Installing Citrix XenClient from MDT / SCCM / WinPE
Ok… I have been playing with Citrix XenClient for a while now, and I like it a lot!
Yes it has it’s quirks, bugs and issues, but what can we expect from a RC! So far I think Citrix has done an amazing job… to you XenClient developers, we salute you!
Ok, let’s get to the point.
This XenClient is awesome, but how are customers going to DEPLOY it to their systems? Using the CD was no option ofcourse!
So against all my geek instincts, I decided to read the XenClient manual. And b00m! They support installation using a PXELINUX server! Whooho!
But how many big enterprises, that are Windows houses have a PXELINUX server installed? Outside of universities I rarely see client deployment systems for Linux. Most of my customers use either MDT or SCCM to deploy their client machines. So I combined the steps in the XenClient manual, with my (very very very limited) knowledge of Linux systems. And came up with the following solution.
I created a script that will run from WindowsPE, install the necessary boot files onto a 100 mb fat partition. Inject your custom answerfile(s) and reboot the computer into the XenClient installation using the answerfile you have passed as an argument 
VERY IMPORTANT. This script assumes that there is a 100mb (or more) FAT volume mounted to driveletter C: during the WindowsPE phase. Use the partitioning of MDT/SCCM to do this. Or create your own custom diskpart script, if you want to run it from Windows PE.
I use some free GNUWin / UnixTools for this script, which are not included in the download. But I provide the link where you can download them
So here are the instructions:
- Copy the packages.main folder from the XenClient cd to a location on a http or ftp server.
The parent location of the packages.main folder is inserted in the answerfile.
In my case I have a webserver at http://10.0.0.12 in which I created a subfolder xenclient. In my answerfile I refer to http://10.0.0.12/xenclient as the source URL for the packages.
- Creating the package
- Download and extract my zip file to C:\XCInstaller for example
- Download cpio for windows from http://sourceforge.net/projects/gnuwin32/files/cpio/ and extract cpio.exe to C:\XCInstaller\bin
IMPORTANT, download version 2.4.2 (bin), because the commands I use in my script seem to be broken in higher versions - Download UnxUtils from http://sourceforge.net/projects/unxutils/ and extract usr\local\wbin\gzip.exe to C:\XCInstaller\bin
- Download Syslinux from http://www.kernel.org/pub/linux/utils/boot/syslinux/ and extract win32\syslinux.exe to C:\XCInstaller\bin
- Insert your XenClient cd and copy all files from the boot directory of the XenClient cd to C:\XCInstaller\boot
- Creating one or more answerfiles and place them in C:\XCInstaller\answerfiles
Here is an example of my answerfile
<interactive>false</interactive>
<mode>fresh</mode>
<source type="url">http://10.0.0.12/xenclient</source>
<primary-disk>sda</primary-disk>
<network-interface mode="dhcp"></network-interface>
<password>somepassword</password>
<enable-ssh>true</enable-ssh>
<license-key></license-key>
For a full reference of the answerfile, please consult the XenClient User Manual.
- Running the package
This script can be run from within WindowsPE, so this means that you can either use a vanilla WinPE boot image, or use MDT or SCCM to start this script. I will give an example for all three scenarios
NOTE: The .cmd file takes an answerfile name as a a parameter.
For example you have 2 answerfiles: fullunattend.txt and quickoptions.txt
If you want to install this machine using fullunattend.txt you can use InstallXenClient.cmd fullunattend.txt
If you do not specify a answerfile, the script will default back to the LAST answerfile found in the answerfiles directory. so if you have an answerfile called a.txt and an answerfile called z.txt and you did not specify the answerfile name, the script will default to z.txt
Vanilla Windows PE
- Share the C:\XCInstaller folder so you can access it via the network (in my case I host it on my windows server: 10.0.0.140)
- Start your target machine in Windows PE
- Partition and format the disk using diskpart:
select disk 0
clean
create partition primary size=100
select partition 1
format fs=fat quick
assign letter=c
exit
- Connect to the XCInstaller share
(in my case: net use \\10.0.0.140\XCInstaller) - Start the script
\\10.0.0.140\XCInstaller\InstallXenClient.cmd
NOTE: The .cmd file takes an answerfile name as a a parameter.
For example you have 2 answerfiles: fullunattend.txt and quickoptions.txt
If you want to install this machine using fullunattend.txt you can use InstallXenClient.cmd fullunattend.txt
If you do not specify a answerfile, the script will default back to the LAST answerfile found in the answerfiles directory. - Reboot the machine and VOILA! Your xenserver installation is installing using your answerfile!
