager.
Distribute Operating System Images
Right-click Windows 10 Enterprise and click Distribute Content.
Review the selected content for distribution. Click Next.
Add the Distribution Point to distribute the content.
Review the selected distribution points, and groups. Click Next.
On the Summary page, review the settings. Click Next.
Click Close to complete the Distribute Content wizard.
You can monitor the content status, if it’s showing a yellow color that means distribution is in progress. If the content distribution was successful, it will appear with Green color as shown.
Create Task Sequence to deploy an OS
This section will walk you through the process of creating a Configuration Manager task sequence to deploy the operating system image.
In the Configuration Manager console, Go to the Software Library workspace, expand Operating Systems, right-click Task Sequences and select Create Task Sequence.
Select Install an existing image package, and then select Next.
On the Task Sequence Information page, specify the following settings:
Task sequence name: Specify a name that identifies the task sequence.
Description: Optionally specify a description
On the Boot Image, Click Browse and select the available boot image package.
Check in the Run as a high-performance power plan. Click Next.
Note – Running a task sequence with the High-Performance power plan to improve the speed of the task sequence execution. At the end of the task sequence, it resets the power plan to the stored value (Balanced Power Plan).
On the Install Windows page, specify the following settings:
Image package: Click on Browse to select the image. Select Partition and format the target computer installing the operating system.
Product key: you can specify the Windows product key for the OS to install.
Specify how to handle the administrator account for the new OS. Click Next.
On the Configure Network page, specify the following settings. Click Next.
Join a workgroup: Add the destination computer to a workgroup.
Join a domain: Add the destination computer to a domain. In Domain, click Browse to specify the name of the domain. You can also specify an organizational unit (OU) in the Domain OU field. This setting is optional.
Account: The user name and password for the account that has permission to join the specified domain.
On the Install Configuration Manager page, specify the Configuration Manager client package is selected automatically. Click Next.
On the State Migration page, leaving it to default as these steps are conditions based on a task sequence that not going to run automatically. Click Next.
On the Include Updates page, you can specify whether to install required software updates, or all software updates. I am not installing any software updates. Click Next.
On the Install Applications page, specify the applications to install, or later you can add in task sequence steps. Click Next.
Review the settings, click Next.
Click Close to complete the wizard.
The Task Sequence is created successfully.
Customize Task Sequence
Use the following procedure to modify an existing task sequence
Under Software Library > Operating Systems > Task Sequences. Right-click on task sequences and select Edit.
Edit the Task Sequence to add or remove settings – The Task Sequence uses these phases to determine which tasks must be completed.
You might need to add support files, software updates, tools, and applications to the task sequence based on requirements.
Review drivers and applications that will be installed with the task sequence. Before you deploy the task sequence, make sure the drivers are compatible. To Import Drivers, Create Driver packages and Process to Integrate Driver package into Task Sequence.
Review others settings added in Task Sequence, and make sure to apply all changes. Click Apply and OK, close the window.
Deploy Windows 10 2004 Task Sequence
Select the task sequence, Right-click, and select Deploy.
On the General, click Browse to select your device collection where you wish to perform the deployment.
Deploy to All Unknown Computers – Computers that are not managed by Configuration Manager or a computer that is not imported into Configuration Manager.
On the Deployment Settings, select the Purpose of the deployment.
Available – Available deployments require that the user is present at the destination computer. A user must press the F12 key to continue the PXE boot process. If a user isn’t present to press F12, the computer boots into the current OS, or from the next available boot device.
Required – Required deployments use PXE without any user intervention.
To use a PXE-initiated OS deployment, For the Make available to the following setting, select one of the following options –
- Configuration Manager clients, media, and PXE
- Only media and PXE
- Only media and PXE (hidden)
On the Scheduling tab, you can specify the schedule for this deployment. Click Next.
On the User Experience tab, leave the default selected options. Click Next.
On the Alerts page, leave it default. Click Next.
On the Distribution Points page, you can specify how clients interact with the DPs to retrieve content from reference packages. Click Next.
Review the selected settings and click Next.
The Deployment targeted successfully collection. Close the wizard.
Results – Windows 10 Deployment
On Target Computers, depends on deployment settings. Press the F12 key to continue the PXE boot process. Windows PE starts, and then the Task Sequence Wizard starts. You will be presented with the Welcome to the Task Sequence Wizard. If media is password protected, provide a password. Click Next.
Complete the Task Sequence Wizard by selecting deployed task sequence. Click Next.
Once you complete the Wizard, the deployment of the new operating system begins. When the deployment process is complete, you will be prompted on screen to Sign in to the device.
Sign in to the device with your domain or local credentials. Check the Windows Version, Installed Windows 10 2004 successfully.
Troubleshooting – Windows 10 2004 Using SCCM
The first step to troubleshoot SCCM OSD Task Sequence issues to is check out the SMSTS.log. Learn how to read SMSTS.log effectively for troubleshooting SCCM OSD Task Sequence.
The SMSTS.log updating the location depending on the phases of deployment process.
Phase | Log Location [Client Side] |
WinPE (Before HDD are formatted and partitioned) | x:\windows\temp\smstslog\smsts.log |
WinPE (After HDD are formatted) | x:\smstslog\smsts.log copied to c:\_SMSTaskSequence\Logs\Smstslog\smsts.log |
Installed Operating System (Before SCCM client installed) | c:\_SMSTaskSequence\Logs\Smstslog\smsts.log |
Installed Operating System (After the SCCM client is installed) | c:\windows\ccm\logs\Smstslog\smsts.log |
Installed Operating System (When the Task Sequence is completed) | c:\windows\ccm\logs\smsts.log |
Resources
- Introduction to operating system deployment in Configuration Manager
- Windows 10 deployment scenarios
Thanks for your guide Jitesh, this is the process I have been following back since Windows 7 and works well.
I have a requirement because of a legacy system where I have to create a folder during the build “c:\legacy” this folder has to be given permissions (1. System everything except special, 2. Administrators everything except special and 3. Users everything except Full control and Special Permissions).
I have a batch file script which has worked well up until this 2004 build:
MD C:\Legacy
icacls C:\Legacy /inheritance:r /grant:r “Users”:(OI)(CI)RXM /grant:r “Administrators”:(OI)(CI)F /grant:r “System”:(OI)(CI)F
icacls C:\Legacy /remove EVERYONE /T
However while it does run (and looks like permissions is correct), it seems to break non-administrator user profiles. For example a non-admin user cannot run the Windows Defender dashboard, you get Windows saying “You’ll need a new app to open this windowsdefender link”.
If I dont add the folder, or dont set the permissions everything is fine.
I have spent weeks on this and really no closer to fixing it, and would really appreciate any tip you might have for this? Maybe you have seen this before?
Thanks
Richard