Building the Perfect Windows Server 2019 Reference Image

Here is a step-by-step quick guide on building the perfect Windows Server 2019 reference image. This guide is divided in two parts: The first part covers how to create a thin, but fully updated Windows Server 2019 reference image using offline servicing. The second part is about creating a thicker Windows Server 2019 reference image using build and capture with MDT 8456.

Real World Note: I see more and more organizations moving away from using thicker images, both for client and server deployments, and use thin image instead. Fully updated, but without any applications. That being said there are some scenarios where you might still want to build thicker images to reduce deployment time.

Part 1 – Creating a Windows Server 2019 reference image using offline servicing (and PowerShell)

If you need to create a Windows Server 2019 reference image quickly, containing the latest cumulative update (CU) and .NET Framework 3.5. You can use PowerShell to do so. Here are two option to service a Windows Server 2019 image using PowerShell.

Servicing Option #1 – Basic Servicing (good for learning)

This script assumes you have downloaded the Windows Server 2019 ISO and the latest SSU, and CU to C:\Setup. Simply update the Create-WS2019RefImage.ps1 script to reference the CU you downloaded, and run the script in an elevated PowerShell prompt.

Note: The script does require that you have Windows ADK 10 installed

https://github.com/DeploymentResearch/DRFiles/blob/master/Scripts/Create-WS2019RefImage.ps1

Running the Create-WS2019RefImage.ps1 script.

Servicing Option #2 – Advanced Servicing using OSDBuilder

The OSDBuilder community solution, which is developed and maintained by David Segura is by far the most advanced solution out there to make sure your images are serviced with no only updates, but with a lot of other options as well. I highly recommend this solution. Learn more at https://osdbuilder.osdeploy.com

OSDBuilder has a gazillion of options, but if you want to build a clean Windows Server 2019 image real quick, copy any Windows Server 2019 ISO to your machine, and run the following commands in an elevated PowerShell prompt (update the ISO path first to match what you have):

$ISOPath = "C:\ISO\Windows Server 2019.iso"

# Install OSDBuilder 
Install-Module -Name OSDBuilder -Force
Import-Module -Name OSDBuilder -Force
 
# Import and update the Windows Server 2019 Operating System media (adds .NET Framework too)
Mount-DiskImage -ImagePath $ISOPath
Import-OSMedia -ImageName 'Windows Server 2019 Standard (Desktop Experience)' -SkipGrid -Update -BuildNetFX
Using OSDBuilder to create an updated media with .NET Framework

What about virtual machines?

If you want to build a Windows Server 2019 reference image for SCVMM 2019, simply follow any of the options in this guide to create the WIM file, and then use a working fork of the Convert-WindowsImage.ps1 script to apply the WIM to a VHDX file. I've been using this fork: https://github.com/nerdile/convert-windowsimage. Below is the command i used to apply a Windows Server 2019 standard index to a VHDX file for a Generation 2 (UEFI) virtual machine.

.\Convert-WindowsImage.ps1 -SourcePath "C:\Setup\Windows Server 2019.iso" -VHDFormat VHDX -Edition ServerStandard -VHDPartitionStyle GPT -Verbose

In the above example I'm applying a Windows Server 2019 Standard image, but if you want to get info about other editions in the Windows Server 2019 install.wim file, run the following commands.

# Get detailed info from all indexes in a WIM file
$ImageFile = "D:\sources\install.wim"
$ImageInfo = Get-WindowsImage -ImagePath $ImageFile
Foreach ($Image in $ImageInfo){
    Get-WindowsImage -ImagePath $ImageFile -Index $image.ImageIndex
}
Running the Convert-WindowsImage.ps1 (fork) script to apply a WIM image to a VHDX file.

Part 2 – Creating a Windows Server 2019 reference image using MDT 8456

Why using MDT to create the reference image instead of offline servicing? Well, if you need to add applications to your server image, to speed up deployments of remote desktop servers etc. you have to use a build and capture process. This is because offline servicing simply doesn't allow for application installations. As a little bonus, when using a build and capture process, all components are completely installed, instead of just staged in the image, speeding up the deployment with a minute or two 🙂

Real World Note: If you're not adding applications to your Windows Server 2019 image, please stick to offline servicing. It's easier, and produces great results.

Anyway, since you're still here, I'm assuming you want to create a Windows Server image with some applications. Now, MDT 8456 can be installed either on a file server, or on your own laptop, but in this scenario I used a file server named MDT01. MDT 8456 requires Windows ADK 10, and for deployment of Windows Server 2019 I recommend using at least Windows ADK 10 v1809.

