Active Directory Lab Part II: Customize the Installer ISOs

Posted on by

Overview

This post is part of a series illustrating how to automate the process of deploying an AD Lab. This article details the process for customizing the Windows installer ISOs to automate the Windows installation. At the end of these steps, you will have four customized ISO files in your Downloads directory:

  • OZO-AD-Lab-Client.iso
  • OZO-AD-Lab-DC.iso
  • OZO-AD-Lab-Router.iso
  • OZO-AD-Lab-Server.iso

There is an in-progress project to automate these steps. Please see OZO AD Lab Customize ISOs for more details.

Assumptions

  • Windows is installed to the C drive.
  • The latest OZO AD Lab release has been downloaded and extracted to C:\ozo-ad-lab.
  • The AlmaLinux Boot ISO and Microsoft Windows evaluation edition ISOs are downloaded to C:\ozo-ad-lab\ISO and renamed as described in Prerequisites.

Customize the AlmaLinux Installer ISO

Open a WSL Debian terminal. If this is your first time opening Debian, you will be prompted for a username and password. Once you have reached the command prompt, promote yourself to the root user:

sudo su -

Install the required Debian packages:

apt-get -y install genisoimage isomd5sum rsync syslinux syslinux-common syslinux-efi syslinux-utils

Create a directory for mounting the AlmaLinux ISO:

mkdir -p ~/ozo-ad-lab/mnt

Create a directory for customizing the AlmaLinux ISO:

mkdir -p ~/ozo-ad-lab/router

Mount the AlmaLinux ISO. Note: /mnt/c refers to the Windows C drive. If your ozo-ad-lab folder is located on a different drive, substitute that letter for c in this and subsequent commands:

mount -o loop /mnt/c/ozo-ad-lab/ISO/AlmaLinux-boot.iso ~/ozo-ad-lab/mnt

Use rsync to copy the contents of the AlmaLinux ISO to the customization folder:

rsync -av ~/ozo-ad-lab/mnt/ ~/ozo-ad-lab/router/

Unmount the AlmaLinux ISO:

umount ~/ozo-ad-lab/mnt

Copy the Kickstart file from the ozo-ad-lab folder to the customization directory:

cp /mnt/c/ozo-ad-lab/Linux/ozo-ad-lab-router-ks.cfg ~/ozo-ad-lab/router/

Use the following commands to modify the grub.cfg configuration file for UEFI systems. In summary, these commands set the default menu item, set the countdown timer to zero, and add kernel boot parameters.

sed -i '0,/\}/!{0,/\}/!d}' ~/ozo-ad-lab/router/EFI/BOOT/grub.cfg
sed -i 's/set default="1"/set default="0"/' ~/ozo-ad-lab/router/EFI/BOOT/grub.cfg
sed -i 's/set timeout=60/set timeout=0/' ~/ozo-ad-lab/router/EFI/BOOT/grub.cfg
sed -i 's/.*linuxefi.*/& ip=eth0:dhcp inst.text inst.ks=cdrom:\/ozo-ad-lab-router-ks.cfg/g' ~/ozo-ad-lab/router/EFI/BOOT/grub.cfg

Use the following commands to modify the isolinux.cfg configuration file for legacy BIOS systems.

sed -i '0,/append/!d' ~/ozo-ad-lab/router/isolinux/isolinux.cfg
sed -i 's/timeout 600/timeout 0/' ~/ozo-ad-lab/router/isolinux/isolinux.cfg
sed -i 's/.*append.*/& ip=eth0:dhcp inst.text inst.ks=cdrom:\/ozo-ad-lab-router-ks.cfg/g' ~/ozo-ad-lab/router/isolinux/isolinux.cfg

Create the customized ISO:

mkisofs -o /mnt/c/ozo-ad-lab/ISO/OZO-AD-Lab-Router.iso -b isolinux/isolinux.bin -J -R -l -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -eltorito-alt-boot -e images/efiboot.img -no-emul-boot -graft-points -V AlmaLinux-9-5-x86_64-dvd ~/ozo-ad-lab/router/

[Optional] Run the following command to modify the new ISO so it can be written to a USB drive:

isohybrid --uefi /mnt/c/ozo-ad-lab/ISO/OZO-AD-Lab-Router.iso

Run the following command to implant the MD5SUM into the ISO:

implantisomd5 /mnt/c/ozo-ad-lab/ISO/OZO-AD-Lab-Router.iso

Clean up the temporary directory:

rm -rf ~/ozo-ad-lab

Exit the WSL Debian environment.

Customize the Windows Installer ISOs

Create the DC ISO

Double-click to mount the Windows Server 2022 ISO and run the following commands in an Administrator PowerShell to copy the contents to the DC folder.

Copy-Item -Recurse -Path "D:\*" -Destination "C:\ozo-ad-lab\Builds\DC\"

Eject the ISO. Then move the install WIM to the WIM folder:

Move-Item -Path "C:\ozo-ad-lab\Builds\DC\sources\install.wim" -Destination "C:\ozo-ad-lab\WIM\Windows Server 2022\"

Enumerate the editions contained in the WIM.

