Windows 10 Sysprep Guide

Ivano ViolaSystem Administrator
Published:
Updated:
Windows 10 is here and for most admins this means frustration and challenges getting that first working Windows 10 image. As in my previous sysprep articles, I've put together a simple help guide to get you through this process. The aim is to achieve that first deployment image quickly and easily.
This article builds on my previous two sysprep articles:
 

Files you will need...


- Windows Assessment and Deployment Kit (Windows ADK) for Windows 10
From the kit you need to install the Deployment Tools which contains Windows System Image Manager (SIM) used for creating unattend .xml files. This should be install on a computer not being used for imaging.

- Windows 10 image.wim
To create an unattend.xml file to be used for sysprep, you will also need the image.wim file located on the Windows 10 installation disk you used to Install Windows on your image computer (located in the Sources folder).


Let’s get started...


Install Windows 10 on your image computer. Here are initial settings I use.
 

Initial OS Load

 

During Install (leave defaults unless stated


  • Choose the Custom (advanced) option: Setup partition/s as needed. Format your partition/s.
  • Let’s get connected:  Skip and click Next
  • Get going fast:  Customize settings
 

Customize Settings


  • Personalization: All off
  • Location: All off
  • Browser and protection: All off
  • Connectivity and error reporting: All off
    • Choose how you’ll connect:   Join a domain
    • Who is going to use this PC?:  Operator (no password)


Immediately After Install  


  • Logon using the Operator account you created above.
  • Activate Windows then disconnect the computer from the Internet.
    This will ensure that the built-in apps do not update otherwise your sysprep will fail.
  • Uninstall built-in apps using PowerShell. Run PowerShell as Administrator. Paste the following commands onto the PowerShell command line and hit Enter.
Get-AppxPackage *3dbuilder* | Remove-AppxPackage
                      Get-AppxPackage *windowsalarms* | Remove-AppxPackage
                      Get-AppxPackage *Appconnector* | Remove-AppxPackage
                      Get-AppxPackage *windowscalculator* | Remove-AppxPackage
                      Get-AppxPackage *windowscommunicationsapps* | Remove-AppxPackage
                      Get-AppxPackage *windowscamera* | Remove-AppxPackage
                      Get-AppxPackage *CandyCrushSaga* | Remove-AppxPackage
                      Get-AppxPackage *officehub* | Remove-AppxPackage
                      Get-AppxPackage *skypeapp* | Remove-AppxPackage
                      Get-AppxPackage *getstarted* | Remove-AppxPackage
                      Get-AppxPackage *zunemusic* | Remove-AppxPackage
                      Get-AppxPackage *windowsmaps* | Remove-AppxPackage
                      Get-AppxPackage *Messaging* | Remove-AppxPackage
                      Get-AppxPackage *solitairecollection* | Remove-AppxPackage
                      Get-AppxPackage *ConnectivityStore* | Remove-AppxPackage
                      Get-AppxPackage *bingfinance* | Remove-AppxPackage
                      Get-AppxPackage *zunevideo* | Remove-AppxPackage
                      Get-AppxPackage *bingnews* | Remove-AppxPackage
                      Get-AppxPackage *onenote* | Remove-AppxPackage
                      Get-AppxPackage *people* | Remove-AppxPackage
                      Get-AppxPackage *CommsPhone* | Remove-AppxPackage
                      Get-AppxPackage *windowsphone* | Remove-AppxPackage
                      Get-AppxPackage *photos* | Remove-AppxPackage
                      Get-AppxPackage *WindowsScan* | Remove-AppxPackage
                      Get-AppxPackage *bingsports* | Remove-AppxPackage
                      Get-AppxPackage *windowsstore* | Remove-AppxPackage
                      Get-AppxPackage *Office.Sway* | Remove-AppxPackage
                      Get-AppxPackage *Twitter* | Remove-AppxPackage
                      Get-AppxPackage *soundrecorder* | Remove-AppxPackage
                      Get-AppxPackage *bingweather* | Remove-AppxPackage
                      Get-AppxPackage *xboxapp* | Remove-AppxPackage
                      Get-AppxPackage *XboxOneSmartGlass* | Remove-AppxPackage

Open in new window


  • Confirm that all the apps have been uninstalled. The shortcuts should no longer appear on the All Apps start menu.
  • The following four apps should still be present as they cannot be removed. 
    • Cortana
    • Contact Support
    • Microsoft Edge
    • Windows Feedback
  • NOTE: In Windows 8.1 the Store app could not be uninstalled. This has changed in Windows 10. if you would like to make this available to all users then you should not permanently uninstall preinstalled apps. Useful apps that you may want users to have access to are: Store, Calculator and Voice Recorder
  • Following the uninstall instructions above will allow the apps to be reinstalled on first log on for all new users. To remove certain apps you will need to script this at logon or just after the user logs in.
  • Enable the local Administrator account. Set a password for the account. Password never expires (optional).
  • Update the local Operator account.  Set a password for the account. Password never expires (optional).

Now, install all necessary programs, run windows updates, configure the start screen, create local user accounts and configure the profile and OS the way you would like it to be. Find below some tips and tricks to add to your image. When completed, the computer should almost be ready to be sysprepped.
 

Additions – Image Tips and Tricks

 

Create SetupComplete.cmd File

On your image computer browse to the C:\Windows\setup directory.  Within the Setup folder create a new folder named Scripts. Within the Scripts folder create a file named SetupComplete.cmd. Commands placed in this file will run just before you are presented with the Windows logon screen. We’ll add some commands to this file shortly.
 

Run First Log On Commands

You can do this a few ways, including through your unattend.xml file. I choose to create a script and call it when users log in for the very first time. Launch.exe will call Cleanup.exe, which contains the commands to run.

Here is the code for the Launch.vbs script:
Set WshShell = WScript.CreateObject("Wscript.Shell")
                      Set objFSO = CreateObject("Scripting.FileSystemObject")
                      
                      strAppData = WshShell.ExpandEnvironmentStrings("%APPDATA%")
                      
                      '-----------------------------------------------------------------------
                      
                      ' Run computer cleanup script
                      
                      Set objShell = CreateObject("WScript.Shell")
                      strCleanup = strAppData & "\Scripts\Cleanup.exe"
                      objShell.run "cmd /c " & strCleanup,0,False
                      
                      '-----------------------------------------------------------------------
                      
                      WScript.Quit

Open in new window

Convert Launch.vbs to an executable (Launch.exe) and place it in Operator’s Startup folder. This file will get deleted on completion of Cleanup.exe. You should add this file just before you're ready to run sysprep as you may need to reboot your computer at different stages.

Note: To create and compile my scripts I use VbsEdit. It’s costs $59 but you can install it on multiple machines and it comes with a lifetime license.

Now let's create the Cleanup.exe script. Here is the code for the Cleanup.vbs:
Set WshShell = WScript.CreateObject("Wscript.Shell")
                      Set objFSO = CreateObject("Scripting.FileSystemObject")
                      Set objShell = CreateObject("WScript.Shell")
                      
                      strAppData = WshShell.ExpandEnvironmentStrings("%APPDATA%")
                      strLocalAppData = WshShell.ExpandEnvironmentStrings("%LOCALAPPDATA%")
                      strUserProfile = WshShell.ExpandEnvironmentStrings("%USERPROFILE%")
                      strAllUsers = WshShell.ExpandEnvironmentStrings("%ALLUSERSPROFILE%")
                      
                      '-----------------------------------------------------------------------
                      
                      
                      
                      ' ADD COMMANDS HERE
                      
                      
                      
                      '-----------------------------------------------------------------------
                      
                      ' Delete Launch.exe
                      
                      strAppData = WshShell.ExpandEnvironmentStrings("%APPDATA%")
                      strLaunch = strAppData & "\Microsoft\Windows\Start Menu\Programs\Startup\Launch.exe"
                      
                      If objFSO.FileExists(strLaunch) Then
                        objFSO.DeleteFile strLaunch, True
                      End If
                      
                      '-----------------------------------------------------------------------
                      
                      WScript.Quit

Open in new window

You can add any commands you like in this script. Here you can re-install OneDrive, which we will go over later in the guide. At the end of the script Launch.exe will get deleted so that it does not run again for the currently logged in user. Copy Cleanup.exe to %AppData%\Scripts. You will need to create the Scripts folder as it does not exist. 

Cleanup.exe and Launch.exe will become part of the Default profile. It will only run when a new user logs in for the very first time.
 

Adjust Display Settings

You may notice that some programs when opened do not display as sharp as others. In my case, as an example,  Adobe Acrobat. The program seems fuzzy or blurry when opened. If this is the case for you then check the following setting:

  • All Apps - Settings - Display
  • Change the size of text, apps and other items: Set the slider to 100%. I find in some cases the default is 125%.
 

Boot To Desktop

Boot right to the desktop. Navigate to: All Apps – Settings – System – Tablet Mode
When I sign in: Go to the desktop
 
Here you’re also able to set how your device handles switching from desktop to tablet mode.
 

WinSAT prepop (Windows System Assessment Tests Scores)

You may lose the aero theme after sysprep. Run the following command at an elevated command prompt:

WinSAT prepop

Open in new window

 This will generate the WinSAT prepop .xml results files to the Datastore directory, located at:
%WINDIR%\performance\winsat\datastore.
This enables you to keep the configured aero theme after running sysprep (otherwise it will be reset back to basic). Additional information about WinSAT can be found here.
 
Restart the computer then log back in as Operator. Make sure the theme is still set to your default theme. If needed, set it back to your default theme.
 

PowerCFG Command (GUID for Default power plan)

Specify the default power plan in your unattend.xml file. Run the following at an elevated command prompt:

Powercfg –list

Open in new window

Look for your default power plan. Write down the guid for the plan. We will add this to your unattend.xml file later.
 

Slipstream Drivers

To slipstream drivers into your Windows image you can use the command line utility “pnputil.exe”.
If you need a certain driver installed in the image, like an adapter, scanner or printer driver, and do not want your users to be prompted for the driver, then add it to the DriverStore in your Windows image. The command to add a driver using this utility is (HP001.inf is an example driver):
pnputil.exe -a HP0001.inf

Open in new window

The command needs to be run at an elevated command prompt. More information about this command can be found here.
 

Disable Windows Features or Noticifactions
 

 Using notepad, create the following registry files to disable features or notifications. Copy and paste the following code then save the file with a .reg extension. For example DisableBackupMonitoring.reg. Run the registry file/s to import the changes to the registry.

Disable Backup Monitoring:
Windows Registry Editor Version 5.00
                      
                      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsBackup]
                      "DisableMonitoring"=dword:00000001

Open in new window

Disable Password Reveal:

Windows Registry Editor Version 5.00
                      
                      [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main]
                      "DisablePasswordReveal"=dword:00000001

Open in new window

Disable IE Suggested Sites:

Windows Registry Editor Version 5.00
                      
                      [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Suggested Sites]
                      "Enabled"=dword:00000000

Open in new window

Note: You can also apply the registry files via group policy.
 

OneDrive Setup

When you use the CopyProfile switch in your unattend file, the OneDrive shortcut in the All Apps menu continues to point to the Operator account instead of the currently logged in user. To resolve this issue OneDrive needs to be re-installed on first log on for each user. Do the following when logged in as Operator:
 
Manually copy the OneDrive Update folder from within the Operator profile to the ProgramData folder:
%LOCALAPPDATA%\Microsoft\ OneDrive\Update  to   %PROGRAMDATA%\Microsoft\OneDrive\Update

Run the following commands at an elevated command prompt to clean up the old OneDrive folders:
move "%LOCALAPPDATA%\Microsoft\OneDrive" "%LOCALAPPDATA%\Microsoft\OneDrive.old"
                      del "%APPDATA%\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk" /q/s
                      rd "%LOCALAPPDATA%\Microsoft\OneDrive.old" /q/s
                      rd "%USERPROFILE%\OneDrive" /q/s

Open in new window

To clean up the old OneDrive registry entries, create a registry file named OneDriveCleanup.reg using notepad and paste the following code. Run the registry file.

Windows Registry Editor Version 5.00
                      
                      [-HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive]

Open in new window

Now you can add the following code to the Cleanup.exe file you created above to re-install OneDrive when the user logs in for the very first time.

' Run OneDrive Setup
                      
                      strOneDrive = strAllUsers & "\Microsoft\OneDrive\Update\OneDriveSetup.exe /silent"
                      objShell.run "cmd /c " & strOneDrive,0,True

Open in new window

All folders will be recreated, including the All Apps shortcut.
 

Create Unattend.xml File


When the computer is ready you'll need to create a unattend.xml answer file using Windows System Image Manager (Windows SIM). You should already have Windows SIM installed on another computer. If not, the download link is listed above.
 
  1. Insert the media you used to install Windows 10 on your image computer into your CD-DVD drive.
  2. Start Windows SIM. From the menu select “Tools – Create Catalog”. You’ll be prompted for the “install.wim” file located on your media. Browse to the install.wim file in the sources directory on your disk. When the catalog is complete you’ll be ready to configure your answer file.
  3. I've attached a sample unattend.xml file for reference. Open the file with Windows SIM and take a look at some of the settings I’ve configured.

In my unattend.xml file you’ll see:
<ComputerName>*</ComputerName>

Open in new window

This will allow sysprep to provide a random name for the computer after sysprep.

<CopyProfile>true</CopyProfile>

Open in new window

This tells sysprep to copy the configured profile you’ve created to the default profile.

<SkipRearm>0</SkipRearm>

Open in new window

Set SkipRearm to 1 while customizing your computer.
Before running the Sysprep command the final time before deploying an image, rearm the computer by setting the SkipRearm setting to 0. This resets the Activation grace-period timer.
<PreferredPlan>your.guid</PreferredPlan>

Open in new window

This specifies the default power plan for your image. Update the unattend.xml file with the guid of the power plan you retrieved earlier. 

<DisableAntiSpyware>true</DisableAntiSpyware>

Open in new window

Setting this to True will disable Windows Defender. Set this to False if you are not deploying your own antivirus program.

<MachineObjectOU>OU=Re-Imaged,OU=Computers,DC=your,DC=domain,DC=com</MachineObjectOU>

Open in new window

You must specify an OU to add the computers to otherwise they will not be added to the domain.

<DoNotCleanUpNonPresentDevices>true</DoNotCleanUpNonPresentDevices>
                      <PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>

Open in new window

When set to True, this tells sysprep not to remove installed hardware from the image during sysprep. This should be the case when distributing the image to the same model computer. If you would like to create a clean sysprep image, meaning you are able to install the image on any computer, no matter the hardware, the above should be set to False.  

The other thing regarding the unattend.xml, you need to create a local user during the sysprep process.  When you install Windows 10 (using the disk) you’re prompted to create a local user. This process still occurs when using an attend.xml file and sysprep. In the answer file I create a local user named TempUser. TempUser gets deleted when the laptop first boots up to Windows logon screen. The sole purpose of TempUser is to hide the prompt to create a local user after sysprep runs.

Customize the answer file to meet your image needs. After you’ve completed the unattend.xml file, copy the file to C:\Windows\System32\Sysprep.
 

Customize SetupComplete.cmd


On your image laptop, browse to the C:\Windows\setup\Scripts directory your created earlier.  Open SetupComplete.cmd for editing. As I said earlier, commands placed in this file will run just before you are presented with the Windows logon screen.

To delete the previously created TempUser account, add the following command to SetupComplete.cmd:
net user TempUser /delete

Open in new window

To enable the local Administrator account, add the following command to SetupComplete.cmd:  

net user Administrator /active:yes

Open in new window

Even though you may have enabled the administrator account on the imaged laptop before running sysprep, it will be disabled again.

Delete the Domain Users group from the local Administrators and Users groups using the above commands.
net localgroup Administrators "Domain\Domain Users" /delete
                      net localgroup Users "Domain\Domain Users" /delete

Open in new window

To delete the unattend.xml file, add the following command to SetupComplete.cmd:

del C:\Windows\System32\Sysprep\unattend.xml

Open in new window

Even though the passwords you enter in the xml file are encrypted, you’ll feel better knowing the file is not there. I've attached a sample SetupComplete.cmd file for reference. You may add whatever commands you need to run here in this file. Save the file when finished.

Note: One change I’ve noticed from Windows 8.1 to Windows 10 is that you will not be able to add domain users/groups to local groups through SetupComplete.cmd. If you find otherwise Let me know.
 

Run Sysprep


You should now be ready to run sysprep on the computer.

Note: I highly recommend that you take an image of your image computer before you run sysprep. Things DO go wrong and being able to get back to a pre-sysprep state will save you a lot of time and heart-ache.

From within the configured profile you’ve created, open a command prompt. Navigate to C:\Windows\System32\Sysprep. Type the following command to start the sysprep process:
sysprep.exe /generalize /oobe /shutdown /unattend:unattend.xml

Open in new window

The computer will shut down after sysprep has finished.
 

Take An Image


Now it’s time to take an image of the hard drive.  Everyone has their own way of doing this. I use Symantec Ghost as it takes an image of the whole drive.  I’ve tested ImageX and found it to have it drawbacks. The main reason I choose not to use it is because we use two partitions in our image. The C: partition for the OS and the D: partition for the users’ data. You cannot take a disk image with ImageX. You have to do each partition individually. The same goes for when applying the image. I ghost the hard drive and have our completed image.

I've attached a zip containing the files discussed in this guide.

I hope this guide is helpful and puts you in the right direction for a successful sysprep image. You're welcome to post messages for your own tricks or tips that you think will be beneficial to the Windows 10 sysprep community!

Good luck!

Ivano

GuideFiles.zip
10
120,090 Views

Comments (17)

Hi,

My local administrator won't reactivate after SYsprep :(. Got the script at the right place. any ideas ?
Btw im usin a French OS. so instead "Administrator" i put "Administrateur" is it right ?
I set the user account in oobe System.
Any help ? :(

Thx
Ivano ViolaSystem Administrator

Author

Commented:
Hi Mathieu,

The SetupComplete.cmd should be located here:
C:\Windows\Setup\Scripts

The command that enables the Administrator account in this file should look like:
:: Enable local administrator user account
net user Administrator /active:yes

In regards to the spelling of Administrator. Take a look in "Local Users and Groups - Users".  Administrator should be listed as a local user. Spell it the way you see it there.

Make sure all the commands above this line are valid. If there is a command that is not valid, it can stop other commands from processing.

Is there a group policy that may disable the Administrator account after the computer is added to the domain?

Ivano
Your article is better than most I've read.

I'm new to Sysprep and have a simple embarrassing question.

From a new computer, I booted into Audit mode and got the setup I'm happy with after many many hours of learning.  Since this is my first attempt, I want to capture an image of the setup I've spent so much time on PRIOR to running Sysprep and while in Audit mode in case - as you say - something goes wrong.

How do I make a "backup" image of the configuration prior to running Sysprep?  I tried creating and Image from the Backup options of Control Panel but it says I'm not allowed while in Audit mode.  But if I exit Audit mode, won't I loose everything?

I'm having a hard time understanding what happens to the configuration once you exit Audit mode.

Thank you for answering an embarrassing question.

Allan

Commented:
Boot from external media (Windows to Go or eventually Windows 10 setup disk) and use dism to create a wim file from your Windows system volume.
If you later want to restore your Windows, rename that wim file install.wim and put it in the sources folder on a normal Windows 10 setup USB stick created with Media Creation Tool.

Commented:
You can run a Sysprep and Capture, and edit the Task Sequence Disable the Execute Sysprep step.

View More

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.