Prepare the OS for layering
You can prepare your operating system for layering at any time, even if the App Layering software has not yet been installed. It is important that you meet all requirements so that the OS layer works correctly in your environment.
Once you have met the requirements and have familiarized yourself with the guidelines for what to include in the OS layer, use the instructions for preparing the OS in your hypervisor environment. If you later expand support to another hypervisor, you can reuse this OS layer by installing the tools for the second hypervisor on the Platform layer that you create for that second environment.
Requirements and recommendations
When preparing an OS image, meet the following requirements and consider the related recommendations.
- One OS layer (recommended): Ideally, you can create one, generic OS layer and reuse it in all of the layered images you publish. This keeps layer maintainence to a minimum, because App and Platform layers only work with the OS layer used to create them. If you need to support both a desktop and a server OS, you must create an OS layer for each one, along with a set of Platform and App layers for each.
- Fresh OS image: Start with a fresh image of a supported Windows OS from your hypervisor. This ensures that the image is optimized for your environment.
- IP address from DHCP: Make sure that the OS image is not in a domain. Ensure that the image gets its IP address from DHCP. Otherwise, you cannot install the App Layering OS Machine Tools. Domain join can be done in the platform layer.
- Virtual machine is MBR-partitioned: Ensure that the virtual machine for your OS layer is master boot record (MBR) partitioned, rather than GUID partition table (GPT) partitioned. For Hyper-V, the virtual machine must be Gen 1. Once the initial OS layer is created, it can be converted to Gen2 by adding a revision.
- App Layering OS Machine Tools: Locate the OS Machine Tools in the App Layering installation package.
- Optimization script for MS Office: If you are going to run MS Office, you must use the optimization script included in the installation package.
Citrix Hypervisor, MS Hyper-V, or VMware vSphere
In the rare case that you need to run Windows Mini Setup, you can edit the unattend.hta file we supply for your needs.
Answer file for unattended installation (optional): The answer file is included in the App Layering download.
Avoid using third-party scripts, because they can change services and features that the App Layering service uses, for example, Universal Plug and Play and the 8.3 file names setting.
What to include in the OS layer
Include the following software and settings in the OS layer:
- Hypervisor tools: You must include your hypervisor tools in the OS layer. You can upgrade the tools by adding a new version to the layer.
- Legacy NIC for Citrix Provisioning for Hyper-V: Include a legacy NIC, if you are using Citrix Provisioning for Hyper-V.
- .NET Framework v4.0 or later (Windows 7 only): Include .NET Framework v4.0 or later so that you only must run Windows updates on the OS layer.
- .NET Framework 3.5 (Windows 10, Windows Server 2016 only): Include .NET Framework v3.5 if you are creating a Microsoft Office App layer on Windows 10 or Windows Server 2016.
- Disable Windows updates using local GPO: Disable Windows updates on the OS layer, and do so using Local GPO rather than the Windows Update Service.
- Windows Store app removal: If you remove Windows Store apps, remove them from the OS layer, not on an App layer.
- Windows activation: Use KMS for Windows Activation. When creating your OS layer, run SetKMSVersion.exe to configure the startup scripts that activate the correct version of Windows.
- User accounts and groups: Any extra user accounts or groups must be created in the OS layer. Any domain group membership changes must be done through Group Policy.
- Checkpoints: All checkpoints that you include must be collapsed.
- Applications that create local users: Include apps that create local users to ensure that changes to local groups and local users are captured, something that is not done on Platform and App layers.
What not to include in the OS layer
Do not include the following software on the OS layer.
- Provisioning software: Software associated with your Provisioning Service must be installed on your Platform layer, not on the OS layer.
- Connection broker software: Your connection broker software must also be installed on your Platform layer, not on the OS layer.
- MS Office and other apps: Do not include MS Office or other applications on the OS layer, except for the few apps that create local users. Generally, applications should be installed on App layers.
- Avoid upgrading the hypervisor tools on the OS layer. Otherwise, you might have to recreate the Platform layer.
- Diff disk: Do not use a diff disk.
- Gen2 machines: In MS Hyper-V, do not use Gen2 machines. Once the initial OS layer is created, it can be converted to Gen2 by adding a revision.
- Domain join: Do not join the OS layer to an Active Directory domain. Instead, join the domain in the Platform layer. This allows you to use the same OS in different domains.
For detailed steps to prepare the OS, select your hypervisor: