Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Base Image Script Framework (BIS-F) 7 1912


Published on

deep look into the upcoming new Release of the Base Image Script Framework (BIS-F) Version 7 1912.
BIS-F is more than a unique sealing tool, it’s personalize your Image for any non-persistent environment, like Citrix MCS/PVS, VMware Horizon View, Microsoft WVD, Nutanix Frame or any other cloud Deployment using vendor best practices way.

In 2014 I have released the first official Version of the Base Image Script Framework (BIS-F), since this time I have spent many hours and sleepless nights to adopt new features and enhancements to each new release. Come and learn the new functionalities from the new 1912 Release with around 40 more features, enhancements and bugfixes, how it works and how you can use it in your environment. This great community tool is using since years from customers and experts around the globe and have more than 10k downloads. It’s easy to use and an absolute now-brainer.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Base Image Script Framework (BIS-F) 7 1912

  1. 1. Base Image Script Framework | BIS-F Master Image Sealing and Personalization using Vendor Best Practices Digging into upcoming Release 7 1912 - Matthias Schlimm - 08. November 2019 BIS-F 7 1912 Bugs Bunny Release - Welcome E2EVC Lisbon - @MatthiasSchlimm
  2. 2. Base Image Script Framework | BIS-F Unique Community Tool • Environment Independent • 100 % Powershell driven • Combine Vendor Best Practices in a single Tool • Cloud Ready Image Sealing • Run several automated steps for a generic image Personalization • Make the Image unique against to the backend servers
  3. 3. What happens until today • BIS-F is a free community tool • more than 12.000 Downloads • 300 Community Members grab a BIS-F Laptop Sticker here
  4. 4. Changes on the Market • Vendors releases their own Virtual Desktop Solution • Microsoft Windows Virtual Desktop (WVD) • Nutanix XiFrame • Improvements for existing Solutions like Citrix Virtual Apps & Desktops, VMWare Horizon • Native and Hybrid Cloud Deployments
  5. 5. • Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, 2019 • Windows 7, 8, 8.1, 10 • Delete WSUS Client-ID • Delete WSUS SoftwareDistribution folder • Reset Performance Counters • Delete temp files with CCleaner (3rd Party CCleaner) • Delete local profiles that are not required (3rd Party DelProf2) • Delete Windows event logs • Reclaim storage space on PVS WriteCache Disk (3rd Party SDelete) • Rearm Operating System once • Rearm Microsoft Office (2010, 2013, 2016, 2019) once Integrated Optimizations – Current Release 6.1.3 • Delete DHCP Client information in registry • Defrag system disk • Delete AllUsers StartMenu • Disable IPv6 (3rd Party nvpsbind) • Add delay between time sync and GPO processi • Disable unneeded scheduled tasks • Pending Reboot detection • Grace Period Fix for RDS • .NET Optimizations • Delete Ghost devices • Detect UEFI or legacy boot • BIS-F logfie retention configured via ADMX Microsoft Microsoft
  6. 6. Integrated Optimizations – Current Release 6.1.3 Security Electronic Software Deployment (ESD) • Symantec Endpoint Protection (3rd party vietool) • Trend Micro • McAfee VirusScan Enterprise • Microsoft EndPoint Security Client • Kaspersky AntiVirus • Sophos AntiVirus • Microsoft Defender • F-Secure • Microsoft SCCM Agent • Novell ZCM Agent • Altiris Deployment Agent • Matrix42 Agent • Ivanti Heat DSM
  7. 7. Integrated Optimizations – Current Release 6.1.3 Application Virtualization Monitoring • FSLogix • Microsoft App-V Client • Ivanti AppSense • Ivanti / RES Automation Agent • Ivanti / RES ONE Automation Console • Ivanti / RES ONE Automation • Ivanti / RES ONE Service Store Client Service • • Microsoft System Center Operations Manager Agent • Splunk Universal Forwarder • uberAgent VMware • VMware Horizon View detection • VMware OS Optimization Tool (vmOSOT) • ADMX: Installation path and custom Template can changed in ADMX
