You may have seen some advice floating about on the internet, showing you how to use Microsoft’s File Server Resource Manager (FSRM) to prevent Ransomware.
The problem with these articles is that they all involve maintaining a block list. You’ll find those block lists rarely keep up with new variants of Ransomware. So, in this article, i’m going to show you how to defeat ransomware – with a twist!
Lemons… good for lemonade. Not so good at beating Ransomware!
In this article, I’m going to demonstrate how to configure WSUS to work with MDT (or rather MDT to work with WSUS).
Now, updating the odd computer with the latest updates isn’t really an issue, even on the slowest of internet connections. But what if your trying to update tens, or hundreds of client computers during your image deployment? Every one of those clients is going to individually attempt to contact Microsoft and download necessary updates. You’ll find this quickly bottlenecks your internet feed, even on the fastest of connections.
What’s a WSUS?
No, cast that image that weedy person to one side!
Because we’re talking about Microsoft WSUS!!
The clock is ticking….
With less than two months from now, Microsoft will stop supporting Server 2003, leaving many businesses with a major security headache.
Windows Deployment, Part 9: Deploying a vanilla build of Windows 8.1
We are now going to complete our WDS setup by deploying a vanilla build of Windows 8.1.
I’ll cover capturing and deploying your Gold Master Image in a later post.
First, boot a computer with PXE. In this example, we are using a VM.
Boot the VM.
Press ENTER for network service boot (This would be F12 on a legacy machine).
Windows Deployment, Part 8: Automating our OS Deployment
Now we need to get our OS deployment as automated as possible.
First of all, right click on the Windows 8.1 Deployment Share and select properties.
Select the Rules tab
In the rules tab, you will see a small selection of commands to automate our install.
Windows Deployment, Part 7: Creating a Task Sequence
We’ll now create a task sequence, you’ll see our freshly imported operating system available.
We now need to go over to Task Sequencer.
Right click and create new task sequence.
Complete the general settings page.
It is very important you remember the Task Sequence ID. It doesn’t have to be numeric, and of course in advanced scenarios you may wish to string multiple sequences together.
Windows Deployment, Part 6: Creating a Deployment Image
Now we have successfully created our deployment share, we need to load in an operating system to deploy!
Before you continue, go ahead and mount the ISO, or insert the optical media.
Expand the deployment share you have created (in our example, Windows 8.1 deployment share). Select Operating Systems
Windows Deployment, Part 5: Configuring MDT 2013
Next, lets create a deployment share.
From the start screen, launch the Deployment Workbench.
Select Deployment Share.
Right click on Deployment Shares and select New Deployment Share
Windows Deployment, Part 4: Installing MDT
Next, we need to install MDT.
Download it from here
Run the installer, accepting the default options.
Windows Deployment, Part 3: Installing and Configuring WADK
We now need to install WADK (We’re concentrating on Windows 8.1 deployments (if you want to deploy Windows 7, you would need WAIK http://www.microsoft.com/en-us/download/details.aspx?id=5753 – WAIK cannot coexist with WADK!)
Download WADK from: http://www.microsoft.com/en-us/download/details.aspx?id=30652 It is several GB in size (16-07-2015 – link updated to Windows 8.1 Update version of the WADK).
Get WADK for Windows 10 here
Run the adksetup installer (you’ll be given the option to download the full package for use on another computer – I recommend this).
Accept the default options.