Here is a step-by-step quick guide on building the perfect Windows Server 2019 reference image. This guide is divided in three parts/methods: The first part shows how you can export the edition you want by exporting it from the Microsoft ISO directly. The second part covers how to create a thin, but fully updated Windows Server 2019 reference image using offline servicing. The final part is about creating a thicker Windows Server 2019 reference image using build and capture with MDT 8456.
Real World Note: I see more and more organizations moving away from using thicker images, both for client and server deployments, and use thin image instead. Fully updated, but without any applications. That being said there are some scenarios where you might still want to build thicker images to reduce deployment time.
This post describes three different methods of creating a Windows Server 2019 Image containing a single Index
- Option 1 – Export the Edition Directly from the Microsoft ISO File
- Option 2 – Creating a Windows Server 2019 reference image using MDT 8456
- Option 3 – Creating a Windows Server 2019 reference image using offline servicing (and PowerShell)
Option 1 – Export the Edition Directly from the Microsoft ISO File
These days Microsoft releases updated media for Windows Server 2019 on MSDN an VLSC. The media is usually 1-2 month behind, but it at least is somewhat updated. Here is a short script that mounts the ISO, and exports the edition you want to work with.
# Script to extract the Windows Server 2019 Standard index from a Windows Server 2019 media.
# Update line 4 and 5 to match your environment
$ISO = "F:\ISO\Windows Server 2019 (updated August 2021).iso" # Path to Windows Server 2019 media
$WIMPath = "C:\Ref" # Target folder for extracted WIM file containing Windows Server 2019 Standard only
$WIMFile = "$WIMPath\REFWS2019-001.wim"
$Edition = "Windows Server 2019 Standard (Desktop Experience)"
Mount-DiskImage -ImagePath $ISO | Out-Null
$ISOImage = Get-DiskImage -ImagePath $ISO | Get-Volume
$ISODrive = [string]$ISOImage.DriveLetter+":"
If (!(Test-path $WIMPath)){ New-Item -Path $WIMPath -ItemType Directory -Force | Out-Null } # Create folder if needed
Export-WindowsImage -SourceImagePath "$ISODrive\sources\install.wim" -SourceName $Edition -DestinationImagePath $WIMFile
Dismount-DiskImage -ImagePath $ISO | Out-NullOption 2 – Creating a Windows Server 2019 image using Offline Servicing
If you need to create a Windows Server 2019 reference image quickly, containing the latest cumulative update (CU) and .NET Framework 3.5. You can use PowerShell to do so. Here are two option to service a Windows Server 2019 image using PowerShell.
Servicing Option #1 – Basic Servicing (good for learning)
This script assumes you have downloaded the Windows Server 2019 ISO and the latest SSU, and CU to C:\Setup. Simply update the Create-WS2019RefImage.ps1 script to reference the CU you downloaded, and run the script in an elevated PowerShell prompt.
Note: The script does require that you have Windows ADK 10 installed
https://github.com/DeploymentResearch/DRFiles/blob/master/Scripts/Create-WS2019RefImage.ps1
Servicing Option #2 – Advanced Servicing using OSDBuilder
The OSDBuilder community solution, which is developed and maintained by David Segura is by far the most advanced solution out there to make sure your images are serviced with no only updates, but with a lot of other options as well. I highly recommend this solution. Learn more at https://osdbuilder.osdeploy.com
OSDBuilder has a gazillion of options, but if you want to build a clean Windows Server 2019 image real quick, copy any Windows Server 2019 ISO to your machine, and run the following commands in an elevated PowerShell prompt (update the ISO path first to match what you have):
$ISOPath = "C:\ISO\Windows Server 2019.iso"
# Install OSDBuilder
Install-Module -Name OSDBuilder -Force
Import-Module -Name OSDBuilder -Force
# Import and update the Windows Server 2019 Operating System media (adds .NET Framework too)
Mount-DiskImage -ImagePath $ISOPath
Import-OSMedia -ImageName 'Windows Server 2019 Standard (Desktop Experience)' -SkipGrid -Update -BuildNetFX
What about virtual machines?