Microsoft Deployment Toolkit
- Import the XCInstaller directory as an application in MDT
- Create a new custom task-sequence called Install XenClient
- Add the following steps to the task-sequence
Fake a NEWCOMPUTER DEPLOYMENT TYPE, otherwise the diskpartitioning will fail.
Partition the disk to a 100mb fat partition
Start the InstallXenClient.cmd
Reboot the computer in the XenClient installation
NOTE: It is very important that you do not use the Install Application step, but the custom command line step for the installation. The install application step will not run from within the WinPE phase of MDT. Point this command line to z:\Applications\YOURIMPORTDIRNAME\InstallXenClient.cmd (which is mounted by default by MDT to the distribution share)
SCCM
For SCCM the steps are almost identical as to MDT. Instead of importing an application > create a new package. For the SCCM task-sequence you only need 3 steps:
- Format and Partition disk (make a 100mb fat partition)
- Run Command Line (point it to run from package) InstallXenClient.cmd
- Reboot Computer (in the target partition)
Et voila! Watch your target machine installing XenClient! Here are some“old-fashioned” screenshots, to prove I have it running. Seeing as XenClient requires VTx I couldn’t test it inside a VM and had to use a physical machine… (just an explanation for the photo’s)
Have fun with this!
-Henk Hofs
Small workaround when Clear PXE advertisements doesn’t seem to work
I find it very annoying that sometimes when I clear an PXE Advertisement from the SCCM console and I reboot the machine I still get the PXE Boot Aborted message… a small workaround I always use is the following.
- Clear the PXE Advertisement using SCCM console
- Stop the WDS Service on the SCCM PXE Server
- Clear RemoteInstall$\SMSTemp on the SCCM PXE Server
- Start WDS Service on the SCCM PXE Server
And voila! The advertisement does work this time around…
All in all I have experienced a lot of troubles with PXE and SCCM… I am really hoping the next version of SCCM will bring major improvements to this part….
Creating a custom boot image for SCCM SP2 (WinPE 3.0)
Today I had to recreate my x86 boot image in my SCCM environment. I had just upgraded my testserver to SCCM SP2 and found that the old way of creating a boot image didn’t work anymore… seeing as SCCM SP2 uses DISM.exe instead of imagex and peimg. So I went looking for instructions on creating a custom SCCM SP2 image, but couldn’t found any, so here are the instructions .
1. Start the Deployment Tools Command prompt and enter the following command:
COPYPE.CMD x86 1 c:\WINPE
When you're working on a 64-bit WinPE image use "amd64" instead of "x86"
2. Mount the winpe.wim file to the mount dir that’s created automatically:
DISM /Mount-Wim /WIMFile:c:\winpe\winpe.wim /Index:1 /MountDir:C:\winpe\mount
3. Add the packages required by SCCM to the wim (again, if you’re working on 64-bit Windows PE substitute "x86" with "amd64")
DISM /Image:c:\winpe\mount /Add-Package /PackagePath:”C:\Program Files\Windows AIK\Tools\PETools\x86\WinPE_FPs\winpe-scripting.cab”
DISM /Image:c:\winpe\mount /Add-Package /PackagePath:”C:\Program Files\Windows AIK\Tools\PETools\x86\WinPE_FPs\winpe-wmi.cab”
After this step you can continue adding packages (such as winpe-hta.cab and winpe-mdac.cab) or custom files to the boot image. The 2 packages worked out above (Scripting and WMI) are required by SCCM, without these packages you will receive an error during updating your boot image to the distribution points.
4. Commit the changes to the WIM and unmount the WIM
DISM /Unmount-Wim /Mountdir:c:\winpe\mount /commit (thank you for the correction Matt!, It appears as if I was quite sleepy when I wrote this post
)
5. Import your custom boot image into SCCM.
That’s it, just as simple as it was with the previous version of WAIK, only different commands
System Center Team announces SCCM 2007 R3
Looks like Microsoft is releasing a "Green IT" release for SCCM....
As posted by Jeff Wettlaufer (Sr. Technical Product Manager System Center at Microsoft)
There are a few areas of focus for ConfigMgr R3, with the main engineering effort concentrating on Power Management. Here are the goals for this feature:
Power Management
The goal of this capability is to enable Configuration Manager to further reduce the operational costs of IT by providing basic power management features native to the product. Our approach is based on 3 primary areas:A. Help the organization plan a power strategy by monitoring current power state and consumptions and reporting on machine utilization trends, current power settings and current energy consumption
B. Enable the Administrator to easily create, deploy and enforce specific power settings using the existing ConfigMgr infrastructure
−Ability to set peak and non-peak schedules
−Ability to remediate settings if changed
−Ability to opt out machines from power policyC. Provide the business meaningful report formats that are relevant to Power Management
An effective approach to power management needs to maximize power policy deployment while minimizing the impact to the end-user. System Center Configuration Manager helps customers further reduce their operational costs by adding new in box capability to their ConfigMgr infrastructure, and by seamlessly enabling power management client agent services to their existing Collection landscape.
In addition to power management, ConfigMgr R3 will provide customers with enhanced scale and performance support above current numbers. In addition, further capabilities – in time for your Window 7 deployments – around Operating System Deployment will be enabled.
Configuration Manager 2007 R3 will release will release as a beta at the end of October 2009, with a targeted release of late Q1 calendar 2010. Continued blogging and product news, Twitter updates, interviews with key people on the project, and some videos and demos of the new code in action will be releasing over the coming months.
Configuration Manager 2007 SP2 RC released!
As posted by Cliff Hobbs on wmug.co.uk.
It’s official, the RC of SP2 is now available for download from Connect.
IMPORTANT: Remember that that Microsoft only supports TAP Customers running this in Production. If you’re not a TAP customer then make sure you only run it in your lab.
More details:
The System Center Configuration Manager team would like to announce that the following has been released and available for download:
Configuration Manager 2007 Service Pack 2 Release Candidate
This is the official Release Candidate build for Configuration Manager 2007 SP2.
New features:
- Refer to the SP2 Overview article posted on the primary Configuration Manager MSConnect site for all the new features and new supported configurations
- Hotfixes included in SP2 article can be found on the primary Configuration Manager MSConnect page.
- Deployment guides for BranchCache and the new AMT features are available in the download section.
- The new OpsMgr07 R2 ConfigMgr07 Management Pack can also be downloaded, this supports 64bit OpsMgr client agents.
- Please review the Release Notes before performing any installation and upgrade.
Feedback and Support:
- All registered Sp2 Open Beta users can submit bugs, design change requests (DCR’s), and other feedback. See the help link on the ConfigMgr MSConnect homepage for more instructions.
- Newsgroups are a great way to post questions and receive general support question answers.
If you experience any issues with the download or the MSConnect site please contact, sccmtap@microsoft.com
Regards,
The Configuration Manager Customer Team
ZeroTouch for MDT 2010 without SCCM!
Don’t you just wish you could set all your clients to boot from network, and let the PXE server evaluate whether or not it should load the WinPE image to redeploy the computer? Well you can with SCCM using mandatory advertisements of course… but I've written a little script that will achieve the same functionality using native MDT, without the use of the SCCM infrastructure
Here’s how you do it:
- Requirements:
- MDT2010 (beta 2) /WDS installed on Windows Server 2008
- Powershell enabled on the WDS server
- MDT deployment share configured to use the database (i’m using an SQLEXPRESS instance configured on the same machine as MDT/WDS in this example)
- SQL Server Management Studio or equal SQL server management tooling for editing the database.
Ok here we go and setting it up. First some simple stuff
- Set your WDS server to admin approval mode
- On the Directory Services tab, make sure you set the OU location in which the WDS server will create the temporary computer object for approved devices
- Make sure your WDS server account has full control on the OU set in the WDS directory services
Ok, that was easy now wasn’t it?
Now let’s edit the MDT database to fit our needs. This assumes your already set up your database using the database wizard in the MDT Workbench.
- Start the SQL Management Studio application and expand the MDT database (MDT_DB in this example)
- Browse to Tables –> dbo.Settings –> Columns
- Right click Collumns and select New Column
- Give the new column the name of netBoot and type nvarchar(50)
- Save and close the SQL management studio
- Verify the database expansion was successful by opening the MDT Workbench and navigating to the database view > Computers > properties
- Select the Details tab and browse all the way to the bottom to verify that the netBoot value is there
Ok, that was part 1 of the configuration. Now we have to know what to actually do with this extra field in the database. Well that’s where my script comes in. Here’s how you install it.
- Run the following command as an administrator on the WDS/MDT server:
- Server 2008: Powershell.exe –command “ & {Set-ExecutionPolicy Unrestricted } “
- Server 2008 R2: Powershell.exe –command “ & {Set-ExecutionPolicy Bypass } “
- Download the MDT-ZTI.ps1 file to your WDS/MDT server (in this example I'm using D:\MDT-ZTI.ps1)
- Start Task Scheduler and Right click library > Create Task
- Give the task a name of your liking. I’m using MDT-ZTI in this example.
- On the triggers tab select: New
- Begin the task: On an event
- Log: Microsoft-Windows-Deployment-Services-Diagnostics/Operational
- Source: Deployment-Services-Diagnostics
- EventID: 4096
- Click Ok and go to the Actions tab and select New
- Add action
- Start a Program
- Program/Script: Powershell.exe
- Add Arguments(optional): –command D:\MDT-ZTI.ps1
Ok the ZeroTouch “service” is almost ready to go. Now there’s another thing that we need to configure… we have expanded the MDT database to contain an extra column… but how does the service know what database and what database server to use?. Well that is hardcoded in the top of the configuration of the MDT-ZTI.ps1 file. In the future I will be using params() from powershell, but for now just change it in the top of the script.
# //*************************************************************************** # // Configuration: # // Notes: Set the database name and datasource for your environment here. # // For SQLEXPRESS on the same server use "\SQLEXPRESS" as datasource # //*************************************************************************** $Database = "MDT_DB" $DataSource = ".\SQLEXPRESS"
Now how does the “service” know what computers are allowed to boot into WinPE and what computers should boot to the next boot device? That’s a simple 3 part answer:
- Every computer that is NOT in the MDT database will be rejected (pxeabort.com) by the ZTI.
- Every computer that IS IN the MDT database will be polled for the value of netBoot.
- If the value of netBoot does not equal FALSE it will approve the device so it will load the boot image, and then set netBoot to FALSE so the device won’t load the boot image on the next reboot
So if you have a computer which is not booting into winPE just clear the netBoot field in the database and on the next reboot it will boot into winPE.
IMPORTANT: Please be sure to test this first in a test environment first, it is not recommended to implement this in production directly.
Download: MDT-ZTI
SCCM 2007 R2 on Server 2008 Weird WebDAV errors on MP installation
I was messing about with installing SCCM 2007 R2 on a Windows Server 2008 box. Everything went nice and smooth up to the point where my Windows PE for building and capturing an image would just Initialize and then spontaneously reboot…
So I decided to dive into the smsts.log (located in x:\SMSTSLOG or c:\smstslog, depending if your task-sequence was able to format the c:\ drive allready )
In there I found some errors relating to my MP ( No MP Certificates found). From there on I decided to check out my Site and Component status in the SCCM Console and found out that my Management point was having issues with the WebDAV configuration, so I zoomed in on the MPSetup.log (located in %programfiles%\Microsoft Configuration Manager\logs) and there were the following lines:
<06-24-2009 19:53:49> checking WebDAV configurations <06-24-2009 19:53:52> WebDAV settings is not setup appropriately <06-24-2009 19:53:52> [Allow property queries with infinite depth] should be true (true) <06-24-2009 19:53:52> [Allow Custom Properties] should be false (true) <06-24-2009 19:53:52> [Allow anonymous property queries] should be true (true) <06-24-2009 19:53:52> Allow [All users read access to All content] authoring rule should exist (exist)
Which was really strange, because according to my IIS Manager>WebDAV Authoring Rules>WebDAV Settings, Allow Custom Properties was set to false…. eeeh what the hell?
I googled around and found out the following, the IIS console doesnt always update the webDAV configuration file correctly…. so I edited the config file manually.
C:\Windows\System32\inetsrv\config\schema\WEBDAV_schema.xml
I found the following lines:
<element name="properties"> <attribute name="allowAnonymousPropfind" type="bool" defaultValue="true" /> <attribute name="allowInfinitePropfindDepth" type="bool" defaultValue="true" /> <attribute name="allowCustomProperties" type="bool" defaultValue="true" />
and changed them to:
<element name="properties"> <attribute name="allowAnonymousPropfind" type="bool" defaultValue="true" /> <attribute name="allowInfinitePropfindDepth" type="bool" defaultValue="true" /> <attribute name="allowCustomProperties" type="bool" defaultValue="false" />
Then I restarted the IIS service, and after that I restarted the SMS_SITE_COMPONENT_MANGER service from within the ConfigMgr Service Manager (located under the Tools node). After that my Management Point played nicely
Custom SCCM context menu’s
How to make custom actions on resource objects within the SCCM console.
1) browse to %Program Files%\Microsoft Configuration Manager\AdminUI\XMLStorage\Extensions\Actions
2) create a folder with name: 7ba8bf44-4035-bdb4-16630291dcf6
3) place your custom actions XML within this folder
Here's some sample XML:
<ActionDescription Class="Executable" Displayname="Do Something Cool" MnemonicDisplayName="Script" Description="Something Cool"> <Executable> <FilePath>wscript.exe</FilePath> <Parameters>%TEMP%\Helloworld.vbs</Parameters> </Executable> </ActionDescription>
For a complete reference of possibilities, download the SCCM SDK here