Windows Image Capture Bonanza

I had my first experience creating gold images with Windows XP SP2.  If I recall correctly I was able to draw down total base process count to ~30, freeing up as much of the 512MB RAM as possible, all while having a 25 character license key burned into memory.  Time marches on, capture methods change, and thankfully new OSs are released that don’t require timing a F6 key press at just the right moment to load drivers from a 3.5″ USB floppy drive.

Drawing on previous SCCM and VMware template customizations I was aiming for a simple standard to cover most modern Windows operating systems that can be used in vSphere 5.5.  My initial plan was to be as light touch as possible using only setupcomplete.cmd and VMware guest customization but the newer Windows operating systems were a bit averse to that approach – unresponsive start menu after deployment for example.

With that in mind I set out to standardize a minimal unattend.xml for fully updated Windows 7, Windows 8.1, Windows 10, Server 2008R2, Server 2012R2, and Server 2016 systems so they could be sealed in a vSphere 5.5 U3 environment.


  • As of 5/25/2017 the latest Windows ADK 1703  (provides Windows System Image Manager) cannot be installed if secure boot is enabled.  If Confirm-SecureBootUEFI returns true you’ll need to disable secure boot in BIOS or use previous ADK verison
  • sdelete version 2.0 kept running past 100%, using sdelete 1.61 was much quicker
  • Windows 8.1 check for updates would hang after the second round of windows updates when Windows Store icon appeared in the taskbar.  Applying the July 2016 rollup fixed the never ending “checking for updates” loop.
  • Windows 10 and Server 2016 required newer VMware tools than offered in 5.5 U3.  You can get the latest tools directly from VMware
  • Support for Windows 7 and Server 2008R2 Windows Update Store cleanup can be found here
  • The test images used DHCP for network configuration
  • Assume all commands are run from elevated command prompt

Image Capture

  1. Deploy VM
  2. Create temp account if necessary
  3. Set reg key so only manual activation is enabled
    reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Activation" -t REG_DWORD -v Manual -d 1 -f
  4. Install product key
    slmgr.vbs /ipk license
  5. Apply all updates
  6. Cleanup Windows update store
    dism /online /Cleanup-Image /StartComponentCleanup
  7. Remove local temp account
    1. Enable local Admin account
    2. Reboot
    3. Login as local admin account and remove temp account from computer management and System Properties > Advanced tab > User Profiles > highlight temp account > delete
  8. Zero out disk
    sdelete -z c:
  9. Power off VM
  10. Punch zeroes
    vmkfstools --punchzero pathtoyour/hd.vmdk
  11. Power on VM
  12. Update unattend.xml with your custom info
  13. Copy WindowsImageCapture folder and contents over to reference image
  14. Seal image by running start.bat as admin
  15. Once VM power downs disable HotPlug capability
  16. Convert VM to template