If you want to build a Windows Server 2019 reference image for SCVMM 2019, simply follow any of the options in this guide to create the WIM file, and then use a working fork of the Convert-WindowsImage.ps1 script to apply the WIM to a VHDX file. I've been using this fork: https://github.com/nerdile/convert-windowsimage. Below is the command i used to apply a Windows Server 2019 standard index to a VHDX file for a Generation 2 (UEFI) virtual machine.
.\Convert-WindowsImage.ps1 -SourcePath "C:\Setup\Windows Server 2019.iso" -VHDFormat VHDX -Edition ServerStandard -VHDPartitionStyle GPT -VerboseIn the above example I'm applying a Windows Server 2019 Standard image, but if you want to get info about other editions in the Windows Server 2019 install.wim file, run the following commands.
# Get detailed info from all indexes in a WIM file
$ImageFile = "D:\sources\install.wim"
$ImageInfo = Get-WindowsImage -ImagePath $ImageFile
Foreach ($Image in $ImageInfo){
Get-WindowsImage -ImagePath $ImageFile -Index $image.ImageIndex
}
Option 3 – Creating a Windows Server 2019 reference image using MDT 8456
Why using MDT to create the reference image instead of offline servicing? Well, if you need to add applications to your server image, to speed up deployments of remote desktop servers etc. you have to use a build and capture process. This is because offline servicing simply doesn't allow for application installations. As a little bonus, when using a build and capture process, all components are completely installed, instead of just staged in the image, speeding up the deployment with a minute or two 🙂
Real World Note: If you're not adding applications to your Windows Server 2019 image, please stick to either option 1, or offline servicing. It's easier, and produces great results.
Anyway, since you're still here, I'm assuming you want to create a Windows Server image with some applications. Now, MDT 8456 can be installed either on a file server, or on your own laptop, but in this scenario I used a file server named MDT01. MDT 8456 requires Windows ADK 10, and for deployment of Windows Server 2019 I recommend using at least Windows ADK 10 v1809.
For this guide you need the following software.
- Windows Server 2019.
- Windows ADK 10 v1809 and the WinPE Addon for Windows ADK 10 v1809.
- For download links, see the Windows ADK 10 page on MSDN:
- MDT 8456
- Visual C++ runtimes (2010,2012,2013 and 2017 etc.) available on Microsoft Download Center.
- Visual C++ runtimes install wrapper (Optional, but helpful)
Step-by-Step Guide
The entire process for creating a Windows Server image using MDT takes about 45 minutes, fully automated. This guide covers the following steps:
- Step 1 – Install Windows 10 ADK v1809 and MDT 8456
- Step 2 – Create the MDT Build Lab Deployment Share
- Step 3 – Import the Windows Server 2019 operating system
- Step 4 – Add applications (Optional)
- Step 5 – Create the MDT Task Sequence
- Step 6 – Configure the deployment share
- Step 7 – Create Windows Reference Images
Step 1 – Install Windows ADK 10 v1809, WinPE, and MDT 8456
1. On MDT01, install Windows 10 ADK v1809 (adksetup.exe), and select the following components:
- Deployment Tools
- Imaging and Configuration Designer (ICD)
- Configuration Designer
- User State Migration Tool (USMT
2. Install WinPE Addon for Windows ADK 10 v1809 (adkwinpesetup.exe)
3. Install MDT 8456 using the default settings.
Step 2 – Create the MDT Build Lab Deployment Share
On MDT01, using the Deployment Workbench (available on the start screen), right-click Deployment Shares and select New Deployment Share. Use the following settings for the New Deployment Share Wizard (my data volume on MDT01 is E:)
- Deployment share path: E:\MDTBuildLab
- Share name: MDTBuildLab$
- Deployment share description: MDT Build Lab
- Options: (accept the default options)
Once the deployment share is created you also want to relax the security a bit. MDT locks it down to hard by default. Use the following PowerShell script to set some better permissions:
https://github.com/DeploymentResearch/DRFiles/blob/master/Scripts/Set-MDTBuildLabPermissions.ps1
Step 3 – Import the Windows Server 2019 operating system
- On MDT01, mount the Windows Server 2019.iso media (or whatever you named it). On my server it was mounted to the D: drive.
- Using the Deployment Workbench, expand the Deployment Shares node, expand MDT Build Lab, select the Operating Systems node and create a folder named Windows Server 2019.
- Right-click the Windows Server 2019 node, and select Import Operating System.
