USB Windows Deployment with AutoUnattend and Chocolatey

6 Jul

With no local on-prem servers, I need a way to quickly build machines.

The obvious answer was via USB (PXE booting from WDS had been my choice previously but that would require a machine or VM, and new machines need to be built across many locations, and I’m trying to keep this really simple)

First step is to create a bootable USB stick using the media creation tool.

With that installed, I then popped my AutoUnattend.xml file on the root of the memory stick. This takes care of all the options and also installs any software and adds the Wi-Fi.

I then created a folder within “sources” on the USB stick called “$oem$” and within that a folder called “$1”. Within that I created a folder called “Company” and within that “Scripts”, “Software” and “Configs”. ie:

e:\sources\$oem$\$1\Company\scripts

Anything in $oem$\$1 will be added to the c:\ root of your fresh install, so I added stuff here that I needed to reference in the latter stage of the build.

I added in the Wi-Fi key so it would auto-connect to that, that was simple a case of exporting the current key to and XML file with:

netsh wlan export profile “WiFi Name” folder=c:\temp

And this is then added with:

netsh wlan add profile filename=”c:\Company\Configs\WiFi-Company.xml”

The cleverness then comes in the form of Chocolcatey which goes off and always gets the latest packages and installs them all silently, saving me all the hassle of keeping them updated and working out all the various switches and configs to install them silently. This is called in the AutoUnattend file with:

<CommandLine>”c:\Company\Scripts\chocolatey.bat”</CommandLine>

This batch file looks as follows:

"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"
choco install adobereader-update -y
choco install notepadplusplus.install -y
choco install googlechrome -y
choco install office365proplus -y
choco install microsoft-teams -y

@echo off

REM Get Computer Manufacturer
FOR /F "tokens=2 delims='='" %%A in ('wmic ComputerSystem Get Manufacturer /value') do SET manufacturer=%%A

IF "%manufacturer%"=="Microsoft Corporation" (
    ECHO Microsoft Machine
)

IF "%manufacturer%"=="Dell Inc." (
    ECHO Dell Machine
    choco install dellcommandupdate -y
)

IF "%manufacturer%"=="LENOVO" (
    ECHO Lenovo Machine
    choco install lenovo-thinkvantage-system-update -y
)

It installs some software that is machine specific too, ie the Dell update software, only on Dell machines.

It then deletes the files I added and reboots the machine as the last steps (8 & 9)
Start to finish it took about 20 minutes to completely rebuild a machine this way, pretty cool.