Turn a Windows 10 fully patched VM into a Setup disk?

This can be done with Microsoft Deployment Toolkit

1. Deploy Windows 10
2. Patch at first Deployment
3. Capture the WIM file
4. Then deploy to ANY Workstation
5. You just need to add drivers for workstations
6. You could also add software for common use eg Office apps

You'll find that most people need to standardize and automate deployments will be using MDT or SCCM to do the job.  They'll automate their gold/reference image creation process so that they aren't doing that manually, and one of the automated steps is installing patches.  They will then capture that image (MDT can do that) and deploy it.  If you go this route, I strongly recommend using a VM to for the reference image capture process. Then you can run it as often as needed.

With that said, if the only reason you are doing this is for updates, I'd say not to worry too much.  Reimaging *requires* active volume license, and if you have VL, you have access to media with the most current major release (which Microsoft calls "feature" updates.)   While there are cumulative quality updates that are not part of that media, if you are using a supported feature update (1607 or later) then windows uses "delivery optimization" by default.  Which means it looks for another machine on the LOCAL network to pull the cumulative update files from.  It won't be hitting a slow internet link, and it would only take hours if the system is very slow....in which case installing a custom image would take just as long.

Managing a master/gold image in that scenario actually introduces more churn and management overhead than just letting windows update do its thing.  In my opinion.  There are always edge cases, but knowing how modern updating works can save you a ton of hassle in many cases.

or, if you don't want MDT/SCCM, then you could "slip stream", plenty of tools around, e.g.

https://www.ntlite.com/download/

how do I obtain the WIM file after it is all patched?

the workstations are all one model. Those dell thin clients. would I still need to install drivers afterward?

I want to install as many machines as I can fit on a switch in my office at the same time, given I know I'll have to direct the boot the PXE (right?) I just want this job done with. I am not someone who wants to install 1 OS at a time.

how do I obtain the WIM file after it is all patched?

Capture it with MDT!

You include the drivers with your build, you don't install drivers afterwards!

Yes, we build labs 400-700 PCs at a time!

You can certainly build more than a single PC!

It's all done with PXE, Boot from LAN

Okay, so the image is made and running in a VM (Hyper-V). Where do I direct MDT to so it can get the WIM? This is where I am confused.

When I try to import a new OS using MDT, it wants me to direct it to where the WIM is... that, I have no idea. If it's on the ISO.... how do I make my patched custom VM into and ISO?

You'll want to really carefully follow the MDT step-by-step the first time you do this.  It walks you through the process of creating the task sequence that creates your reference image, including the steps to automatically run the capture, which creates the WIM, and uploads the WIM to MDT for deployment.  If you go through the documentation step by step, you'll learn how it all fits together and then tweak the task sequences to meet your needs.  The WIM file you seek is literally created on the fly during the capture process...but learning how that works is important to proper customizations later.

it doesn't give me the option to install software or updates through MDT

Okay, so the image is made and running in a VM (Hyper-V). Where do I direct MDT to so it can get the WIM? This is where I am confused.

You deploy a Windows 10 OS to a PC, e.g. a VM in Hyper-V will do for this task, part of the Task Sequence includes Patch and Update

then you run another task sequence and capture the WIM, back to your Deployment MDT Share.

Import this Captured WIM into MDT (instead of the ISO this time!)

Create a new Task Sequence, and Deploy and your done!

When I try to import a new OS using MDT, it wants me to direct it to where the WIM is... that, I have no idea. If it's on the ISO.... how do I make my patched custom VM into and ISO?

Just Import the CDROM for the first time.

it doesn't give me the option to install software or updates through MDT

It's part of the Task Sequence, I think you've got a lot of reading ahead.

First things first, just Deploy a Windows 10 Reference Image.

and then you've got two options.

1. Patch as part of the Reference Image (e.g. Task Sequence) - Capture WIM

or

1. Deploy a Reference Image to PC - Run Windows Update (on PC) - Capture WIM

okay, so how do I set the task sequence to install updates?

You run the Windows Update Task, which is ZTIWindowsUpdate.wsf on your reference build, and then capture after updates...

what about adding to domain? and not having it lock up when I sign into a network account? I'm using acronis, and it saves the desktop name throughout the clone and I can only log into one.... slowing me down

I also need IE to come up to a certain website upon login...

I also need IE to come up to a certain website upon login...

Group Policy is ideal for that. or you could hard code registry.

what about adding to domain? and not having it lock up when I sign into a network account? I'm using acronis, and it saves the desktop name throughout the clone and I can only log into one.... slowing me down

there is an option, in MDT to select Join to Domain on Build

Where? I cannot find it