- In the Import Operating System Wizard, on the OS Type page. select Full set of source files and click Next.
- On the Source page, in the Source directory text box, type D:\ and click Next.
- On the Destination page, in the Destination directory name text box, type WS2019, click Next twice, and then click Finish.
- After adding the operating system, using the Deployment Workbench, in the Windows Server 2019 node, change the operating system names to the following:
- Windows Server 2019 Datacenter
- Windows Server 2019 Datacenter Core
- Windows Server 2019 Standard
- Windows Server 2019 Standard Core
Step 4 – Optional – Add applications
As you learned earlier, if not adding applications to your image, there is little need to do a build and capture with MDT. Instead just do offline servicing of your Windows Server image.
In this section, as an example of adding a few applications, you learn to add the various Visual C++ runtimes to your reference image.
Note: Visual C++ 2015 is included in Visual C++ 2017, so you only need to install Visual C++ 2017.
For the Visual C++ runtimes, you make the install a bit easier by using a VBScript wrapper that installs all of them.
- On MDT01, extract the Visual C++ runtimes install wrapper to C:\Setup.
- Download each runtime from Microsoft Download Center, and copy to the corresponding folder in C:\Setup\Install – Microsoft Visual C++ – x86-x64\source.
3. Using the Deployment Workbench, expand Deployment Shares / MDT Build Lab / Applications and create a folder named Microsoft.
4. Right-click the Microsoft folder, and select New Application. Use the following settings for the New Application Wizard:
- Application with source files
- Publisher:
- Application name: Install – Microsoft Visual C++ – x86-x64
- Version:
- Source Directory: C:\Setup\Install – Microsoft Visual C++ – x86-x64
- Specify the name of the directory that should be created: Install – Microsoft Visual C++ – x86-x64
- Command Line: cscript Install-MicrosoftVisualC++x86x64.wsf
- Working directory:
Step 5 – Create the MDT Task Sequence
- On MDT01, using the Deployment Workbench, in the MDT Build Lab deployment share, select the Task Sequences node, and create a folder named Windows Server 2019.
- Expand the Task Sequences node, right-click on the Windows Server 2019 node, and select New Task Sequence. Use the following settings for the New Task Sequence Wizard:
- Task sequence ID: REFWS2019-001
- Task sequence name: Windows Server 2019 Standard
- Task sequence comments: Reference Build
- Template: Standard Server Task Sequence
- Select OS: Windows Server 2019 Standard
- Specify Product Key: Do not specify a product key at this time
- Full Name: ViaMonstra
- Organization: ViaMonstra
- Internet Explorer home page: about:blank
- Do not specify an Administrator password at this time
- Edit the task sequence, by navigating to the Task Sequences / Windows Server 2019 folder, right-click the Windows Server 2019 Standard task sequence, and select Properties.
- On the Task Sequence tab, in the State Restore node, before the Windows Update (Pre-Application Installation) action, add a new group named Custom Tasks (Pre-Windows Update).
- In the Custom Tasks (Pre-Windows Update) group, add a new Install Roles and Features action with the following settings:
- Name: Install – Microsoft NET Framework 3.5.1
- Operating system: Windows Server 2019
- Role: .NET Framework 3.5 Features
- After the Install – Microsoft NET Framework 3.5.1 action, add an application with the following settings:
- Name: Install – Microsoft Visual C++ – x86-x64
- Application: Install – Microsoft Visual C++ – x86-x64
- After the Install – Microsoft Visual C++ – x86-x64 action, add a Restart computer action.
- Enable the Windows Update (Pre-Application Installation) action.
- Click OK.
Step 6 – Configure the deployment share
Then, to configure the deployment share settings, you modify the two rules files (Bootstrap.ini and CustomSettings.ini), and some other settings related to WinPE. The ruels files you can modify either via the MDT Build Lab deployment share properties, or directly in the file system, in the E:\MDTBuildLab\Control folder. Below you find the rules files I used in this guide.
