ASK MDT Guy! Building Images in a VM?

Today I got a pretty good question from Matt:

Just a quick question regarding images. I currently build my images using a physical machine which has been fine up until now. When I image, I go from the main desktop I’m collecting an image from to deploymentshare$\scripts\BDD_AutoRun then choose a “Capture” task sequence. During this, the image is Sysprepped but you can only sysprep 3 times as the “Windows rearm count” depletes. With this, my question is – How do you get around the windows rearm count/sysprep and (If I remember correctly) you use a virtual machine – which vm host do you use? Is there a better way I can be doing this? The only time I update my image is when I need to put more “windows updates” onto it.

Thanks for writing! First thing’s first: Stop building images on physical hardware! I know, I know, It’s the tried and true old-school method, but as you are seeing: it’s not cutting it anymore. I also have seen that Michael Nystrom has discussed how he won’t help anybody who still does this. This methodology may have worked okay in the past, but today its largely regarded as deprecated, and using a VM is simply best practice. I know there’s a task sequence labeled Sysprep and capture, but it’s highly unreliable, don’t use it. The two key advantages to this is that you can pretty much fully automate the build (removing human error) and since its built in a VM, you can get the image to run on laptops, desktops, tablets, you name it. MDT can inject drivers for you. This allows you to build a new image once a month, or once a quarter, or once every six months, whatever works best for you.

I use Hyper-V because its free with any copy of Win8.1 Pro or Enterprise. Use DISM to install Hyper-V from a PowerShell console. If you’re not on 8.1 Pro or better, get a copy of VMWare player or VirtualBox.

Finally, I use a separate deployment share that’s optimized to fully automate an image build. This way I have one share for building, and another for deploying. I have this share run a standard client task sequence install IE, Office, DotNet Framework, Visual C++ Runtimes and then it patches OS and all the MS stuff I’ve laid down. When it’s all done I have it simply capture after resuming the task sequence (use the ltisuspend.wsf trick) and then I import this image into my production share.