For this guide you need the following software.

 Step-by-Step Guide

The entire process for creating a Windows Server image using MDT takes about 45 minutes, fully automated. This guide covers the following steps:

  • Step 1 – Install Windows 10 ADK v1809 and MDT 8456
  • Step 2 – Create the MDT Build Lab Deployment Share   
  • Step 3 – Import the Windows Server 2019 operating system
  • Step 4 – Add applications (Optional)
  • Step 5 – Create the MDT Task Sequence
  • Step 6 – Configure the deployment share
  • Step 7 – Create Windows Reference Images

Step 1 – Install Windows ADK 10 v1809, WinPE, and MDT 8456

1. On MDT01, install Windows 10 ADK v1809 (adksetup.exe), and select the following components:

  • Deployment Tools
  • Imaging and Configuration Designer (ICD)
  • Configuration Designer
  • User State Migration Tool (USMT       
Windows ADK 10 v1809 Setup

2. Install WinPE Addon for Windows ADK 10 v1809 (adkwinpesetup.exe)

Installing WinPE Addon for Windows ADK 10 v1809

3.  Install MDT 8456 using the default settings.

Installing MDT 8456.

Step 2 – Create the MDT Build Lab Deployment Share

On MDT01, using the Deployment Workbench (available on the start screen), right-click Deployment Shares and select New Deployment Share. Use the following settings for the New Deployment Share Wizard (my data volume on MDT01 is E:)

  • Deployment share path: E:\MDTBuildLab
  • Share name: MDTBuildLab$
  • Deployment share description: MDT Build Lab
  • Options: (accept the default options)

Once the deployment share is created you also want to relax the security a bit. MDT locks it down to hard by default. Use the following PowerShell script to set some better permissions:

https://github.com/DeploymentResearch/DRFiles/blob/master/Scripts/Set-MDTBuildLabPermissions.ps1

Step 3 – Import the Windows Server 2019 operating system

  1. On MDT01, mount the Windows Server 2019.iso media (or whatever you named it). On my server it was mounted to the D: drive.
  2. Using the Deployment Workbench, expand the Deployment Shares node, expand MDT Build Lab, select the Operating Systems node and create a folder named Windows Server 2019.
  3. Right-click the Windows Server 2019 node, and select Import Operating System.
  4. In the Import Operating System Wizard, on the OS Type page. select Full set of source files and click Next.
  5. On the Source page, in the Source directory text box, type D:\ and click Next.
  6. On the Destination page, in the Destination directory name text box, type WS2019, click Next twice, and then click Finish.
  7. After adding the operating system, using the Deployment Workbench, in the Windows Server 2019 node, change the operating system names to the following:
  • Windows Server 2019 Datacenter
  • Windows Server 2019 Datacenter Core
  • Windows Server 2019 Standard
  • Windows Server 2019 Standard Core
Windows Server 2019 imported to the Deployment Workbench.

Step 4 – Optional – Add applications

As you learned earlier, if not adding applications to your image, there is little need to do a build and capture with MDT. Instead just do offline servicing of your Windows Server image.

In this section, as an example of adding a few applications, you learn to add the various Visual C++ runtimes to your reference image.

Note: Visual C++ 2015 is included in Visual C++ 2017, so you only need to install Visual C++ 2017.

For the Visual C++ runtimes, you make the install a bit easier by using a VBScript wrapper that installs all of them.

  1. On MDT01, extract the Visual C++ runtimes install wrapper to C:\Setup.
  2. Download each runtime from Microsoft Download Center, and copy to the corresponding folder in C:\Setup\Install – Microsoft Visual C++ – x86-x64\source.
image
Each runtime folder.

3. Using the Deployment Workbench, expand Deployment Shares / MDT Build Lab / Applications and create a folder named Microsoft.

4. Right-click the Microsoft folder, and select New Application. Use the following settings for the New Application Wizard:

  • Application with source files
  • Publisher:
  • Application name: Install – Microsoft Visual C++ – x86-x64
  • Version:
  • Source Directory: C:\Setup\Install – Microsoft Visual C++ – x86-x64
  • Specify the name of the directory that should be created: Install – Microsoft Visual C++ – x86-x64
  • Command Line: cscript Install-MicrosoftVisualC++x86x64.wsf
  • Working directory:

Step 5 – Create the MDT Task Sequence

  1. On MDT01, using the Deployment Workbench, in the MDT Build Lab deployment share, select the Task Sequences node, and create a folder named Windows Server 2019.
  2. Expand the Task Sequences node, right-click on the Windows Server 2019 node, and select New Task Sequence. Use the following settings for the New Task Sequence Wizard:  
    • Task sequence ID: REFWS2019-001
    • Task sequence name: Windows Server 2019 Standard
    • Task sequence comments: Reference Build
    • Template: Standard Server Task Sequence
    • Select OS: Windows Server 2019 Standard
    • Specify Product Key: Do not specify a product key at this time
    • Full Name: ViaMonstra
    • Organization: ViaMonstra
    • Internet Explorer home page: about:blank
    • Do not specify an Administrator password at this time
  3. Edit the task sequence, by navigating to the Task Sequences / Windows Server 2019 folder, right-click the Windows Server 2019 Standard task sequence, and select Properties.
  4. On the Task Sequence tab, in the State Restore node, before the Windows Update (Pre-Application Installation) action, add a new group named Custom Tasks (Pre-Windows Update).
  5. In the Custom Tasks (Pre-Windows Update) group, add a new Install Roles and Features action with the following settings:
    • Name: Install – Microsoft NET Framework 3.5.1
    • Operating system: Windows Server 2019
    • Role: .NET Framework 3.5 Features
  6. After the Install – Microsoft NET Framework 3.5.1 action, add an application with the following settings:
    • Name: Install – Microsoft Visual C++ – x86-x64
    • Application: Install – Microsoft Visual C++ – x86-x64
  7. After the Install – Microsoft Visual C++ – x86-x64 action, add a Restart computer action.
  8. Enable the Windows Update (Pre-Application Installation) action.
  9. Click OK.
Editing the Windows Server 2019 Standard task sequence.

Step 6 – Configure the deployment share

Then, to configure the deployment share settings, you modify the two rules files (Bootstrap.ini and CustomSettings.ini), and some other settings related to WinPE. The ruels files you can modify either via the MDT Build Lab deployment share properties, or directly in the file system, in the E:\MDTBuildLab\Control folder. Below you find the rules files I used in this guide.

Bootstrap.ini

[Settings]
Priority=Default

[Default]
DeployRoot=\\MDT01\MDTBuildLab$
UserDomain=VIAMONSTRA
UserID=MDT_BA
[email protected]

SkipBDDWelcome=YES

CustomSettings.ini

[Settings]
Priority=Default

[Default]
_SMSTSORGNAME=ViaMonstra
UserDataLocation=NONE
ComputerBackupLocation=NONE
DoCapture=YES
OSInstall=Y
[email protected]
TimeZoneName=Pacific Standard Time 
JoinWorkgroup=WORKGROUP
;HideShell=YES
;FinishAction=SHUTDOWN
ApplyGPOPack=NO
;SLSHARE=\\MDT01\Logs$

SkipAppsOnUpgrade=NO
SkipAdminPassword=YES
SkipProductKey=YES
SkipComputerName=YES
SkipDomainMembership=YES
SkipUserData=YES
SkipLocaleSelection=YES
SkipTaskSequence=NO
SkipTimeZone=YES
SkipApplications=YES
SkipBitLocker=YES
SkipSummary=YES
SkipRoles=YES
SkipCapture=NO
SkipFinalSummary=YES
  1. On MDT01 in the E:\MDTBuildLab\Control folder, modify the Bootstrap.ini and CustomSettings.ini per the above examples.  
  2. Then, using the Deployment Workbench, right-click the MDT Build Lab deployment share and select Properties.
  3. In the Windows PE tab, in the Platform dropdown list, make sure x86 is selected.
  4. In the Drivers and Patches tab, select the Nothing selection profile, and select the Include all drivers from the selection profile option
  5. In the Lite Touch Boot Image Settings area, configure the following settings:
    • Image description: MDT Build Lab x86
    • ISO file name: MDT Build Lab x86.iso
  6. In the Windows PE tab, in the Platform dropdown list, make sure x64 is selected.
  7. In the Drivers and Patches tab, select the Nothing selection profile, and select the Include all drivers from the selection profile option
  8. In the Lite Touch Boot Image Settings area, configure the following settings:
    • Image description: MDT Build Lab x64
    • ISO file name: MDT Build Lab x64.iso
  9. Click OK.
  10. Update the deployment share, by right-clicking the MDT Build Lab deployment share and select Update Deployment Share. Use the default Options for the Update Deployment Share wizard.
Configuring properties on the Deployment Share.

Step 7 – Create Windows Reference Images

Create a Windows Server 2019 Reference WIM Image, fully automated.

