![Coming soon 7.1912.6
[HF 285] – Azure Active Directory Hybrid Join / Leave
[HF 288] - ngen executes extremely long -> ADMX Update to specify .NET Settings
[HF 280] - Log Message for "pending reboot error"
[HF 284] - MPCmdRun Process monitor with the current user only, exclude other accounts
[HF 289] - terminate ccmexec process before stopping the service
https://github.com/EUCweb/BIS-F/issues](https://image.slidesharecdn.com/2020microsoftcommunity-bisf11122020-201211122539/85/Seal-Personalize-and-Automate-your-WVD-Images-using-a-validated-vendor-best-practices-way-24-320.jpg)
Seal, Personalize and Automate your WVD Images using a validated vendor best practices way
- 1. Microsoft meets Community: Windows Virtual Desktop Seal , personalize and automate your WVD Images using a validated vendor best practices way Matthias Schlimm Managing Consultant at Login Consultants Germany Twitter: @MatthiasSchlimm 3rd edition
- 2. Base Image Script Framework | BIS-F Unique Community Tool • Environment independent • 100 % Powershell driven • Combine Vendor Best Practices in a single Tool • Cloud Ready Image Sealing • Run several automated steps for a generic image Personalization • Make the Image unique against to the backend servers
- 3. What happens until today • BIS-F is a free community tool • more than 23.000 Downloads (est. 11.000 in the last year) • 350 Community Members
- 5. Image Sealing (Preparation Phase) Order: 1. global BIS-F initialization 2. Custom scripts 3. All *PrepBISF* scripts
- 6. Computer Startup (Personalization Phase) Order: 1. global BIS-F initialization 2. All *PersBISF* scripts 3. Custom Scripts During computer startup the personalization scripts are executed (triggerd from scheduled Task) • Format persistent disk (Citrix MCS) • Make the AV Client unique • SCCM / SCOM Agent personlization • Copy the FSLogix rules from the central share to the Image
- 7. Image Sealing (Preparation Phase)
- 8. Enhancements in BIS-F 7 1912Microsoft • LAPS Support • FSLogix Optimization • Configure PageFile • SysPrep Commandline Options • POSH Transcript • SCCM/MDT Logfile Redirection • Defrag optimizations 3rdParty • Ivanti RES One Automation Sealing • uberAgent Optimization • sDelete 64 bit Support • CCleaner 64 bit Support Security • Anti-Virus Scan Options • Add Tanium Support • Cylance PROTECT • McAfee Move • TrendMicro Apex One BIS-F 7 1912 Bugs Bunny Release
- 9. • Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019 • Windows 7, 8, 8.1, 10 • Delete WSUS Client-ID • Delete WSUS SoftwareDistribution folder • Reset Performance Counters • Delete temp files with CCleaner (3rd Party CCleaner) • Delete local profiles that are not required (3rd Party DelProf2) • Delete Windows event logs • Reclaim storage space (3rd Party SDelete) • Rearm Operating System once • Rearm Microsoft Office (2010, 2013, 2016, 2019) once Integrated Optimizations • Delete DHCP Client information in registry • Defrag system disk • Delete AllUsers StartMenu • Disable IPv6 (3rd Party nvpsbind) • Add delay between time sync and GPO processing • Pending Reboot detection • Grace Period Fix for RDS • .NET Optimizations • Delete Ghost devices • Detect UEFI or legacy boot • BIS-F logfie retention configured via ADMX Microsoft Microsoft
- 10. Integrated Optimizations Security Electronic Software Deployment (ESD) • Symantec Endpoint Protection (3rd party vietool) • Trend Micro • McAfee VirusScan Enterprise • Microsoft EndPoint Security Client • Kaspersky AntiVirus • Sophos AntiVirus • Microsoft Defender • F-Secure • Microsoft SCCM Agent • Novell ZCM Agent • Altiris Deployment Agent • Matrix42 Agent • Ivanti Heat DSM
