Here’s another technical blog post. I wanted to document this here in case it helps someone else, or in case I have to do this again at another school. Here’s the scenario:
A school has purchased a rather large quantity of Windows 7 or Windows 8.1 computers via a retail channel. The school has NOT purchased eopen (site) licensing for quick and easy deployment, but wishes to upgrade all of their retail machines to Windows 10.
With Windows 7 or 8.1, the solution was relatively simple, despite being somewhat painful… You would prep one machine, sysprep it without a license key, and then image the rest of the machines using something like Fog or Clonezilla. Upon boot, you’d enter the product key, activate, and any other cleanup steps that needed to be taken. If you try to follow those same steps with a windows 10 upgrade machine, you’ll run into 2 problems.
The first problem is imaging the windows 10 install. Windows 10 install via the upgrade tool will not allow you to sysprep it. Supposidly there is a workaround out there for this, but in my experience, it’s not worth it anyway (and even if you did, you’ll run into the second issue)… The simple fix to this problem is to do a clean install of windows 10… But…
That brings us to the second problem: Windows Activation. Windows 10 upgrade activates based on some version of the hardware ID. So if you simple do a clean install of windows 10, sysprep, then image it, you’ll end up in a situation where all the machines you image will not allow you to enter any valid product key. The reason being, is the hardware hasn’t been activated yet via the special upgrade process windows has created for this.
So that leaves you wish 3 possible solutions:
- Buy the eopen site licensing (best solution if you have the money)
- Manually run the windows 10 upgrade process on every machine, activate, then image again to get your software on it. This method works, but if you have a large number of computers, it could take DAYS to manually run the upgrade process on every machine and activate it (The Windows 10 installer is slow, and it even with a perfect assembly line of machines… it’s a lot of key presses and a lot of waiting.) It gets even slower if you have pending windows updates.
- Or you can do what I’m about to mention.
It turns out, there is a way to do a clean install of Windows 10, without doing the upgrade first. It does involve getting a “GenuineTicket” for each machine first, but that is FAR faster than running the windows 10 upgrade process on every machine. Here are the workflow steps:
Part 1 – Get The Licensing
- Download the Windows 10 ISO from Microsoft and mount it in your favorite iso mounting software.
- In the ISO File, locate a file called “gatherosstate.exe”. This file is located in drive:\Windows\x64\source or drive:\Windows\x32\sources. Copy this file to a jump drive. You’ll want it on a portable, writable device to assist with doing multiple computers. This process however does work for a single machine by simply copying it someplace locally.
- On the Windows 7/8.1 Machine you wish to upgrade, insert the jump drive. Run gatherosstate.exe on the jump drive. Assuming the windows 7/8.1 machine was activated, it will create a GenuineTicket.xml on your jump drive.
- Now, assuming you have multiple computers you need to upgrade, this is where organization matters. In my case, I number all my machines, so what I did was create a folder on the jump drive with the machines number. I then dropped the GeniuneTicket.xml file I just made into that folder. You need to make sure you keep track somehow of which GeniuneTicket.xml goes with which machine. Failure to do this will make the later steps impossible.
- Repeat Step’s 3 and 4 until you have a GeniuneTicket for EVERY machine. In my case, I had 30 machines. So I ended up with 30 folders numbers 1 to 30, each with a GeniuneTicket.xml in them.
Part 2 – Build The Image
- Now, take one of the machines, and perform a clean install of Windows 10 on it.
- Install the software you need installed, just as if you were building an image for Windows 7 or Windows 8. Perform any windows updates you want in the image, etc.
- I don’t believe you NEED to activate the image for that machine prior to sysprepping, but if for some reason you do, do the part 3 steps on this machine to activate it.
- At this point, sysprep the image (for me this is normally sysprep /oobe /generalize /shutdown /unattend:unattend.xml from the c:\windows\system32\sysprep\ folder). I won’t go into this to much, as I assume if you are doing this your probably already familiar with how to sysprep an image.
- Image the machine using your favorite imaging software (I generally image to Clonezilla First, then do the same image to a Fog Machine, as USB for me test to be faster for testing).
Part 3 – Deploying The Image
- At this point, I then install the image onto the machines.
- When you get to the enter the license key system, hit “skip this step”
- Once the system is up, log in as administrator and insert the jump drive that was created in Part 1.
- Copy the GenuineTicket.xml from the folder for the machine your on, to C:\ProgramData\Microsoft\Windows\ClipSVC\GenuineTicket\. In my case, I wrote a simple batch script to do this that took in the computer number, and then copied the file. That way I didn’t have to find the folder each time, i just had to double click my script and type the computer number. The script also took care of a few other 1-time things that I needed after imaging (creating user accounts, adding icons, etc)
- Reboot the machine, and confirm the machine is now activated. If you put the wrong GeniuneTicket on the machine, it will not activate! If you put it in the wrong folder, it will not activate!
- Repeat Steps 1 to 5 until all machines are done.
The other cool thing about this setup is that once it’s done on every machine, I believe that you no longer need to do all of the steps. In theory, the next time I will need to imagine to windows 10, it will *should* behave much more like my enterprise licensing, and activate without needing me to copy the GeniuneTicket again (or even including it). My understanding is that this is because the hardware id *should* already be on file with Microsoft, so it should auto-activate. That said, I have not confirmed this yet, as I haven’t had a need to reimage any machines. As a precaution, I am keeping my GeniuneTickets for every machine so that I don’t need to do part 1 ever again. I’d do pretty much anything to never have to type a product key again.
Final Disclaimer: I’m not sure any of this is how Microsoft wants things done. In fact, I’m pretty sure it’s not. If your client/school/whatever can afford it, I’ll always encourage finding a Microsoft Rep and getting the enterprise licensing to allow you to do this without the activation headaches. KMS/AD activation is so much easier to use in a larger environment :-).
Let me know in the comments if this helped you or your organization!