Scott Drucker WinINSTALL Systems Engineer MSI Packaging & Zero Touch Provisioning Advantages of Application Packages • Safely Install and Uninstall Software • Allow more Desktop and Application Control • Open Architecture to Administrators • Consistent install experience for end users • Consistent set of install rules – Protect OS Components – Manage shared resources – Eliminate DLL conflicts 2 What is MSI and Windows Installer? • The Windows Installer technology is divided into two cooperating parts: – Client-side Windows Installer service (Msiexec.exe) – Microsoft Software Installation (.MSI) package file - a database that describes the relationships between features, components, and resources for a given product • When the Windows Installer is installed on a computer, the.MSI file name extension is associated with Msiexec.exe 3 Purpose of MSI • Microsoft created the MSI format for program installation for the following reasons: – Provide developers with a specific set of rules for developing setup routines – Provide superior component management resulting in a more stable OS – Provide support for advertised packages, installation on demand, and resiliency 4 MSI System Requirements • Microsoft Windows NT 4.0 with Service Pack 3 or higher – Use InstMSI.exe to install on Windows NT 4.0 • Microsoft Windows 9x – Use InstMSI.exe to install on Windows 9x • Microsoft Windows ME • Microsoft Windows 2000 • Microsoft Windows XP 5 MSI Tool and Information Sources • Microsoft provides the MSI installer and an SDK (software development kit) on MSI targeted towards software developers. IntelSDK.msi file. • TechNet and MSDN Platform SDK CD is another source of information on MSI • Both provide some excellent troubleshooting tools and reference materials. 6 MSI Features and Components • The Windows Installer are organized using Features and Components – Feature: A part of the application's total functionality (such as a spell checker) that a user may install independently – Component: A granular piece of the application or feature to be installed The installer always installs or removes a component as a coherent piece 7 Group Policy Advertising Types • Group Policy Supports the following Advertising Types: • Assigned Applications – If an application is assigned, the Start menu contains the appropriate shortcuts, icons are displayed, files are associated with the application, and registry entries reflect the application's installation • Published Applications – If an application is published, an ARP entry for is created and it is made available to other applications to install-on-demand 8 MSI Levels of Install • Simple Installation – A simple installation is straight installation of a product • Administrative Installation – An administrative installation installs a source image of the application onto the network that is similar to a source image on a CD-ROM. • Advertised Installation – An advertised installation will install the necessary entry points on to a user's machine without installing the actual product. 9 MSI Order of Execution • Acquisition – The MSI database and/or the user instructs the Windows Installer as to what features to install, what the target directories should be, and any other options or what properties that pertain to the installation • Execution – The installer performs the actions to run the installation with the information gathered during the acquisition phase • Rollback – If an installation is unsuccessful, the installer restores the original state of the computer 10 Advertised vs. Unadvertised Shortcuts 11 Advertising and Resiliency 12 Actions, Conditions, and Sequences 13 InstallUI & InstallExecute Sequence Tables 14 Custom Actions • What is a Custom Action? – Any action that is not a standard action in the sequence tables • What are the drawbacks of using a Custom Action? – The administrator must know and understand the sequence in which to place the Custom Action – Custom Actions do not support Rollback on a failed installation 15 Custom Action Categories • Immediate Execution Custom Actions • Deferred Execution Custom Actions • Rollback Custom Actions • Commit Custom Actions 16 Custom Action Types • DLL – Calls an entry point into a DLL • EXE – Launches an Executable • Text – Defines a directory, property, or an error message with specified text. • Jscript – Launches a Java Script • VBScript – Launches a Visual Basic script • Install – Launches a nested installation of another MSI package. 17 Merge Modules - MSM • Definition: – A standard method for delivering components • Insures that the correct version of a component is installed • A merge module contains a component such as a .DLL along with any related files, resources, registry entries, and setup logic. 18 Patches - MSP • Used to update existing applications with fixes and other updates • Patch packages are comprised of the following: – A summary information stream – Transform substorages – Cabinet file streams • Applied to MSI package, not to installed application – Apply Patch – Reinstall application 19 Transforms - MST • A transform (.MST file extension) is a collection of changes applied to an installation. – Can be saved as a file with an MST extension. – Can be Embedded within the data stream of the MSI database itself. – Can be Applied to an MSI which commits the changes contained in the Transform permanently to the MSI database. – By applying a transform to a base installation package, the installer can add or replace data in the installation database. – Transforms alter the installation database and can be used to encapsulate the various customizations of a base package required by different groups of users. 