OSDBuilder – Reference Image on Steroids

The people who are following me on Twitter might have noticed that I am playing around with OSDBuilder lately. What is OSDBuilder? It is a PowerShell module from David Segura which allows you to do apply several customizations to a Windows OS image. Before I was using OSDBuilder there always have been the same repeating challenge in a four-week cycle: How is the fastest and most reliable (automated) way to deploy my machines with the latest updates after M$ Patch Tuesday? First let’s have look what options do we have without OSDBuilder?

Option #1  – WSUS
You are deploying a standard task sequence and applying the Windows Updates from your WSUS server during the OSD installation.

2019-03-18 07_13_52-Window

Option #2 –  Integrate Updates into Workbench
Automate the download of Cumulative Updates from Windows Update Catalog and import the .msu or .cab files into the Deployment Workbench.

2019-03-18 07_16_08-Window

Option #3 – PowerShell
You are using a PowerShell Wrapper to install the .msu files during the OSD installation.

2019-03-18 07_19_10-Window

What do all the mentioned solutions have in common?

They are too slow! Option #2 and Option #3 can take up to 40 minutes only for installing the latest Cumulative/Adobe Security Updates. We better don’t talk about Option #1 WSUS  because this will take for a decade or maybe even more.. This is a horror for everyone who just wants to rollout a new machine for staging and is totaly unacceptable in my opinion.

How can OSDBuilder help?
With the framework from David we can inject the latest updates into the install.wim and deploy our machines directly with the latest patch level. We only need to apply the “update procedure” once and can use the modified install.wim for n-machines. But it is not only about injecting updates you also get the possiblity to add .NET Framework 3.5 and language packs which is going to save you valuable time during the deployment because DISM is not the fastest piece of technology.  You don’t need to worry about downloading updates files and checking dependencies from previous updates. Everything is automated. I am going to show you how to do some basic stuff with OSDBuilder. Please check the OSDBuilder Docs for detailed informations.

Is it possible to automate the whole process?

Of course. I wrote a PowerShell script which you can find in my Github repository. Create a schedulded task and run the script monthly after Microsoft released new updates. Before using the script make sure to fit the custom variables to your environment.

$Trigger= New-ScheduledTaskTrigger -Weekly -WeeksInterval 4 -DaysOfWeek Tuesday -At 10pm
$User= "NT AUTHORITY\SYSTEM"
$Action= New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "C:\Scripts\OSDBuilder\OSDBuilder.ps1"
Register-ScheduledTask -TaskName "OSDBuilder" -Trigger $Trigger -User $User -Action $Action -RunLevel Highest –Force

Result: A new OS-Build got created and imported into the MDT Deployment Workbench. It will always create a new folder “OSDBuilder”+ DateStamp under Operating Systems.

2019-03-19 09_30_34-mRemoteNG - confCons.xml - MDT-01

 

The following steps are showing the manual process of using OSDBuilder.

Install OSDBuilder &  Import the Operating System

Install-Module -Name OSDBuilder -Force
Import-Module -Name OSDBuilder -Force

2019-03-18 07_49_38-Window

Mount the Windows Server ISO. I am using Windows Server 2016. If you already have the sources inside your MDT share you can create a SUBST to skip the ISO mount action > subst e: “C:\Hydration\Operating Systems\VLSC-W2k16”

Import-OSMedia

Choose the version (Standard|Datacenter) you would like to import and get a coffee because this will take some time. Multiple selections are possible.

2019-03-18 07_57_22-Window

2019-03-18 07_59_47-Window

Import Language Packs

Create a folder with the release ID of your OS under “C:\OSDBuilder\Content\IsoExtract
Example: Windows Server 2016 1607 Language

Copy the folders from the  M$ Language Pack ISO containg the .cab files to “x64\langpacks”

2019-03-19 06_09_26-mRemoteNG - confCons.xml - MDT-01

 

Update the OS-Media

Now it is time to inject the latest available cumulative updates. This going to take about 30 minutes. Make sure that the server can reach Windows Update becaue the script is going to download the needed system updates.