  8. 8. • Citrix XenApp 6.x (IMA) • Citrix Virtual Apps & Desktops 7.x (FMA) • Citrix Machine Creation Service (MCS) 7.x • Citrix Provisioning Server Target Device Driver (PVS) 5.6 – 7.x • Convert direct attached vDisk • Convert to UNC-Path • Offline Defrag, mount vDisk from UNC-Path • Select ImagingWizard or P2PVS in ADMX • Select vDisk Type VHD or VHDX in ADMX • Format automatically the Citrix WriteCache Disk once • Personal vDisk (PvD) Inventory Update - *deprecated feature • Windows 7, 8.x, 10 only Integrated Optimizations – Current Release 6.1.3 • Fix for MSMQ Service (required for Session Recording) • Reset Citrix Application Streaming offline database • Delete Citrix Streaming Cache (RadeCache) • Delete Citrix Profile Management cache • Delete Citrix EdgeSight client data • Citrix Environment Management Agent (WEM) configure Cache • Citrix Optimizer • Delay Citrix Desktop Service • Citrix AppLayering Support • Detect different Layers (OS-Layer / Platform & Application Layer) • Detect if Image is running outside ELM • Windows Update Service running in OS-Layer only Citrix Citrix
  9. 9. Image Sealing (Preparation Phase) Order: 1. global BIS-F initialization 2. Custom scripts 3. All *PrepBISF* scripts
  10. 10. Image Sealing (Preparation Phase)
  11. 11. Computer Startup (Personalization Phase) Order: 1. global BIS-F initialization 2. All *PersBISF* scripts 3. Custom Scripts During computer startup the personalization scripts are executed (triggerd from scheduled Task) • Make the AV Client unique • Run sDelete on PVS WriteCacheDisk (Shared Mode only) • Starting WSUS Service if Image is in private Mode or OS-Layer only • Recreate WEM Cache • Format PVS WriteCacheDisk once • Activate Office against KMS-Server • Copy the FsLogix rules from the central share to the Image
  12. 12. Enhancements in BIS-F 7 1912Platform • Microsoft WVD • Nutanix Xi Frame • Parallels RAS • Hypervisor detection or Bare Metal Microsoft • LAPS Support • FSLogix Optimization • Configure PageFile • SysPrep Commandline Options • POSH Transcript • SCCM/MDT Logfile Redirection • Defrag optimizations Security • Anti-Virus Scan Options • Add Tanium Support • Cylance PROTECT • McAfee Move Summary over 80 GitHub Issues BIS-F 7 1912 Bugs Bunny Release
  13. 13. Enhancements in BIS-F 7 1912CitrixPartI • Citrix MCSIO Support • Citrix VDA SSL Support • Citrix PVS Hydration • Citrix PVS Target without persistent Drive • Citrix AppLayering DynConfig CitrixPartII • Citrix WEM Agent Optimizations • Citrix Broker Service additional Delay • Citrix Optimizer Handling • Citrix VDA -> NVIDIA GRID and INTEL Graphics Support 3rdParty • Ivanti RES One Automation Sealing • uberAgent Optimization • sDelete 64 bit Support • CCleaner 64 bit Support Summary over 80 GitHub Issues BIS-F 7 1912 Bugs Bunny Release
  14. 14. Deprecated Features • All Messageboxes are removed. Default values are described in the ADMX and BIS-F Documentation on • VerySilent Option from the BIS-F ADMX is removed • Cortana Service is no longer disabled during sealing • PVS Target Device optimizer is not triggered anymore • Scheduled Tasks are no longer disabled • de-DE adml file is removed, distribute en-US only
  15. 15. Citrix MCSIO with Persistent Drive • Citrix VDA 1903 or higher required • Returns Global BIS-F Variable $MSCIO = $true / $false • Number of Partitions (2-5) • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Citrix > Configure Citrix MCS
  16. 16. Citrix VDA SSL • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Citrix > Configure SSL for Citrix VDA Key Value remark SSL Version TLS_1.1 / TLS_1.2 / TLS_1.3 / TLS 3.0 SSL Cipher Suite ALL /COM / GOV