Get-WindowsImage -Path "C:\ozo-ad-lab\WIM\Windows Server 2022\install.wim"

Export the desired Index back to the Build folder (for example for Index 2, Windows Server 2022 Standard).

Export-WindowsImage -SourceImagePath "C:\ozo-ad-lab\WIM\Windows Server 2022\install.wim" -SourceIndex 2 -DestinationImagePath "C:\ozo-ad-lab\Builds\DC\sources\install.wim"

In C:\ozo-ad-lab\Builds\DC, modify Autounattend.xml and AD Lab\ as needed. Then create the new ISO:

& "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\Oscdimg\oscdimg.exe" -u2 -udfver102 -t -lAD-Lab-DC -bC:\ozo-ad-lab\Builds\DC\efi\microsoft\boot\efisys.bin C:\ozo-ad-lab\Builds\DC C:\ozo-ad-lab\ISO\OZO-AD-Lab-DC.iso

Create the Server ISO

Double-click to mount the Windows Server 2022 ISO and run the following commands in an Administrator PowerShell to copy the contents to the Server folder:

Copy-Item -Recurse -Path "D:\*" -Destination "C:\ozo-ad-lab\Builds\Server\"

Eject the ISO. If you have already performed the above DC steps, skip ahead to Export the desired Index… Otherwise, move the install WIM to the WIM folder:

Move-Item -Path "C:\ozo-ad-lab\Builds\Server\sources\install.wim" -Destination "C:\ozo-ad-lab\WIM\Windows Server 2022\"

Enumerate the editions contained in the WIM.

Get-WindowsImage -Path "C:\ozo-ad-lab\WIM\Windows Server 2022\install.wim"

Export the desired Index back to the Build folder (for example for Index 2, Windows Server 2022 Standard).

Export-WindowsImage -SourceImagePath "C:\ozo-ad-lab\WIM\Windows Server 2022\install.wim" -SourceIndex 2 -DestinationImagePath "C:\ozo-ad-lab\Builds\Server\sources\install.wim"

In C:\ozo-ad-lab\Builds\Server, modify Autounattend.xml and AD Lab\ as needed. Then create the new ISO:

& "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\Oscdimg\oscdimg.exe" -u2 -udfver102 -t -lAD-Lab-Server -bC:\ozo-ad-lab\Builds\Server\efi\microsoft\boot\efisys.bin C:\ozo-ad-lab\Builds\Server C:\ozo-ad-lab\ISO\OZO-AD-Lab-Server.iso

Create the Client ISO

Double-click to mount the Windows 11 Enterprise ISO and run the following commands in an Administrator PowerShell to copy the contents to the Client folder.

Copy-Item -Recurse -Path "D:\*" -Destination "C:\ozo-ad-lab\Builds\Client\"

Eject the ISO. Then move the install WIM to the WIM folder:

Move-Item -Path "C:\ozo-ad-lab\Builds\Client\sources\install.wim" -Destination "C:\ozo-ad-lab\WIM\Windows 11 Enterprise\"

Enumerate the editions contained in the WIM.

Get-WindowsImage -Path "C:\ozo-ad-lab\WIM\Windows 11 Enterprise\install.wim"

Export the desired Index back to the Build folder (for example for Index 1, Windows 11 Enterprise).

Export-WindowsImage -SourceImagePath "C:\ozo-ad-lab\WIM\Windows 11 Enterprise\install.wim" -SourceIndex 1 -DestinationImagePath "C:\ozo-ad-lab\Builds\Client\sources\install.wim"

Mount the install WIM (now explicitly using Index 1 because this exported WIM contains only one edition).

Mount-WindowsImage -ImagePath "C:\ozo-ad-lab\Builds\Client\sources\install.wim" -Index 1 -Path "C:\ozo-ad-lab\Mount"

Double-click to mount the Windows 11 Language and Optional Features ISO. Then install the RSAT tools to the WIM:

Get-WindowsCapability -Name "RSAT*" -Online -Source "D:\LanguagesAndOptionalFeatures" | Add-WindowsCapability Path "C:\ozo-ad-lab\Mount" -Source "D:\LanguagesAndOptionalFeatures"

Dismount the WIM, saving changes.

Dismount-WindowsImage -Path "C:\ozo-ad-lab\Mount"

Eject the ISO. In C:\ozo-ad-lab\Builds\Client, modify Autounattend.xml as needed. Then create the new ISO:

& "C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\Oscdimg\oscdimg.exe" -u2 -udfver102 -t -lAD-Lab-Client -bC:\ozo-ad-lab\Builds\Client\efi\microsoft\boot\efisys.bin C:\ozo-ad-lab\Builds\Client C:\ozo-ad-lab\ISO\OZO-AD-Lab-Client.iso

Copy the ISOs

Copy all AD-Lab-* ISOs from C:\ozo-ad-lab\ISO to your Downloads folder. The instructions for creating and installing VMs (in part three of this series) expect to find them in this location.

[Optional] Clean Up

If desired, you may delete the C:\ozo-ad-lab folder to free up local disk space.

Part I – Introduction

Part II – Customization

Part III – Installation

Part IV – Conclusion

Related Posts