Page Comparison

...

To create an answer file, it is necessary to start from a Windows image. We can simply take the file \sources\install.wim that comes in a Windows installation ISO. When you open opening the image, WSIM create a catalog file first, if it does not exist. To do this, the image must have permission to read and write permission, so we have to copy the content of the ISO to the hard drive and will remove the read-only flag. Once you open the image and created create the catalog, we will create the an initially empty answer file. Then you just have to go dragging drag the components of the image to the corresponding section in the answer file, and configure them. See reference Unattended Windows Setup Reference to understand what the usage of each component. Examples

  Some examples for the most common situations occur.:

Image Removed 

Basic configuration

To set the language, the name of the machine and local users, add the following components:

• Microsoft-Windows-International-Core to the oobeSystem section. The "InputLocale", "SystemLocale", "UserLocale" and "UILanguage" properties must be set to "en-US"
• If you do not want to have any local user, Microsoft-Windows-Deployment to specialize section, adding a RunSynchronousCommand with the following properties:
  • Path = reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Setup\OOBE /v UnattendCreatedUser /t REG_DWORD /d 1 /f
  • Order = 1
• Microsoft-Windows-Shell-Setup in the specialize section with the following properties:
  • ComputerName = COMPUTER
  • TimeZone = Romance (valid zones can be listed with "tzutil /l") for instance "Pacific Standard Time"
    
  • CopyProfile = true. It will overwrite the profile in "\Users\Default User" with the current user.
  • ShowWindowsLive = false. Do not show a link to Windows Live in the start menu.
  • ProductKey = product key to activate Windows.
• Microsoft-Windows-Shell-Setup in the oobeSystem section with the following properties:
  • OOBE, to hide configuration pages to start first, with the following properties:
    • HideEULAPage = true
    • NetworkLocation = Work
    • ProtectYourPC = 2 (see reference for possible values)
  • UserAccounts, with the following properties:
    • AdministratorPassword/Value = administrator password. However, by default, the administrator account is disabled.
    • LocalAccounts, one for each local user you want to add. If only domain users will be used, can not be added noneadd no user.
  • RegisteredOwner and RegisteredOrganization and, optionally, with their corresponding values.

It is likely that the boot process will requests a product key if it is not provided in the response file. To prevent this from happening, you can use a key in file \sources\product.ini which is in the Windows installation media. As a result, the boot process will not request the key, but Windows is will not activebe activated. Example of basic configuration   Expand source

<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
    <settings pass="specialize">
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <ComputerName>COMPUTER</ComputerName>
            <TimeZone>Pacific Standard Time</TimeZone>
            <CopyProfile>true</CopyProfile>
            <ShowWindowsLive>false</ShowWindowsLive>
        </component>
        <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <RunSynchronous>
                <RunSynchronousCommand wcm:action="add">
                    <Order>1</Order>
                    <Path>reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Setup\OOBE /v UnattendCreatedUser /t REG_DWORD /d 1 /f</Path>
                    <Description>Disable create user account</Description>
                </RunSynchronousCommand>
            </RunSynchronous>
        </component>
    </settings>
    <settings pass="oobeSystem">
        <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <InputLocale>en-US</InputLocale>
            <SystemLocale>en-US</SystemLocale>
            <UILanguage>en-US</UILanguage>
            <UserLocale>en-US</UserLocale>
        </component>
        <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
            <OOBE>
                <HideEULAPage>true</HideEULAPage>
                <NetworkLocation>Work</NetworkLocation>
                <ProtectYourPC>2</ProtectYourPC>
            </OOBE>
            <UserAccounts>
                <AdministratorPassword>
                    <Value>awBpAG8AcwBrAG8ALgAxADIAMwBBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAFAAYQBzAHMAdwBvAHIAZAA=</Value>
                    <PlainText>false</PlainText>
                </AdministratorPassword>
            </UserAccounts>
            <RegisteredOrganization>flexVDI</RegisteredOrganization>
            <RegisteredOwner>flexVDI</RegisteredOwner>
        </component>
    </settings>
    <cpi:offlineImage cpi:source="catalog:d:/sources/install_windows 7 professional.clg" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>

Add computer to a domain

To add the volatile desktop to the domain specified in politics desktop policy, add the following components:

• Microsoft-Windows-UnattendedJoin in the specialize section with the following properties:
  • Identification/JoinDomain = WINDOWSDOMAIN
  • Identification/Credentials with user credentials with permission to add machines to the domain.

Example Component   Expand source

...

<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <Identification>
        <Credentials>
            <Domain>WINDOWSDOMAIN</Domain>
            <Password>Foobarz1!</Password>
            <Username>Administrator</Username>
        </Credentials>
        <JoinDomain>WINDOWSDOMAIN</JoinDomain>
    </Identification>
</component>

Delete Unattend.xml cached files

Answer files are cached in C:\Windows\Panther . This is a security problem because they contain credentials that users should not be able to see. Therefore, it is best to delete files A:\unattend.xml and C:\Windows\Panther\unattend.xml. For that, the The most common option is to create a batch command in the template called C:\Windows\Setup\Scripts\SetupComplete.cmd with the following contentscontent:

 del /Q /F a:\unattend.xml 
del /Q /F c:\windows\panther\unattend.xml 

This command will be executed at the end of the preparation of the volatile guest, obliterating removing the two answer files.

More information

You can find more information about response files in the following links:

• Windows Setup Technical Reference Windows Setup
• Settings for automating OOBE
• Automating the Automate Windows Setup
• Introduction to automation Windows Setup

...

• Automation Overview