Bootstrap.ini
[Settings]
Priority=Default
[Default]
DeployRoot=\\MDT01\MDTBuildLab$
UserDomain=VIAMONSTRA
UserID=MDT_BA
UserPassword=P@ssw0rd
SkipBDDWelcome=YESCustomSettings.ini
[Settings]
Priority=Default
[Default]
_SMSTSORGNAME=ViaMonstra
UserDataLocation=NONE
ComputerBackupLocation=NONE
DoCapture=YES
OSInstall=Y
AdminPassword=P@ssw0rd
TimeZoneName=Pacific Standard Time
JoinWorkgroup=WORKGROUP
;HideShell=YES
;FinishAction=SHUTDOWN
ApplyGPOPack=NO
;SLSHARE=\\MDT01\Logs$
SkipAppsOnUpgrade=NO
SkipAdminPassword=YES
SkipProductKey=YES
SkipComputerName=YES
SkipDomainMembership=YES
SkipUserData=YES
SkipLocaleSelection=YES
SkipTaskSequence=NO
SkipTimeZone=YES
SkipApplications=YES
SkipBitLocker=YES
SkipSummary=YES
SkipRoles=YES
SkipCapture=NO
SkipFinalSummary=YES
- On MDT01 in the E:\MDTBuildLab\Control folder, modify the Bootstrap.ini and CustomSettings.ini per the above examples.
- Then, using the Deployment Workbench, right-click the MDT Build Lab deployment share and select Properties.
- In the Windows PE tab, in the Platform dropdown list, make sure x86 is selected.
- In the Drivers and Patches tab, select the Nothing selection profile, and select the Include all drivers from the selection profile option
- In the Lite Touch Boot Image Settings area, configure the following settings:
- Image description: MDT Build Lab x86
- ISO file name: MDT Build Lab x86.iso
- In the Windows PE tab, in the Platform dropdown list, make sure x64 is selected.
- In the Drivers and Patches tab, select the Nothing selection profile, and select the Include all drivers from the selection profile option
- In the Lite Touch Boot Image Settings area, configure the following settings:
- Image description: MDT Build Lab x64
- ISO file name: MDT Build Lab x64.iso
- Click OK.
- Update the deployment share, by right-clicking the MDT Build Lab deployment share and select Update Deployment Share. Use the default Options for the Update Deployment Share wizard.
Step 7 – Create Windows Reference Images
Create a Windows Server 2019 Reference WIM Image, fully automated.
- On MDT01, copy the E:\MDTBuildLab\Boot\MDT Build Lab x64.iso file to your VMware or Hyper-V machine.
- Create a virtual machine named REF001, configure it with 2 vCPUs and 4 GB RAM. Then mount MDT Build Lab x64.iso on the virtual machine.
- Start the REF001 virtual machine, and allow it to boot. Then complete the Deployment Wizard using the below settings:
- Select a task sequence to execute on this computer: Windows Server 2019 Standard
- Specify whether to capture an image: (accept the default settings).
The task sequence will now do the following:
- Install the Windows Server 2019 operating system.
- Install the added applications, roles, and features.
- Stage WinPE on the local disk.
- Run Sysprep and reboot into WinPE.
- Capture the Windows Server 2019 installation to a WIM file.
Written by Johan Arwidmark
Bit of an old thread, but I was resolved an error I was receiving and wanted to share as the article may require an update. When using Option 1, be sure to use the correct string for the $Edition variable, MS must have changed the naming convention at some point because using the script as-is (with the current eval version of 17763.737.190906-2324.rs5) will result in an error: Export-WindowsImage : Either the Name or Index parameter is required At line:13 char:1 + Export-WindowsImage -SourceImagePath "$ISODrive\sources\install.wim" ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [Export-WindowsImage], PSArgumentException + FullyQualifiedErrorId : Export-WindowsImage,Microsoft.Dism.Commands.ExportWindowsImageCommand The new naming convention… Read more »
Hi Johan,
Below is the error message I'm getting when I run the Option 1 script. What am I missing.
Thanks.
Export-WindowsImage -SourceImagePath "$ISODrive\sources\install.wim" -SourceName $Edition -DestinationImagePath $WIMFile
Dismount-DiskImage -ImagePath $ISO | Out-Null
Can you paste the error message text?
Holy smokes! I've been searching for a way to do this for my lab deployments and am downright giddy about finding your instructions. THANK YOU!!
May want to add a note, Option 1 requires Windows ADK….
