Image Building Checklist

Image Building Checklist

With the recent release of Windows 10 Anniversary addition, I was tasked with creating a new desktop image to deployed on any newly-purchased computers. While this is a fairly straightforward task, I know that I always forget to include something in the image. It’s generally something trivial, but it’s annoying. It requires that you I back and make the change in the VM, re-capture the image, and then deploy again. Ultimately, I’m lazy, meaning those steps never actually happen and I just make do until it comes time to build another new image.

With this latest image, I wanted to make absolutely certain that I wouldn’t forget even the smallest of details. Searching through Google for a “Image Building Checklist” came up empty, so I decided to create my own. Granted, everyone’s environment is different, but for a SMB (like I work for), this list should be somewhat comprehensive.

  • Manage Optional Features (uninstall handwriting, etc)
    * Settings > System > Apps & Features > Manage Optional Features
  • Disable Windows Store
    * Gpedit.msc
    * Computer Config > Windows Settings > Security Settings > Software Restriction Policies
    * Right-click and select “New”
    * Additional Rules > Right-click “New Path Rule”
    * %programfiles%WindowsAppsMicrosoft.WindowsStore*
  • Set time & timezone
  • Modify Start Menu
    * powershell
    * Export-StartLayout -Path ‘C:usersAll UsersDesktopcustomlayout.xml’ -verbose
    * Import-StartLayout -LayoutPath ‘C:usersAll UsersDesktopcustomlayout.xml’-MountPath c: -verbose
    * del ‘C:usersAll UsersDesktopcustomlayout.xml’ -verbose
  • Turn on system restore
  • Open file explorer to ‘This PC’
  • Install .NET Framework 3.5
    * Mount Windows 10 Disc
    * Dism /online /enable-feature /featurename:NetFx3 /All /Source:D:sourcessxs /LimitAccess
  • Enable Remote Desktop
  • Be sure to move the new computers to correct OU.
  • Remove SkyDrive (OneDrive) from Office (if installed).
  • Run Windows 10 Decrapify script
  • Install Software
    * Java
    * Anti-Virus/Anti-Malware (I like Sophos and Malware Bytes)
    * Chrome
    * 7-Zip
    * CutePDF
    * Adobe Photoshop, Lightroom, etc.
    * Microsoft Office
    * VMWare Fusion
    * etc.
  • Have all members of the IT department log in (to create profiles — saving time on profile generation)
  • Create default users desktop (Add ‘This PC’ icon, Internet Explorer, other custom adjustments)
  • Remove Microsoft Edge from Taskbar
  • Set default file associations
    * Export before Sysprep

      * dism /online /Export-DefaultAppAssociations:C:associations.xml

    * Import after Sysprep

      * dism /online /Import-DefaultAppAssociations:C:assocations.xml
  • Add/Remove features (remove Media Player, enable SMTP, etc.)
  • Disable Local Administrator account (Disabled by default, but double-check anyway)
  • Set up proper User & Admin Groups (GPOs may already do this)

Leave a Reply

Your email address will not be published. Required fields are marked *