Mark Minasi's Windows Networking Tech Page
When you deploy a sector-based image to a hard disk, you destroy whatever partitions sit on that disk. Re-imaging a system with Ghost means wiping out a C: drive. As WIMs are file- and folder-based, however, then deploying a WIM to a system means only overwriting whatever files are in the WIM, and no others. So, for example, if you had a Vista workstation whose hard disk contained a folder named "c:\olddocuments" that contained hundreds of Microsoft Word documents and you then re-applied a Vista image to that computer for some reason, then you'd have a fresh copy of the operating system that had overwritten your old one, but your c:\olddocuments folder would still be intact.
All of the WIM-related tools are free downloads from Microsoft. Ghost, DriveImage and the Acronis tools all cost money. Of course, WIMs aren't the only no-cost options: you could learn a little Linux and use its dd command, which is basically an imaging tool.
Enough theory; let's try this stuff out by making a working Vista box into a .WIM file. For this example, I'll have, as suggested before,
Start out by doing this:
imagex /capture c: f:\ntest.wim "Newsletter test" /compress none
While you're waiting the half-hour or so for ImageX to pack up your system into a WIM file, let's look at those options. First, there's the "/capture" option; that's the one that says to put a computer's operating system in cold storage. ImageX is supposedly able to do this not only with computers running the Vista OS, but also XP, 2003 and 2000, although honestly I've never had time to try those options.
The "c:" and "f:\ntest.wim" tell ImageX what drive the OS to image is on, and where to store the resulting WIM file, as well as what to name it. One of the neat side effects of working with an image technology that works on files and folders rather than sectors is that you could, if you wanted to, have typed
imagex /capture c: c:\ntest.wim "Newsletter test" /compress none
Notice the difference: in that case, we'd actually be telling ImageX to image the C: drive onto itself! The "Newsletter test" is required and is a descriptive blurb about the image. You can see that information by typing (once the imaging's done)
imagex /info f:/ntest.wim
That will cause ImageX to spit out a bunch of XML describing the image, one of the first parts of which will be
Finally, the /compress none says not to apply any compression algorithms to the WIM, something that I did mainly to speed up the whole process. You can also specify fast and maximum instead of none.
Congratulations, you've created your first WIM! But where to deploy it? Well, inasmuch as I don't have another test machine around, I'm just going to wipe my test machine's hard disk clean, which will enable it to look pretty much like an empty test machine.
You'll still have that WinPE command prompt window open — if not, then just re-boot the test machine from the WinPE CD-ROM — so you need only type
format c: /q /y
And press Enter, and in a minute or two your test machine's hard disk will be wiped clean. Or, just for the sake of completeness, let's do what we'd normally do with a new system that we were about to wipe and re-image. Again, we'd start from WinPE, but now let's re-partition and format. (Let me repeat that. We're about to wipe all of the data off of the hard disk of your test machine or, rather, make that data very, very hard to recover. If you've got some information on there that you can't part with, then please either back it up and then do this, or just wait until you've got a hard disk that you don't mind nuking.) With the WinPE command prompt up, type
diskpart select disk 0 clean create partition primary assign letter=c: active exit format c: /q /y
Diskpart is the Vista version of what used to be FDISK and appeared, if memory serves, back in Windows 2000. You must select a disk even if it's the only one that you have because, um, I guess Diskpart's not that smart. "Clean" wipes the master boot record, deleting any pointers to any existing partitions and making getting to any data that was on the hard disk very, very hard to do. "Create partition primary" and "assign letter=c:" should be self-explanatory. "Active" marks the new partition as the one to boot from, and "exit" exits Diskpart and returns us to the C:\> prompt. Once there, we can format the newly-partitioned drive C:.
Once that's done, we can then move our ntest.wim image onto our newly-cleaned C: drive with this command:
imagex /apply f:\ntest.wim 1 c:\
After about 10 minutes and some very interesting messages — my favorite is "SACL is going away" — the command prompt will return. You can then reboot the system and your machine now runs Vista once again.
We've seen, then, how to use imagex to create ("capture") and deploy ("apply") Windows images. ImageX works well, but clearly there's more to the story. We wouldn't be very successful deploying ntest.wim to more than one computer because we'd end up with a lot of computers all bearing the same SIDs. How to address that?
The answer is to add a step before imaging the computer, one familiar to anyone who's done sizeable rollouts before: Sysprep. As with earlier versions of Windows, Sysprep rips off the SIDs, machine name and similar attributes of an operating system, leaving one that has been (in Sysprep terms) "generalized." Once generalized, we can then ImageX the computer and deploy that generalized WIM to any number of machines. There are, however, a few wrinkles in making that work and unfortunately I'm out of space for this newsletter. In the next one, I'll discuss running Sysprep — which hasn't changed all that much from XP SP2's Sysprep — and how to automate the "mini-Setup" that Sysprepped machines require — which has changed quite a bit. See you then!
In late March and early April I'll be at TechMentor and Windows Connections doing my Longhorn keynote as well as a variety of breakout sessions. Both shows are in Orlando, on adjoining weeks — TechMentor's the last week in March, and Connections is the first week in April.
I'm keeping busy doing Vista seminars and writing, but I've still got time to visit your firm. In just two days, I'll make your current NT techies into Vista, security, XP, Active Directory or 2003 experts. (And better yet they won't have to sit through any Redmondian propaganda.) To join the large educational, pharmaceutical, agricultural, aerospace, utility, banking, government, telecommunication, law enforcement, publishing, transportation, military and other organizations that I've assisted, either take a peek at the course outlines at www.minasi.com/presentations.htm, mail our assistant Jean Snead at Assistant@Minasi.com, or call her at (757) 426-1431 (only between noon-5 Eastern time, weekdays, please).
Have a quiet and safe month.
Please share this newsletter; I hope that it is a useful source of NT/2000/2003/XP/Vista information. Please forward it to any associates who might find it helpful, and accept my thanks. We are now at over 40,000 subscribers and I hope to use this to get information to every single Mastering 2003, XP, NT and 2000 Server reader. Many, many thanks to the readers who have mailed me to offer suggestions, errata, and those kind reviews. As always, I'm at http://www.minasi.com/gethelp and please join us at the Forum with technical questions at www.minasi.com/forum. Thanks for letting me visit with you, and take care.
To subscribe, visit http://www.minasi.com/nwsreg.htm. To change e-mail or other info, link to http://www.minasi.com/edit-newsletter-record.htm. To unsubscribe, link to http://www.minasi.com/unsubs.htm. Visit the Archives at http://www.minasi.com/archive.htm. Please do not reply to this mail; for comments, please link to http://www.minasi.com/gethelp.
All contents copyright 2007 Mark Minasi. You are encouraged to quote this material, SO LONG as you include this entire document; thanks.