Thanks Steve, just did 🙂
Thanks for the informative post, Johan. I had a problem capturing a reference image when including Windows Updates on a Gen 2 Hyper-V VM. I get a 'Can not find script file "C:\LTIBootstrap.vbs".' error after rebooting after Sysprep. This does not seem to be a problem when using Gen 1 VMs. Is this expected behavior?
Don't know, I never build reference images from Gen 2 VMs, always Gen 1 VMs.
For part 1 option 2 is there a way to add drivers ? I attempted to put extracted drivers to the osdrivers and winpedrivers in the _global directory. The Iso that I created via New-OSBMediaISO doesn't seem to have them. I got it to work once manually but I must be doing something different in my script.
Drivers should not be added to the image, drivers for the OS are added at deployment time, and to the boot image used with your deployment solution.
hi,
i get always: WARNING: Import-OSMedia: OSMedia was not found . . . Exiting!
This is part 1 option 2
What i do wrond?
Did you mount the ISO file prior to running Import-OSMedia? Does it show in Explorer?
Hi Johan, can i use the offline servicing scripts to create the Windows 2008 R2 (few remaining Servers) & Windows 2012 R2 reference images too?
Yes, even being older, those platforms does supports offline servicing too.
Thanks for this great post. To keep your OS images updated with only latest patches, is the Scheduled Updates option for OS images in SCCM also not a valid option? Just discovered this and wondering if this is not an easier option than OSDBuilder or MDT Capture tasksequence..
I don't like the schedule update option in SCCM, due it's doing too little. Better to import a better media into SCCM.
Hi Johan, great post as usual. Question, I see you're recommending offline servicing for WS2019 thin images with no apps, is this what you now recommend for W10 thin images as well? If I remember correctly you were previously recommending offline servicing for inplace upgrades and MDT B&C for bare metal deployments.
No, I don't recommend offline servicing for all scenarios, I'm just saying it becomes more and more common. There are still scenarios where build and capture is needed to save time. The same applies for Windows 10. The main reason for build and capture is speed, but as hardware and network becomes better and better over time, even thin image deployments are pretty quick these days. I expect to see some organizations, for example schools, continue to use thicker images.
Thanks
Up until now I've always favoured a hybrid approach, MDT B&C including the OS updates, NetFX3 and Office. I've found this to be a nice balance between deployment speed and image management.
If you walked in to a customer today and they said that they wanted to deploy a W10 thin image, updates and NetFX3 but no apps, would you advise them something like OSDBuilder or your script to create the WIM? This is assuming the requirements wouldn't be changing anytime soon.
Yes, if they only need .NET and Updates, offline servicing is the way to go. Build and capture is only needed when adding apps to the image.
I have a question, Johan. My setup is different. I already did the regular MDT task capture for Windows 10 1809 and I wanted to do an offline service update monthly via powershell. Can I do so instead of running the MDT task over again?
AFAIK it's supported to run offline servicing on a custom image, but I wouldn't do it. If rather run offline servicing on the default media, and use that media for the build and capture. These is a well tested scenario. / Johan
Ok, thanks Johan.
I guess, I can use Option 1 by changing all Windows Server 2019 to Windows 10 1703 including KB for CU and SSU within the PowerShell script and create a reference image of Windows 10 v1703 for use in the test lab scenario?
Yes, that works.
[…] Read the complete article by MVP Johan Arwidmark on his blog […]
thx
Thank for all the time you're putting into this. You need to update the VS part since now VS2019 is the same as VS 2015 and VS2017 with new shiny exe.
https://support.microsoft.com/en-ca/help/2977003/the-latest-supported-visual-c-downloads
Need to update the Visual C++ runtimes install wrapper as well.
Thank again!
The community already did 🙂 Here is the new version: https://github.com/DeploymentResearch/DRFiles/blob/master/Scripts/Install-MicrosoftVisualC%2B%2Bx86x64.wsf
Hello Johan,
Thank you the blog.
I'm trying to build the reference image using OSDBuild and want to check where exactly it dumps the image file once it completes building it?
The default locations is the captures folder of the deployment share, but you can override that with variables. / Johan
Hi Johan, what is a respectiable .WIM size when creating an image. Our Windows 10 & sometimes Server 2016 averages around 10-12GB. Is this too large? Thx
For a clean image with .NET and the latest SSU/CU updates the size should be around 3.5 – 4 GB. / Johan