20 Scott Drucker WinINSTALL Systems Engineer Zero Touch Provisioning Agenda • PXE Technlogy – PXE Defined – PXE Version 9.0 Sequence of Events – PXE Version 10 Sequence of Events – PXE Overview – PXE Environment – WinINSTALL Architecture – DHCP Specifics – Configuring WinINSTALL PXE – WinINSTALL PXE Server – .sif File Details – PXE Clients – Cmdlines.txt File Details – PXE Hardware – Product Walk-through 22 PXE defined • Preboot eXecution Environment – NIC as a bootable device – Download and execute a boot program – Executes after BIOS and before OS loads • Specification created by Intel – First version in 1998 – Most recent revision is 2.1 done in 1999 • Incorporated into Intel’s Wired for Management (WfM) – Implemented by BIOS and Hardware vendors – Supported in most PCs shipped after 2000 23 PXE Overview DHCP Server PXE NIC Broadcast DHCP Response PXE Client PC PXE NIC Request PXE Server Sends NBP 24 PXE Server PXE Environment • DHCP is required • Not possible with static IP environment • Generally use a PXE server per subnet • DHCP server must support server options • Windows 2000/2003 Svr DCHP Server is compatible • DHCP routers and firewalls such as Linksys, Netgear, DLink etc. are typically not compatible 25 DHCP specifics • Two DHCP Server Options must be configured: – Option 66: IP/Network Name of PXE Server – Option 67: Path to boot program on PXE server • WinINSTALL configures these automatically when possible • In some cases, these options at a per Server level • With VLANs or multiple scope configurations, they are set at Scope level 26 WinINSTALL PXE Server • Responds to PXE NIC requests directs its way by DHCP • Contains a TFTP file server • Delivers Network Boot Program (NBP) • Delivers OS installation files, Drivers etc. • This does not have to be a dedicated machine • Deployed and managed from the WinINSTALL console • Runs as a sub-component of the WinINSTALL Server Agent 27 PXE Clients • Must be PXE-capable • BIOS support for network booting • NIC support for PXE specification • Two versions: DHCP-based or RPL (Remote Program Load) – RPL used in NetWare environments – NICS may vary in support – RPL-only NICS will not work in Windows Networking environments • Non-PXE-capable machines can supported using bootable floppy disk image 28 PXE Clients • BIOS support for network booting enabled • NIC support for PXE and enabled/flashed boot ROM • BIOS boot order - Network Boot before hard drive • Two PXEs: DHCP-based or RPL – Remote Program Load used in NetWare environments – NICS may vary in support – RPL-only NICS will not work in Windows Networking environments • Non-PXE-capable machines can be supported using bootable floppy disk image 29 PXE Hardware • Nearly all machines sold after 2000 meet requirements • PXE may be disabled in new PCs BIOS even if supported • Some NICs ship with boot ROM disables/unflashed • These settings vary with different BIOS and NIC vendors • Refer to manufactures documentation for details 30 Version 9.0 PXE Sequence of Events • Machine powers on, BIOS loads, checks devices etc. • BIOS give control to first device in boot order • PXE NIC sends out request/broadcast • DHCP Server responds with IP/Name of PXE server and path to NBP • PXE NIC contacts PXE Server • If a job is assigned to client, NPB is downloaded • If no job is assigned, boot sequence continues 31 Version 10 PXE Sequence of Events • • • • Machine powers on, BIOS loads, checks devices etc. BIOS give control to first device in boot order PXE client queries for IP from DHCP Server The client queries a 2nd time and receives the PXE Server and Boot File name (DHCP Proxy Server) • TFTP is used to download the boot file name • The boot file is executed and queries the PXE Server on port 4011 for what it should do • The server then: – Replies with a Reset Command – Credentials for the Reset 32 Version 9.1 PXE Changes continued – Path to the Microsoft OS installer on the PXE Server – The unattended SIF File • The client TFTP’s the Microsoft Installer and the setup of the OS begins • OS Files are copied using Windows Networking (SMB) to the client Machine • Reboot is performed • Setup enters the GUI mode to perform the bulk of the installation 33 Version 10 PXE Changes continued • After setup completes, the cmdlines.txt is processed. This is created by the end user • Reboot performs • Post Installation tasks take place, i.e. software installation, agent deployment, personality restored, etc. 34 WinINSTALL Architecture PC / PXE Client PC / PXE Client PC / PXE Client DHCP Server WinINSTALL Agent WinINSTALL Database WinINSTALL Server/Share PXE Server Reporting Scheduling WinINSTALL Management Console 35 WinINSTALL Console 36 Configuring WinINSTALL PXE • Configuring a WinINSTALL PXE Server – Upload OS installation files, device drivers, utilities etc. – Upload Windows Hotfixes – Configure PXE Server settings • Creating PXE Client Reset Templates – Installation behavior – Locale settings – Configure software installations – Configure user Personality/Data restoration • Reusable Templates apply to all hardware systems 37 Customizing PXE OS Install • Unattended Installation – Allows customization of Windows installation behavior – .sif files control installation options • Cmdlines.txt and $OEM$ directory – Custom command line execution – Registry configuration during installation 38 .sif File Details [DATA] autoPartition=1 MsDosInitiated-”0” UnattendedInstall=“YES” [Unattended] UnattendedMode=FullUnattended OemSkinEULA=Yes OemPreinstall=No TargetPath=Windows [GuiUnattended] AdminPassword=password OemSkipRegional=1 TimeZone=4 OemSkipWelcome=1 39 Cmdlines.txt File Details • Additional control over install behavior and results • For example, execute a custom registry file: ;Turn Off MSN Explorer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Oc Manager\Subcomponents] "msnexplr"=dword:00000000 ;Turn off Outlook Express [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Oc Manager\Subcomponents] "oeaccess"=dword:00000000 ;Turn off Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Oc Manager\Subcomponents] "wmaccess"=dword:00000000 40 Cmdlines.txt File Details • Save the registry file to the $OEM$ folder on the WinINSTALL Share • Add a command to the cmdlines.txt file [COMMANDS] “REGEDIT /S C:\registry.reg” • During Windows installation the command will run 41 Product Walk-through Remediate & Update User Zero-Touch OS Install Add Machine to Network/Domain IT / Help Desk Restore Required Troubleshoot Guidelines Software Inventory Centralized Console Remote Management Package & Deploy Apps Template Reuse Restore Data & PC Personality 42 Q & A Session