  17. 17. Citrix VDA SSL • Deep logging and Console output during personalization
  18. 18. Citrix PVS Hydration • Pre-Caching of files during Computer Startup • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Citrix > Hydrate Files on PVS Server
  19. 19. Citrix PVS Target Device • Write Cache Drive letter (NONE, A-Z) • Skip PVS Master Image Creation • Number of Partitions (2-5) • Disable Redirection • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Citrix > Configure Citrix PVS Target Device
  20. 20. BIS-F Shared Configuration • SCCM / MDT Deployment • Citrix AppLayering • Cloud Deployments • portable Configurationset for different Environments • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Global > Shared Configuration • GPO Default setting: Installationfolder Version Export File Extension remark 6.1.x XML 7.1912.x JSON Backward compatibility with existing XML Files
  21. 21. Citrix AppLayering DynConfig • Different Shared Configurations based on AppLayering Layer • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Citrix > Configure Citrix AppLayering
  22. 22. Citrix AppLayering DynConfig Filename BISFSharedConfig.json Central Reference File, stores the path for each Layer configuration file. BISFconfig_AppLay_OS.json The BIS-F registry settings for each layer BISFconfig_AppLay_Plt.json BISFconfig_AppLay_AppPlt.json BISFconfig_AppLay_NoELM.json > cd "C:Program Files (x86)Base Image Script Framework (BIS-F)Framework” > PrepBISF_Start.ps1 -ExportSharedConfiguration
  23. 23. Citrix AppLayering DynConfig > cd "C:Program Files (x86)Base Image Script Framework (BIS-F)Framework” > PrepBISF_Start.ps1 -ExportSharedConfiguration • If AppLayering Layer can‘t detected during execution , automatic Fallback to OS-Layer
  24. 24. Citrix AppLayering DynConfig AppLayering RunMode and the combination of the BIS-F DiskMode detect each Layer different Layer AppLayering RunMode: (Published image, all normal filtering takes place) AppLayering RunMode: (not used) AppLayering RunMode: (Editing the OS Layer, no filtering takes place) AppLayering RunMode: (Editing any app or platform layer) 1 2 3 4 OS Layer $DiskMode = UnmanagedAppLayering Platform-Layer $DiskMode = VDAPrivateAppLayering Application-Layer $DiskMode = UnmanagedAppLayering Outside ELM $DiskMode = ReadWriteAppLayering
  25. 25. System Optimizations Citrix Optimizer VMware OS Optimization Tool Custom Scripts Using Citrix Optimizer with TemplatePrefix Using Citrix Optimizer with Multiple Templates
  26. 26. Personalization • Active State Override • GPO Computer Configuration > Base Image Script Framework (BIS-F) > Global> Configure Personalization Value remark Do not change and wait (default) Wait until the personalization is finished or the MaxExecutionTime is reached to run the sealing process (preparation phase) Change and continue Does not wait for the end of the personalization phase and immediately starts the sealing process (preparation phase).
  27. 27. Logging & Troubleshooting • All steps in a single log • Powershell Transcript can be enabled in ADMX • Grab external logcontent and include it into BIS-F log, like: • Troubleshooting & Test single script ->
  28. 28. BETA is Released Today Bugs Bunny Release Let us play the Bugs Bunny Rules…
  29. 29. BIS-F Asterix Release - 2020 • [ENH120] Symantec SyLink Drop Feature • [ENH135] Windows Server – Modern Apps per User Firewall Rules • [ENH81] Signed Scripts with different Installer • [ENH26] Sophos Endpoint Protection • [ENH120] Solarwinds Central • [ENH119] Symantec DataCenter Security Server Agent (DCSSA) • [ENH147] Update of Symantec Patterns • [HF22] Endless Reboot with VMware Paravirtual SCSI Disk • [ENH…] additional time to start the Personalization • [ENH…] Pre-Check of Components before Preparation is starting
  30. 30. Thank You very much !! Contact details Matthias Schlimm @MatthiasSchlimm "