- 11. • Citrix XenApp 6.x (IMA) • Citrix Virtual Apps & Desktops 7.x (FMA) • Citrix Machine Creation Service (MCS) 7.x • Citrix Provisioning Server Target Device Driver (PVS) 5.6 – 7.x • Convert direct attached vDisk • Convert to UNC-Path • Offline Defrag, mount vDisk from UNC-Path • Select ImagingWizard or P2PVS in ADMX • Select vDisk Type VHD or VHDX in ADMX • Format automatically the Citrix WriteCache Disk once • Personal vDisk (PvD) Inventory Update - *deprecated feature • Windows 7, 8.x, 10 only Integrated Optimizations • Fix for MSMQ Service (required for Session Recording) • Delete Citrix Profile Management cache • Citrix Environment Management Agent (WEM) configure Cache • Citrix Optimizer • Delay Citrix Desktop Service • Citrix AppLayering Support • Detect different Layers (OS-Layer / Platform & Application Layer) • Detect if Image is running outside ELM • Windows Update Service running in OS-Layer only Citrix Citrix
- 12. Integrated Optimizations Application Virtualization Monitoring • FSLogix • Microsoft App-V Client • Ivanti AppSense • Ivanti / RES Automation Agent • Ivanti / RES ONE Automation Console • Ivanti / RES ONE Automation • Ivanti / RES ONE Service Store Client Service • Turbo.net • Microsoft System Center Operations Manager Agent • Splunk Universal Forwarder • uberAgent
- 13. Deprecated Features • All Messageboxes are removed. Default values are described in the ADMX and BIS-F Documentation on https://eucweb.com • VerySilent Option from the BIS-F ADMX is removed • Cortana Service is no longer disabled during sealing • Scheduled Tasks are no longer disabled • de-DE adml file is removed, distribute en-US only
- 15. BIS-F Shared Configuration • SCCM / MDT Deployment • Cloud Deployments • portable Configurationset for different Environments • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Global > Shared Configuration • GPO Default setting: Installationfolder Version Export File Extension remark 6.1.x XML 7.1912.x JSON Backward compatibility with existing XML Files
- 17. System Optimizations Citrix Optimizer VMware OS Optimization Tool Custom Scripts
- 18. BIS-F with Citrix Optimizer Using Citrix Optimizer with TemplatePrefix https://eucweb.com/kba/1208191514 Using Citrix Optimizer with Multiple Templates https://eucweb.com/kba/0107190500
- 19. Personalization • Active State Override • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Global> Configure Personalization Value remark Do not change and wait (default) Wait until the personalization is finished or the MaxExecutionTime is reached to run the sealing process (preparation phase) Change and continue Does not wait for the end of the personalization phase and immediately starts the sealing process (preparation phase).
- 20. BIS-F and Microsoft FSLogix integration Configured through ADMX Purge FSLogix rules, during Master Image preparation Copy FSLogix rules (*.frx) ,assignments (*.fxa) and URL Rulesets (*.xml) from the central share during Device Personalization on System Startup
- 21. Logging & Troubleshooting • All steps in a single log • Powershell Transcript can be enabled in BIS-F ADMX • Grab external logcontent and include it into BIS-F log • Troubleshooting & Test single script -> https://eucweb.com/kba/27190824
- 23. Grab your BIS-F copy https://eucweb.com/download-bis-f Bugs Bunny Release Current version 7.1912.5
- 24. Coming soon 7.1912.6 [HF 285] – Azure Active Directory Hybrid Join / Leave [HF 288] - ngen executes extremely long -> ADMX Update to specify .NET Settings [HF 280] - Log Message for "pending reboot error" [HF 284] - MPCmdRun Process monitor with the current user only, exclude other accounts [HF 289] - terminate ccmexec process before stopping the service https://github.com/EUCweb/BIS-F/issues
- 25. BIS-F Asterix Release • Rollback functionality • E-Mail reporting • Restart Function • GPO Settings for all BIS-F own Optimizations • Configure AutoLogon • Pre-Scan of Environment before starting Image Sealing • ..and much more https://github.com/EUCweb/BIS-F/projects/6 Postponed to 21H1
- 26. BIS-F saves you a lot of time
- 27. Thank You very much !! Contact details Matthias Schlimm @MatthiasSchlimm info@eucweb.com https://eucweb.com "