Prerequisites for OS Image Configuration
This topic outlines the prerequisites required for configuring the OS image for Windows Modern devices. It also includes important notes, considerations, and recommendations for a successful OS image configuration.
PXE Server Configuration Requirements
When using the Preboot Execution Environment (PXE) server option for OS image
configuration, make sure the following components are in place:
- Trivial File Transfer Protocol (TFTP) server
- Dynamic Host Configuration Protocol (DHCP) server
- WinPE image
- Shared network drive or distribution server
- Windows Modern enrollment PPKG file
Supported Configurations
Windows OS imaging is supported on:
- Unified Extensible Firmware Interface (UEFI) and Legacy BIOS devices
- Master Boot Record (MBR) and GUID Partition Table (GPT) partition mechanisms
- Solid State Drive (SSD), Hard Disk Drive (HDD), and Solid State Hybrid Drive (SSHD)
- Advanced Host Controller Interface (AHCI) supported devices
Note: One device can serve as the PXE server (to load the WinPE
image), DHCP server and distribution server or network drive (to load the OS
image).
Notes and Considerations
Review the following important considerations for OS image configuration:
- Devices used to create a golden image must not have user-provisioned packages.
- Only provisioning package enrollments are supported after image creation or image deployment.
- BitLocker is automatically disabled during image creation and image deployment.
- Devices unenroll during image creation and deployment process, and are be re-enrolled into SOTI MobiControl using the provisioning package method.
- GETAC devices require user intervention (pressing the “F12” key) during image creation and deployment to set the device to PXE boot when using the PXE server.
- Devices must have the appropriate network driver to enter WinPE mode. Place the network drivers in the OSI folder when creating the WinPE image.
- Legacy BIOS devices also require “F12” key intervention to set the device to PXE boot when using the PXE server.
- Devices running non-enterprise Windows versions with an OEM-bound activation
key cannot re-enroll automatically. Manual intervention is required because
these devices cannot run the
%WINDIR%\Setup\Scripts\SetupComplete.cmdfile required for re-enrollment. See Windows setup scripts for more details. - All user-related packages are deleted after image creation and deployment.
- User credentials are saved; any user with permissions to deploy an image can use those credentials.
OS Image Configuration Recommendation
Follow these best practices to ensure successful OS image configuration:
- Make sure only one user is signed in to the device when the image creation process begins.
- Do not deploy an MBR image to a device partitioned using GPT, as this will cause a deployment failure.
- Update the boot file name to match the architecture when setting up the DHCP
server (for example
\EFI\Boot\bootx64.efifor amd64). - Disable secure boot and fast startup before the imaging process.
- Enable the "Re-enrollment rule" toggle in Global Settings to prevent duplicate entries of devices with the same MAC address and hardware ID but different device IDs.