Ok, so this is the first time I've created a Blog so forgive the poor format !! After spending a huge amount of time trawling the Internet trying to find out how on earth you slipstream security updates into Windows 2008 I decided to save everyone else the same pain by putting my findings into a blog. I hope you find it useful !
If like myself you spend a lot of time deploying servers or workstations using unattended or scripted builds then you've no doubt come across the need to slipstream security updates straight into the OS installs, with Windows 2003/XP this was easy, with 2008/Vista onwards not so.......or so I thought ! Initial digging turns up lot's of 'not supported' or 'not possible' responses, many from Microsoft sites/forums, there are some 3rd party tools that can help (such a vLite or RT Server Customizer), however Microsoft have a tool to do just this (incidentally all the 3rd party tools rely on it). That tool is WAIK (Windows Automated Installation Kit), or more specifically a command line tool called dism.exe (Deployment Image Servicing and Management).
If you follow the steps below you'll be slipstreaming your updates, drivers and applications in no time !
1. First of all go to Microsoft.com and download the latest version of WAIK, the installation is nice and simple. You'll need to install the software on Windows 7 or 2008 (I've only tested on these)
2. Next make sure you've got your installation media to hand, and launch a command prompt, be sure to run as Administrator otherwise later steps will fail
3. Change directory to 'C:\Program Files\Windows AIK\Tools\Servicing', here lies dism.exe the answer to your problems !
4. The first step of slipstreaming is to mount the WIM file we wish to update, to do this run the following command :
dism.exe /mount-wim /wimfile:path_to_wim_file_here /index:index_of_install_to_update_in_wim /mountdir:directory_to_mount_wim_in
So to mount the Windows 2008 R2 WIM in C:\Installs to the mount point C:\Mount and update the Windows 2008 R2 Enterprise (Full Install) I'd run :
dism.exe /mount-wim /wimfule:C:\Installs\Sources\Install.wim /index:3 /mountdir:C:\Mount
Note : You can use a tool like imagex (also in WAIK) to get the correct Index number.
If you then browse to C:\Mount you will see the mounted image, easy !
5. Ok next make sure you have all you MSU files downloaded and stashed in a folder, I find the Windows Update Catalog a handy to grab these in one place (see http://catalog.update.microsoft.com/v7/site/Home.aspx), in this example we'll store them all in C:\Patches
6. Now we use dism.exe again, this time to add each package, so for example to add a package called patch.msu (I'm cheating and using a poor example name, sorry !) to our mount point we'd run :
dism.exe /image:C:\mount /add-package /packagepath:C:\Patches\patch.msu
Now the downside to this is you have to run this for each MSU or other files you have to slipstream, but fear not, it is easy to put together a script to do them all in one go. If you find this useful and would like to see a sample script let me know and I'll happily post one !
Of course, as always with Computers all may not be smooth sailing, in my case every time I tried the above I got a wierd and wonderful error. After much digging I discovered my problem, it was a driver file called wimfltr.sys, how did I fix it, simple rename to wimfltr.sys.old and reboot. I believe this is an older driver that has since been superseded.
7. So now we've slipstreamed all our updates, what now ? Simple, all we need to do is unmount the WIM and install our OS, unmounting is easy, in our example we'd just run :
dism.exe /unmount-wim /mountdir:C:\mount /commit
And there it is ! Three simple commands is all it took in the end, it also has the benefits of being a lot quicker than the 3rd party tools which seem very sluggish. The tool also allows for installing drivers, changing unattend settings, installing roles/features and plenty more.
I really hope this proves helpful, please do feedback if you found it useful ! As I said before, if you need help with the scripting then let me know and I'll happily post a sample script. If feedback is encouraging then I may dare to write further blogs with some of my other findings after hours of painstaking web searches :)
