My preferred method when creating images is to build the machine in a virtual environment using a fully automated build and capture task sequence in SCCM or MDT. This makes the images consistent, repeatable and reliable which are all good, things to consider if you think ahead are the settings which can be applied, these can include the following.

  • Regional Settings
  • Installed features
  • Custom Themes
  • Firewall

To make sure the image is created with full UK English (A common requirement for me) the following is added to the unattend.txt

    InputLocale_DefaultUser=0809:00000809    ; Specifies the Inputlocal and keyboard setting for default user
    UserLocale_DefaultUser=00000809        ; Locale ID for default User
    InputLocale=0809:00000809            ; LocaleKeyboard combinations to be installed
    Language=00000809                ; Lanugage locale to be installed
    LanguageGroup=1                ; Language Group to be installed
    SystemLocale=00000809            ; System Locale to be specified
    UserLocale=00000809                ; User Locale setting

A good starting point for a corporate desktop that require no extra stuff such as games or windows media player a good starting point is this.

    AccessOpt = on                ; accessibility wizard
    Calc = on                    ; calculator
    CertSrv = off                ; certificate services compontents of the certificate server
    CertSrv_Client = off            ; web client components of the certificate server
    CertSrv_Server = off            ; server components of the certificate server
    CharMap = off                ; enables insertion of symbols and characters into documents
    Chat = off                    ; chat client
    Clipbook = on                ; clipboard viewer
    Complusnetwork = off            ; COM+ network access
    DeskPaper = off                ; desktop wallpaper
    Dialer = off                    ; phone dialer
    Dtcnetwork = off                ; DTC network access
    Fax = off                    ; Fax components
    fp_extensions = off                ; Front Pager Extensions
    fp_vdir_deploy = off            ; Visual Interdev RAD remote deployment   
    freecell = off                ; freecell game
    hearts = off                ; hearts game
    hypertrm = on                ; hyperterm
    IEAccess = on                ; installs visible entry points (shortcuts) for IE
    IEHardenAdmin = off                ; harden IE for administrators, power users
    IEHardenUser = off                ; harden IE for users
    Iis_Common = off                ; common set of files needed by internet information services
    Iis_Ftp = off                ; ftp service
    Iis_Htmla = off                ; html based administration tools for iis
    Iis_Inetmgr = off                ; microsoft management console based administration tools for iis
    iis_nntp = off                ; NNTP server.
    iis_nntp_docs = off                ; NNTP server docs.
    iis_pwmgr = off                ; personal web manager, valid only for w2k professional
    iis_smtp = off                ; SMTP server.
    iis_smtp_docs = off                ; SMTP server docs.
    iis_www = off                ; www service
    iis_www_vdir_printers = off            ; Web printing components
    iis_www_vdir_terminalService = off        ; Installs terminal Services Active X control into the virtual directory
    IisDbg = on                    ; script debugger
    indexsrv_system = off            ; indexing services, requires iis_common, iis_inetmgr, iis_www and com = on
    inetprint = off                ; internet printing, requires iis_common, iis_inetmgr, and iis_www
    LicenseServer = off                ; Disable Terminal Services licensing.
    media_clips = off                ; Sample Sounds
    Media_Utopia = off                ; utopia sound scheme
    minesweeper = off                ; game
    mousepoint = off                ; mouse pointers
    Mplay = off                    ; Windows media player
    msmq_ADIntegrated = off            ; Integrates MSMQ into AD
    msmq_Core = off                ; MSMQ core components
    msmq_HTTPSupport = off            ; Enables MSMQ to use HTTP
    msmq_LocalStorage = off            ; Allows messages to be stored locally
    msmq_MQDSService = off            ; Provides AD and site recognition
    msmq_RoutingSupport = off            ; Provides MSMQ routing
    msmq_TriggerService = off            ; associates message arrival with com objects
    msnexplr = off                ; Installs MSN Explorer
    MsWordPad = on                ; Word Pad
    NetCis = off                ; microsoft com internet services, requires iis_common, iis_inetmgr, iis_www and com = on
    NetOc = on                    ; additional optional networking components, requires [NetOptionalComponents] section
    ObjectPkg = off                ; object packager
    OEAccess = off                ; hide Outlook Express icons
    Paint = on                    ; MS Paint
    pinball = off                ; game
    rec = on                    ; sound recorder
    reminst = off                ; remote installation services
    rootautoupdate = on                ; OCM update root certificates
    RStorage = off                ; remote storage services enable the use of tape libraries as extensions of ntfs volumes
    solitaire = off                ; Solitaire game
    spider = off                ; spider game
    Templates = on                ; document templates
    TerminalServer = off            ; Installs Terminal Services on SERVERs only
    TsClients = off                ; if TsEnable = On then tsClient files for creating client disks, appx 10MB
    TsWebClient = off                ; Installs the ActiveX component for terminal services. requires IIS
    vol = on                    ; volume control
    wmaccess = off                ; show Windows Messenger shortcuts
    wmPOCM = off                ; show Windows Media Player shortcuts
    Wms = off                    ; windows media technologies components
    Wms_Admin_asp = off                ; windows media technologies server administration tools web components
    wms_admin_mmc=off                ; Windows Media MMC snap in
    Wms_Server = off                ; windows media technologies server, requires Wms_Admin
    zonegames = off                ; Installs MS Game Zone internet games


When the default theme is out of favour some like the Classic Theme, however other themes can be created and copied in the task sequence. Make sure that any spaces are wrapped in quotes (speaking from experience here) as this will make the unattend.txt corrupt/unusable.

    DefaultStartPanelOff = yes            ; No = use XP start panel, Yes= Use classic windows with icons on desktop
    DefaultThemesOff = yes            ; No means use XP Themes Yes means us Windows Classic themes
    CustomDefaultThemeFile="c:windowsResourcesThemesWindows Classic.theme"


Although I would never advocate turning of the Windows Firewall if you wish to do this then it can also be added to the unattend.txt

Profiles = WindowsFirewall.TurnOffFirewall
Mode = 0

John Riseam

System Center Consultant

Risual Ltd