Archive: Best Practices to Capture an Image for Deployment

Capturing a solid image is the first step to managing your systems properly, and I have never covered it specifically on this site until now (even though I do it frequently). This post should help guide you in using best practices for the best possible image.

Typically, I do all of my image captures through MDT, even though SCCM can capture a perfectly good image, as well. If you didn’t know already, WIMs captured by MDT can be used for OS deployment in both MDT and SCCM.  I use MDT for capturing because you actually get some additional features when capturing the WIM. One of these settings is the CopyProfile variable. This allows you to make changes to the local admin profile when customizing your reference system prior to capture – these changes are then wrapped into the WIM file and can be applied to the user profile of the target system.

Another reason I like to use MDT for capturing images is the reliability. If you’re someone who likes to use “build & capture” task sequences for a completely automated image build process, you may know that scripting installs and configurations tends to be friendlier in MDT. This is because MDT runs these scripted actions using the local administrator account, while SCCM uses the local system account. Not all installers or tasks are compiled to handle execution under the local system account.

Lastly, capturing an image in MDT is very simple. If you’ve been using imagex to create WIMs, you’ll find this process much easier but just as effective.

While building your system to capture an image from, consider these tips:

  • Always build your capture systems on VMs. Capturing an image from hardware will result in driver injection failure on several new models coming out now. When building a universal image for deployment, you absolutely do not want any hardware-specific configurations in your image. Also avoid installing VM-specific applications, such as VMware Tools. Building your image from a VM also allows you to use snapshots/state restores, which are very useful to run right before you begin the capture process.
  • Use Windows Audit Mode – it’s extremely useful and can save you a lot of hassle. Audit Mode is specifically designed for creating images and prevents you from having to create a local user account, password, or other “first logon” configurations. To boot into Windows Audit Mode, hit Control+ Shift + F3 when Windows Setup prompts you to set up a user account after installing the OS. A screenshot can be found later in this article. This will work across all versions of Windows.
  • Don’t worry about finding and applying drivers during the build process. You shouldn’t have to worry about this since you’re building it on a VM, anyway, right?
  • Take this opportunity to fully patch your build system. Patch, reboot, patch, reboot, etc. You may run into issues trying to run Windows Update on Window 8 under Audit Mode, but see my blog post here for a workaround.
  • If capturing Windows 7, apply these two hotfixes for the UMDF and KMDF. They fix issues with driver injection but must be present in the captured image to work. These are critical on several new systems.
  • Make your life easy and build as few images as possible. Having a separate image for every hardware model or user configuration isn’t necessary anymore and multiplies the amount of maintenance you have to do. Task sequence variables are very powerful and can be leveraged to handle several different scenarios. For instance, you can have a VPN client install only on laptops by using the IsLaptop task sequence variable. The most common example here is probably driver injection – you can handle drivers for multiple models in your environment by using conditional task sequence variables or even modifying your customsettings.ini file. More tips on driver injection can be seen in my blog post here.
  • Before capturing, clean up your system. Run Disk Cleanup, empty the Recycle Bin, delete the Windows Update cache (C:\windows\softwaredistribution\download). Some other common directories that can be cleaned up include: C:\temp, C:\swsetup, C:\dell, C:\intel. Also, be sure to uninstall any unnecessary applications – a lot of drivers will install applications now.
  • Consider that some applications have unique GUIDs and need to be rearmed. If you don’t rearm some applications, they will not function properly when deployed to multiple systems. Office and Symantec Endpoint Protection are two examples of applications that have GUIDs. Rearm these immediately before initiating the capture task sequence.
  • Don’t worry about your local admin account/password. You can set these later in your unattend.xml during deployment.

Now for the walk-through- this assumes you already have MDT installed and functioning properly.

Create a new task sequence in a local deployment share that can process capturing an image. Right-click Task Sequences and choose New Task Sequence.


The capture task sequence needs to match the architecture of the image that will be captured, so you may need to create two if capturing both 32-bit and 64-bit images.


Use the Sysprep and Capture template.


Choose a WIM or set of imported source files that match the architecture of the image that will be captured.


On the next few screens, choose to not specify a key, administrator password, organization, or IE homepage (these don’t apply to captures). Complete the wizard and verify that your task sequence appears. Update your deployment share to generate boot media if it hasn’t been done previously.


Optionally, you can set the CopyProfile variable to True in the unattend.xml file for this task sequence to save any changes made to the administrator profile into the image, as well. Otherwise, any changed made to the user profile will not be saved (things like wallpaper, desktop icons, favorites, etc). To copy these settings into the WIM, right-click your Capture task sequence and open the properties. Under the OS Info tab, click the Edit Unattend.xml button.


In Windows System Image Manager, find the CopyProfile setting under the Specialize phase. Set it to True and save your unattend.xml file.


At this point, MDT configuration is complete. Install Windows on your build system from media. Proceed normally until you reach the Settings or User Account setup page. This is the first pause for user input once OS installation is initiated. At this screen, hold Control + Shift + F3 to skip setup and boot into Audit Mode. It will look like this on Windows 8:


Audit mode is designed specifically for capture builds. You will see the following Audit Mode window every time you start the system until Sysprep is run- be sure to cancel out of it each time.


From here, customize your system. Patch your system with updates, install any applications, and make any necessary changes. You can reboot your system as many times as needed. Remember to disregard drivers and to clean up files are mentioned in the tips earlier in this post.

Now that you’re ready to create the WIM, initiate the capture from within the OS. Connect to the UNC path of your deployment share. By default, it’s set as \\mdtserver\deploymentshare$ . From this share, open the Scripts folder and launch LiteTouch.vbs or LiteTouch.wsf.


Select the task sequence that matches your OS architecture (if you created more than one).


On the next screen, choose to capture an image of this reference computer and enter a valid UNC path to store the captured WIM. You must have read/write access to this UNC path.


Enter your network credentials with read/write permissions when prompted.


Review the settings and begin the capture process.


At this point, no further interaction is required. You can watch the system run a Sysprep and reboot into WinPE where it will capture and upload the WIM on its own. The system will notify you when the capture has completed successfully.

From here, you can upload the WIM directly into MDT or SCCM.


Remember to set the CaptureProfile setting to true for your deployment task sequence as well- it is not enabled by default!

Thanks for reading – leave some feedback if I can answer anything on this topic.