  1. On MDT01, copy the E:\MDTBuildLab\Boot\MDT Build Lab x64.iso file to your VMware or Hyper-V machine.
  2. Create a virtual machine named REF001, configure it with 2 vCPUs and 4 GB RAM. Then mount MDT Build Lab x64.iso on the virtual machine.
  3. Start the REF001 virtual machine, and allow it to boot. Then complete the Deployment Wizard using the below settings:
    • Select a task sequence to execute on this computer: Windows Server 2019 Standard  
    • Specify whether to capture an image: (accept the default settings).

The task sequence will now do the following:

  • Install the Windows Server 2019 operating system.    
  • Install the added applications, roles, and features.    
  • Stage WinPE on the local disk.    
  • Run Sysprep and reboot into WinPE.    
  • Capture the Windows Server 2019 installation to a WIM file.
WIM_thumb2
MDT capturing a Windows Server Image.

Written by Johan Arwidmark

About the author

Johan Arwidmark

5 2 votes
Article Rating
Subscribe
Notify of
guest
29 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Steve Campbell
Steve Campbell
1 year ago

May want to add a note, Option 1 requires Windows ADK….

Derek Miller
Derek Miller
1 year ago

Thanks for the informative post, Johan. I had a problem capturing a reference image when including Windows Updates on a Gen 2 Hyper-V VM. I get a 'Can not find script file "C:\LTIBootstrap.vbs".' error after rebooting after Sysprep. This does not seem to be a problem when using Gen 1 VMs. Is this expected behavior?
 
 
 

Last edited 1 year ago by Derek Miller
Mike
Mike
1 year ago

For part 1 option 2 is there a way to add drivers ? I attempted to put extracted drivers to the osdrivers and winpedrivers in the _global directory. The Iso that I created via New-OSBMediaISO doesn't seem to have them. I got it to work once manually but I must be doing something different in my script.

Simon
Simon
1 year ago

hi,
i get always: WARNING: Import-OSMedia: OSMedia was not found . . . Exiting!

This is part 1 option 2

What i do wrond?

Jim
Jim
1 year ago

Hi Johan, can i use the offline servicing scripts to create the Windows 2008 R2 (few remaining Servers) & Windows 2012 R2 reference images too?

Gyz
Gyz
1 year ago

Thanks for this great post. To keep your OS images updated with only latest patches, is the Scheduled Updates option for OS images in SCCM also not a valid option? Just discovered this and wondering if this is not an easier option than OSDBuilder or MDT Capture tasksequence..

Robert
Robert
1 year ago

Hi Johan, great post as usual. Question, I see you're recommending offline servicing for WS2019 thin images with no apps, is this what you now recommend for W10 thin images as well? If I remember correctly you were previously recommending offline servicing for inplace upgrades and MDT B&C for bare metal deployments.

Robert
Robert
1 year ago

Thanks

Up until now I've always favoured a hybrid approach, MDT B&C including the OS updates, NetFX3 and Office. I've found this to be a nice balance between deployment speed and image management.

If you walked in to a customer today and they said that they wanted to deploy a W10 thin image, updates and NetFX3 but no apps, would you advise them something like OSDBuilder or your script to create the WIM? This is assuming the requirements wouldn't be changing anytime soon.

Jamaal
Jamaal
1 year ago

I have a question, Johan. My setup is different. I already did the regular MDT task capture for Windows 10 1809 and I wanted to do an offline service update monthly via powershell. Can I do so instead of running the MDT task over again?

Jamaal
Jamaal
1 year ago

Ok, thanks Johan.

Ram
Ram
1 year ago

I guess, I can use Option 1 by changing all Windows Server 2019 to Windows 10 1703 including KB for CU and SSU within the PowerShell script and create a reference image of Windows 10 v1703 for use in the test lab scenario?

trackback

[…] Read the complete article by MVP Johan Arwidmark on his blog […]

Billy Blanks
Billy Blanks
1 year ago

thx

George Kuff
George Kuff
1 year ago

Thank for all the time you're putting into this. You need to update the VS part since now VS2019 is the same as VS 2015 and VS2017 with new shiny exe.
https://support.microsoft.com/en-ca/help/2977003/the-latest-supported-visual-c-downloads

Need to update the Visual C++ runtimes install wrapper as well.

Thank again!

Pavan
Pavan
1 year ago

Hello Johan,
Thank you the blog.
I'm trying to build the reference image using OSDBuild and want to check where exactly it dumps the image file once it completes building it?

linda Bernstein
linda Bernstein
1 year ago

Hi Johan, what is a respectiable .WIM size when creating an image. Our Windows 10 & sometimes Server 2016 averages around 10-12GB. Is this too large? Thx


>