Configuring Multi PCs at once
Posted by Level-You6963@reddit | sysadmin | View on Reddit | 31 comments
I'm in the process of configuring 300 computers in my company. Each computer is exactly the same and will be configured exactly the same way: the same applications, drivers, tabs, the same admin with the same password. It's not cost-effective to do it manually, but I don't know how to automate it. I tried creating an image of the finished system – it theoretically worked, but I had to run OOBE (location, account, network permissions, etc.), and when i tried with sysprep it always throws an error (Windows could not finish configuring the system. To attempt to resume configuration, restart the computer). For now, I've been using an image from a USB drive via Clonezilla. Any tips on how to make it easier?
acetaminophenpt@reddit
Chocolatey+custom scripts
Ok-Double-7982@reddit
It's 2026. Autopilot and Intune.
andrea_ci@reddit
With high budget.
Wds with normal budget.
Sawyer-NL@reddit
What do u mean? Premium license and 2$ ninja is high budget?
andrea_ci@reddit
Premium is 10$ more than standard, monthly.
Outside US, that's a big difference for many companies.
Sorcerious@reddit
For 300 seats that amounts to about 3k extra. Which will probably be way less than hiring consultants and getting Premium licenses anyway, or hire consultants to repair the botched job someone with no experience will do.
I find Autopilot is actually pretty easy to setup and if you do a small test batch, nothing much will go wrong. The convenience comes at a price, but quite low in the grand scheme of things.
andrea_ci@reddit
to be clear, it's 3k more.. on an original price tag of 3750.
it's "only" a 80% increase.
Sorcerious@reddit
I'm well aware of the Microsoft price tags, tyvm. Point still stands, I know the rate of some consultants and you'll pay more than that in less than a week if you hire those, while still paying the Premium price.
It's like those people who refuse to invest in decent IT security because 'why pay so much if everything's working?'. Trying to save a buck is sometimes looking a bit deeper than just the 3k increase.
ArgonWilde@reddit
Only drawback to this is that you need them all to run long enough for everything to sync up, check in, provision, install, etc.
Autopilot and intuje is good for managing gradual rollouts, but 300 in one hit, you'd want a sysprepped, sealed image with all this preconfigured.
Ok-Double-7982@reddit
That's what Autopilot does. Thanks for the downvote though, old school knuckleheads.
Sawyer-NL@reddit
Really depends how u set it up. We setup autopilot 2.0 and user can start working within 15 minutes. Applications are rolling out with ninja rmm. Most important security settings are rolled out fast. We have it setup that we can ship the laptops and user can set it up themselves if they have good internet..
ArgonWilde@reddit
Yeah, so if you use autopilot to enroll devices into a different device management platform, it can be good. But I find there's no rushing intune...
We have just two mandatory apps that are required prior to a user logging in, and it can sometimes take 5 minutes, and other times take 45 minutes...
trixster87@reddit
Ntlite will give you an iso that skips oobe and can have apps and wireless all set up.
diamkil@reddit
Autopilot/Intune as others mentioned or even WCD (Windows Config Designer)
joshghz@reddit
What exactly do you have to work with? Are there other people you can ask for help with this? The fact you're responsible for 300 computers at a company and are hitting these sorts of issues is not the best situation for you to be in.
You 100% should not be cloning images that are not sysprepped. This can cause issues with duplicate SIDs which can cause a mess of issues depending on how the computers interact with each other (which is an issue my own company wandered into when the people responsible for VM templates screwed up).
Ideally you use Microsoft Intune with its Autopilot feature, if Intune is available to you. Otherwise, you need to figure out why sysprep is breaking and fix that.
If this is all on you and you have no support, from other people, I have previously stored Clonezilla on a network server and automated a script to just clone the image from there once it boots off the USB stick. This evolved into using FOG Project which is a feasible option if you have no budget or existing tools for this sort of deployment at your disposal.
Vivid_Mongoose_8964@reddit
SID's are created when pc's are domain joined.
Vivid_Mongoose_8964@reddit
you want smartdeploy
Papfox@reddit
We use FOG Project for this. Capture the image then net boot the machines from the FOG server. It's excellent
tensorfish@reddit
Stop trying to make Clonezilla do deployment's job. For 300 Windows boxes this wants MDT/WDS, or Autopilot/Intune if you already have the licensing, with a thin image and apps/drivers layered separately. Let unattend handle the OOBE bits. Also do not ship 300 machines with the same local admin password unless you want your next project to be incident response.
Ok-Double-7982@reddit
Old farts in this sub are obsessed with USB thumb drive golden images. Every time I mention anything cloud-based or (gasp) modern, pitchforks come out.
EduRJBR@reddit
In case the company is going to use Microsoft 365, maybe you should take a look on the possibilities provided by it. In case the company is deciding between Microsoft 365, Google Workspace or whatever alternative, you should seriously consider Microsoft 365.
But I don't have real life (real work) experience on the subject.
Adam_Kearn@reddit
If you want something quick and simple. Grab a machine you can install FOG project on.
Or if you have the resources create it as a virtual machine on your existing servers.
Edit your DHCP options 66/67 to boot to the FOG server directly (this is explained in the fog setup guide)
Create a VM to use as your golden image and setup as you would like it.
Change the BIOS to boot the network adapter first instead of the windows OS.
Register the host into fog and give it a name “golden-2026”
Go into the hosts section of the fog web page and start a “capture” task.
Run the sysprep commands then reboot the device to boot off the network adapter again.
(Look on Google/youtube for guides on this - it’s really simple once you have done it a few times)
It should create an image of the disk you can then deploy out.
——-
I would recommend creating your image on a VM and take loads of checkpoints as you are doing it.
Let’s you easily restore it back if needed or if you need to add more software/drivers later without having to do all the prep work again.
Just use tools like pnputil to import the drivers etc from the manufacturers website.
You could probably get all this done within a day and start rolling it out to your devices by just pressing F12 at boot.
——
Yes - there are loads of other tools out there but FOG is the easiest to get into production especially if you don’t already have a good background in the imaging and deployment processes
itishowitisanditbad@reddit
Genuinely? Hire an IT professional thats worked with basic deployment processes or hire a MSP because the clusterfuck mess you can make with this, if you don't know what you're doing, is significant.
You can't just "wing" IT and shrug. Its dangerous.
plump-lamp@reddit
Same admin password. Oh boy. Have fun.
You seem entry level IT in a bit over your head. Look in to an RMM, group policy, Intune, etc all depending on your environment.
Absolute_Bob@reddit
Also LAPS.
CoolNefariousness668@reddit
We paid for Immy Bot and it was bloody fantastic. Configured and deployed about 150 devices in a few days.
valar12@reddit
aka.ms/ffu
vermyx@reddit
Look at the error log in c:\Windows\System32\Sysprep\Panther. the usual issue i have encountered is a windows app that is deployed to a user which has to be uninstalled before sysprepping
Antoine-UY@reddit
Autopilot and Intune if you have licenses for it. FOG Project or Clonezilla if you don't.
If you have no earlier experience with this, which is what I'm getting from your post, the easiest to set up is FOG Project.
jeggy111@reddit
Is your gold image build throwing that sysprep error on all the machines you’ve tried? It used to be that if you run Edge at all it wouldn’t want to sysprep and needed Store apps to be reset before sysprep
CrimsonSteele01@reddit
Give this a try
https://www.edtechirl.com/p/zero-touch-usb-imaging-new-and-improved