Update-OSMedia -Download -Execute -SkipComponentCleanup

If you are going to install PVS Target Device Driver during a Task Sequence make sure you skip the “Component Cleanup”! This will break your installation and the VM will end up in a boot loop to Windows recovery mode. Thanks to Mario Hohlmesser who found this out the hard way (me included).

 

Create an OSBuildTask

The next step is to create an OSBuildTask. You can specify what you want to include for example: .NET 3.5, Language Packs, drivers and enable optional features.

New-OSBuildTask -TaskName Build-031819 -EnableNetFX3

2019-03-18 08_41_37-Window

Select the language packs to apply.

2019-03-19 06_12_01-mRemoteNG - confCons.xml - MDT-01

This will result in a .json configuration file you need to use for creating a new OSBuild. You will find it under “C:\OSDBuilder\Tasks\OSBuild Build-031819.json”.

Create an OSBuild

This will create your final install sources which can be used for deploying the machines.

New-OSBuild -ByTaskName Build-031819  -Execute -SkipComponentCleanup

2019-03-18 08_52_37-Window

2019-03-18 15_13_09-mRemoteNG - confCons.xml - MDT-01

 

Import the Reference Image into MDT

Now we can import the Reference Image into the Deployment Workbench and assign it to a Task Sequence.

2019-03-18 15_14_35-mRemoteNG - confCons.xml - MDT-01

2019-03-18 15_49_36-mRemoteNG - confCons.xml - MDT-01

2019-03-18 15_50_27-mRemoteNG - confCons.xml - MDT-01

2019-03-18 16_01_01-mRemoteNG - confCons.xml - MDT-01

2019-03-18 16_08_09-mRemoteNG - confCons.xml - MDT-01

2019-03-18 16_12_42-mRemoteNG - confCons.xml - MDT-01

How can I choose which updates are getting applied?

Every release of OSDBuilder is associated with the corresponding monthly updates. The information is located in a .xml file under:  “C:\Program Files\WindowsPowerShell\Modules\OSDBuilder\BuildNumber-xxxx\Catalogs”

We are creating an OSBuild with Patchlevel “2019-03” in this blog. If you want to integrate Patchlevel “2019-04” on the upcoming patch tuesday you need to update the OSDBuilder PowerShell Module first. Otherwise you will not be able find any new updates.

OSDBuilder -Update

If you have enough disk space just keep the created OSBuilds in an archive and you can easily jump forwards and backwards to specific PatchLevels.

Cleanup the Mount Directory

It could happen that you suddenly run out of  disk space because for example you stopped a task during execution and the mountpoints are still available. In my case this have been 33.4GB.

Path: C:\OSDBuilder\Content\Mount

2019-03-19 19_56_06-mRemoteNG - confCons.xml - MDT-01.png

Personal Conclusion

I hope I could show you some of the hard work David put into his framework. He really did a hell of a job which is saving us a lot of time and headache. Please make use of his OSDBuilder and share it with your colleagues and friends.

3 thoughts on “OSDBuilder – Reference Image on Steroids

Add yours

  1. 1. Can you show a manual step-by-step how-to create an up up-to-date ISO of Windows 10 & 7 using the Media Creation Tool, and using OSDBuilder to keep it updated?

    2. ASDBuilder (Application Software Deployment Builder) – is it possible to also update or embed application in the install media the same way we do drivers & patches, and also keep them up-to-date as well?

    Thanks.

    Like

    1. 1. Just follow the steps with your Windows 10 ISO. I think Windows 7 is not supported by OSDBuilder.
      2. Never heard of ASDBuilder. You can’t update applications. Please check the docs for all available functions.

      Like

  2. To apply additional language packs I had to add the parameter “-ContentLanguagePackages” to my New-OSBuildTask.
    The operating system I am going to deploy is Windows 10 1809.

    Like

Leave a Reply to Holger Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: