<

Windows 7 Sysprep

Published on
150,666 Points
113,566 Views
51 Endorsements
Last Modified:
Awarded
Community Pick
I've spent numerous hours getting the sysprep right for Windows 7 images for my organization. I'll share what I've learned to make the process easier.

Files you will need:

WAIK for Windows (Windows Automated Installation Kit) installed on a computer not being used for imaging.
http://www.microsoft.com/downloads/details.aspx?FamilyID=c7d4bc6d-15f3-4284-9123-679830d629f2
To create an unattend.xml file to be used for sysprep, you will also need the image.wim file located on the Windows 7 installation disk.
After installing Windows 7 on a computer, log in using a domain account which has local administrator privileges (added to the Administrators group). The domain account should not have any scripts or polices associated with it. I use a domain account (named imageprep) as I install software located on a DFS share. This way if any programs need to be repaired they will find the setup files. You can use a local account if you wish. I install all necessary programs, run windows updates, configure the start menu, create local user accounts and configure the profile and OS the way I want it to be. This profile will later become the default profile on the computer in the image.

When the laptop is ready you'll need to create an unattend.xml answer file using Windows System Image Manager (Windows SIM). On a different computer install WAIK. When the install has finished run Windows SIM from the start menu.
1. Insert the media you used to install Windows 7 on your image computer into your CD-DVD drive.
2. Start Windows SIM. From the menu select “Tools – Create Catalog”. You’ll be prompted for the “install.wim” file located on your media. Browse to the install.wim file in the sources directory on your Windows 7 media. When the catalog is complete you’ll be ready to configure your answer file.
3. I've attached a sample unattend.xml file for reference. Open the file and take a look at some of the settings I’ve configured.

I need sysprep to prompt me for a computer name before adding the computer to the domain. In my organization we have a specific naming system for our laptops. The problem I found using the unattend.xml answer file and Windows sysprep was that if you do not specify a computer name in the file, it will add the computer to the domain using a random name. It’s written that if you remove <ComputerName></ComputerName> section from the answer file, you will be prompted for a name when the answer file is processed. By then it's too late. The computer will have already been added to the domain under a random name and naming the laptop after this just causes problems (trust relationship errors). My work around for this was to not use the Windows sysprep.exe file, instead an altered version named mysysprep.exe. Mysysprep2 allows you to name the computer and add it to the domain after unattend.xml has been processed. Mysysprep should be placed in C:\Windows\System32\Sysprep alongside sysprep.exe (do not remove it or rename sysprep.exe).

In my unattend.xml file you’ll see:
<ComputerName>%Please input a computer name(0,15)%</ComputerName>
<JoinDomain>%Please select a domain to join{your.domain.com}%</JoinDomain>

Open in new window

These are specific entries when using mysysprep2. They will show up as errors in SIM but ignore the errors. The (0,15) in the <ComputerName> field will automatically truncate the computer name if longer than 15 characters.

Also you will see:
<CopyProfile>true</CopyProfile>

Open in new window

This tells sysprep to copy the configured profile you’ve created to the default profile.

You must specify an OU to add the computers to otherwise they will not be added to the domain.
<MachineObjectOU>OU=Test,DC=Your,DC=Domain,DC=Here</MachineObjectOU>

Open in new window

The other thing regarding the unattend.xml, you need to create a local user during the sysprep process.  When you install Windows 7 (using the disks) you’re prompted to create a local user. This process still occurs when using an attend.xml file and sysprep. In the answer file I create a local user named TempUser. TempUser gets deleted when the laptop first boots up to Windows logon screen.  The sole purpose of TempUser is to hide the prompt to create a local user after sysprep runs.

There is one trick that is not documented very well, but works great.  On the laptop you’re imaging browse to the C:\Windows\Steup directory.  In there, create a new directory named Scripts.  Inside of scripts, create a file named SetupComplete.cmd.  Commands that you place in this file will run just before you are presented with the Windows logon screen. This is where TempUser will get deleted.

To delete the previously created TempUser account, add the following command to SetupComplete.cmd:  
net user TempUser /delete

Open in new window

To enable the local Administrator account, add the following command to SetupComplete.cmd:  
net user Administrator /active:yes

Open in new window

Even though you may have enabled the administrator account on the imaged laptop before running sysprep, it will be disabled again.

To delete the unattend.xml file, add the following command to SetupComplete.cmd:
del C:\Windows\System32\Sysprep\unattend.xml

Open in new window

Even though the passwords you enter in the xml file are encrypted, you’ll feel better knowing the file is not there.

You should customize the answer file to meet your needs. After you.ve completed the unattend.xml file, copy the file to C:\Windows\System32\Sysprep. You should be ready to run sysprep on the computer.

From within the configured profile you’ve created, open a command prompt. Navigate to C:\Windows\System32\Sysprep. Type the following command to start the sysprep process:
mysysprep.exe \generalize \oobe \shutdown \unattend:unattend.xml

Open in new window

The computer will shut down after sysprep has finished.

Now it’s time to take an image of the hard drive.  Everyone has their own way of doing this.  I use Ghost as it takes an image of the whole drive.  I’ve tested ImageX and found it to have it drawbacks.
The main reason I choose not to use it is because we use two partitions in our image. The C: partition for the OS and the D: partition for the users’ data. You cannot take a disk image with ImageX. You have to do each partition individually. The same goes for when applying the image. We ghost the hard drive and have our completed image.

When you apply the image to a computer then restart, you should be prompted for a computer name then the domain name. The domain name should automatically appear as we specified it in:
<JoinDomain>%Please select a domain to join{your.domain.com}%</JoinDomain>

Open in new window

If you have multiple domains you can also add it so the string to produce a dropdown menu.
<JoinDomain>%Please select a domain to join{domain1;domain2;domain3}%</JoinDomain>

Open in new window

The computer will then complete the setup process and eventually boot up to the Windows logon screen.  If all went well you should be able to log in using your domain account.


Problems, Fixes and Tips
Updated: 05/11/2011 - I will add to this list as I come across them.

- Add the following pass to your unattend.xml file to ensure all hardware remains installed after running sysprep.
<PersistAllDeviceInstalls>true</PersistAllDeviceInstalls>
When set to True = This specifies that Plug and Play devices remain installed on the destination computer during the generalize configuration pass. The devices then do not need to be reinstalled during the specialize configuration pass.
This should be added to the generalize pass: x86_Microsoft-Windows-PnpSysprep

- Configure a custom power plan in your image and specify the plan in your unattend.xml file.
Configure and name a custom power plan in Control Panel – Power Options. When your power plan is set up you need to retrieve the GUID of the configured plan. To find the GUID, type the following command at a command prompt: PowerCfg -List (look for the plan name you just created). Add the GUID to your unattend.xml file so that it becomes the default active power plan. This should be added to the specialize pass: x86_Microsoft-Windows-powercpl__neutral

- Slipstream drivers into the DriverStore in your image.
To slipstream drivers into your Windows image you can use the command line utility “pnputil.exe”.
If you need a certain driver installed in the image, like a scanner or printer, and do not want your users to be prompted for the driver then add it to the DriverStore in your Windows image. The command to add a driver using this utility is: pnputil.exe -a HP0001.inf
All the information regarding this command can be found here:
http://technet.microsoft.com/en-us/library/dd919234%28WS.10%29.aspx

- To disable the Action Center “Set backup” notification, create a registry file named DisableBackupMonitoring.reg using notepad and paste the following code. Run the registry file under the configured profile. You can also apply the registry file via group policy.
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsBackup]
"DisableMonitoring"=dword:00000001

Open in new window

- Here’s a script that un-pins the default shortcuts on the taskbar when a user first logs in and adds your own custom shortcuts. The script is from: http://social.technet.microsoft.com/forums/en-us/w7itproinstall/thread/07C56C20-3F56-4191-84C6-FC033F7A8F29
I copy the script to C:\Windows\System32\Sysprep\Custom and call it via a batch file I place in the configured profile’s startup folder (which will be the default profile). After it runs the batch file is deleted from the startup folder. This only runs the first time the user logs in.
Option Explicit

Const CSIDL_STARTMENU = &HB
Const CSIDL_COMMON_PROGRAMS = &H17

Dim objShell, objFSO
Dim objCurrentUserStartFolder
Dim strCurrentUserStartFolderPath
Dim objAllUsersProgramsFolder
Dim strAllUsersProgramsPath
Dim objFolder
Dim objFolderItem
Dim colVerbs
Dim objVerb

Set objShell = CreateObject("Shell.Application")
Set objFSO = CreateObject("Scripting.FileSystemObject")

Set objCurrentUserStartFolder = objShell.NameSpace (CSIDL_STARTMENU)
strCurrentUserStartFolderPath = objCurrentUserStartFolder.Self.Path

Set objAllUsersProgramsFolder = objShell.NameSpace(CSIDL_COMMON_PROGRAMS)
strAllUsersProgramsPath = objAllUsersProgramsFolder.Self.Path

'''''''''''''''''''''''''''''''''''''''Unpin Shortcuts'''''''''''''''''''''''''''''''''''''''

'*** All Users Shortcuts ****

'Internet Explorer
If objFSO.FileExists(strAllUsersProgramsPath & "\Network & Internet\Microsoft\Internet Explorer.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Network & Internet\Microsoft")
	Set objFolderItem = objFolder.ParseName("Internet Explorer.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
	Next
End If

'Mozilla Firefox
If objFSO.FileExists(strAllUsersProgramsPath & "\Network & Internet\Mozilla Firefox\Mozilla Firefox.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Network & Internet\Mozilla Firefox")
	Set objFolderItem = objFolder.ParseName("Mozilla Firefox.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
	Next
End If

'Windows Explorer
If objFSO.FileExists(strAllUsersProgramsPath & "\Accessories\Windows Explorer.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Accessories")
	Set objFolderItem = objFolder.ParseName("Windows Explorer.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
	Next
End If

'Windows Media Player
If objFSO.FileExists(strAllUsersProgramsPath & "\Network & Internet\Microsoft\Windows Media Player.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Network & Internet\Microsoft")
	Set objFolderItem = objFolder.ParseName("Windows Media Player.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
	Next
End If

'*** Current Users Shortcuts ****

'Internet Explorer
If objFSO.FileExists(strCurrentUserStartFolderPath & "\Programs\Internet Explorer.lnk") Then
	Set objFolder = objShell.Namespace(strCurrentUserStartFolderPath & "\Programs")
	Set objFolderItem = objFolder.ParseName("Internet Explorer.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
	Next
End If

'Mozilla Firefox
If objFSO.FileExists(strCurrentUserStartFolderPath & "\Programs\Mozilla Firefox\Mozilla Firefox.lnk") Then
	Set objFolder = objShell.Namespace(strCurrentUserStartFolderPath & "\Programs\Mozilla Firefox")
	Set objFolderItem = objFolder.ParseName("Mozilla Firefox.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
	Next
End If

'Windows Explorer
If objFSO.FileExists(strCurrentUserStartFolderPath & "\Programs\Accessories\Windows Explorer.lnk") Then
	Set objFolder = objShell.Namespace(strCurrentUserStartFolderPath & "\Programs\Accessories")
	Set objFolderItem = objFolder.ParseName("Windows Explorer.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
	Next
End If

'Windows Media Player
If objFSO.FileExists(strCurrentUserStartFolderPath & "\Programs\Windows Media Player.lnk") Then
	Set objFolder = objShell.Namespace(strCurrentUserStartFolderPath & "\Programs")
	Set objFolderItem = objFolder.ParseName("Windows Media Player.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Unpin from Taskbar" Then objVerb.DoIt
	Next
End If

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

''''''''''''''''''''''''''''''''''''''''Pin Shortcuts''''''''''''''''''''''''''''''''''''''''

'Internet Explorer - All Users
If objFSO.FileExists(strAllUsersProgramsPath & "\Network & Internet\Microsoft\Internet Explorer.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Network & Internet\Microsoft")
	Set objFolderItem = objFolder.ParseName("Internet Explorer.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If

'Mozilla Firefox - All Users
If objFSO.FileExists(strAllUsersProgramsPath & "\Network & Internet\Mozilla Firefox\Mozilla Firefox.lnk") Then
	Set objFolder = objShell.Namespace(strAllUsersProgramsPath & "\Network & Internet\Mozilla Firefox")
	Set objFolderItem = objFolder.ParseName("Mozilla Firefox.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If

'Windows Explorer - Current User
If objFSO.FileExists(strCurrentUserStartFolderPath & "\Programs\Accessories\Windows Explorer.lnk") Then
	Set objFolder = objShell.Namespace(strCurrentUserStartFolderPath & "\Programs\Accessories")
	Set objFolderItem = objFolder.ParseName("Windows Explorer.lnk")
	Set colVerbs = objFolderItem.Verbs
	For Each objVerb In colVerbs
		If Replace(objVerb.name, "&", "") = "Pin to Taskbar" Then objVerb.DoIt
	Next
End If

'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''

Open in new window

- You set your "Network Location" in your unattend.xml file but still get prompted for it when first logging in.
Install the following hotfix into your image laptop: http://support.microsoft.com/kb/2028749

- Your IE homepage is reset after sysprep.
Add you IE settings to your unattend.xml file under the specialize pass:
x86_Microsoft-Windows-IE-InternetExplorer__neutral_31bf3856ad364e35_nonSxS

- You lose the Aero theme after sysprep
Run the following command at an elevated command prompt: WinSAT prepop
This will generate the WinSAT prepop .xml results files to the Datastore directory located at %WINDIR%\performance\winsat\datastore. This enables you to keep the configured aero theme after running sysprep (otherwise it will be reset back to basic).

unattend.xml

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <servicing></servicing>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>3</ProtectYourPC>
            </OOBE>
            <ShowWindowsLive>false</ShowWindowsLive>
            <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>
            <BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled>
            <TimeZone>Eastern Standard Time</TimeZone>
            <UserAccounts>
                <AdministratorPassword>
                    <Value>AdminPassword</Value>
                    <PlainText>false</PlainText>
                </AdministratorPassword>
                <LocalAccounts>
                    <LocalAccount wcm:action="add">
                        <Password>
                            <Value>TempUserPassword</Value>
                            <PlainText>false</PlainText>
                        </Password>
                        <Description>Temp Local Account</Description>
                        <DisplayName>TempUser</DisplayName>
                        <Group>Users</Group>
                        <Name>TempUser</Name>
                    </LocalAccount>
                </LocalAccounts>
            </UserAccounts>
            <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
        </component>
        <component name="Microsoft-Windows-International-Core" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>EN-US</InputLocale>
            <SystemLocale>EN-US</SystemLocale>
            <UILanguage>EN-US</UILanguage>
            <UserLocale>EN-US</UserLocale>
        </component>
    </settings>
    <settings pass="specialize">
        <component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipAutoActivation>true</SkipAutoActivation>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <CopyProfile>true</CopyProfile>
            <DisableAutoDaylightTimeSet>false</DisableAutoDaylightTimeSet>
            <TimeZone>Eastern Standard Time</TimeZone>
            <ShowWindowsLive>false</ShowWindowsLive>
            <RegisteredOrganization>Organization Name</RegisteredOrganization>
            <RegisteredOwner>Registered Owner</RegisteredOwner>
            <ProductKey>Your Product Key Here</ProductKey>
            <DoNotCleanTaskBar>true</DoNotCleanTaskBar>
            <BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled>
            <Display>
                <HorizontalResolution>1024</HorizontalResolution>
                <VerticalResolution>768</VerticalResolution>
                <RefreshRate>60</RefreshRate>
                <ColorDepth>32</ColorDepth>
            </Display>
            <ComputerName>%Please input a computer name(0,15)%</ComputerName>
        </component>
        <component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <Identification>
                <Credentials>
                    <Domain>your.domain.com</Domain>
                    <Password>Password</Password>
                    <Username>Username of account to add PC to domain</Username>
                </Credentials>
                <JoinDomain>%Please select a domain to join{your.domain.com}%</JoinDomain>
                <MachineObjectOU>OU=Test,DC=Your,DC=Domain,DC=Here</MachineObjectOU>
            </Identification>
        </component>
    </settings>
    <settings pass="generalize">
        <component name="Microsoft-Windows-Security-SPP" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <SkipRearm>1</SkipRearm>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="wim:c:/temp/install.wim#Windows 7 ULTIMATE" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

Open in new window

DisableBackupMonitoring.reg
ConfigTaskbar.vbs
unattend.xml
51
Author:Ivano Viola
Ask questions about what you read
If you have a question about something within an article, you can receive help directly from the article author. Experts Exchange article authors are available to answer questions and further the discussion.
Get 7 days free