I spent a long time trying to automate a dual-boot deployment of macOS and Windows 10. The reason being is that it’s very useful to only buy a single piece of hardware (Apple) and have it run Windows and macOS (and maybe Linux, too). But getting two completely different operating systems to deploy to a single piece of hardware in an automated fashion is a challenge.
This post describes how I went about creating a sysprep’d Windows image in a .pkg format, so it could be easily run on a Mac or deployed through something like JAMF.
Prepare Your Mac To Install Windows 10
- Copy a Windows 10
.isoto your Desktop
- Install Winclone Pro 5
Prepare A Windows 10 Answer File
This is a large but critical task and deserves it’s own blog post. Follow the guide until you have created an unattended answer file (skip the disk partitioning part). Copy it to a flash drive because you’ll be needing it later.
Below is a sample answer file I use (you’ll want to generate yours via Windows System Image Manager):
Prepare Some First Boot Scripts
You’ll need to create two scripts. Keep these on the flash drive as well or backed up somewhere else.
Your first script is a script that runs automatically after sysprep is done configuring the computer after your soon-to-be-Windows-10-image is deployed and must be named
net use j: \\someserver\someshare\ /user:username "my_password_in_quotes" j:\FirstBoot.bat
The first line of the script mounts a network share (where your second script will be stored), and the second line launches the script.
You could just use one script here, but doing it this way allows you to edit the FirstBoot.bat script whenever you want (which I’ll show you how to make this script next). So if you needed to make changes to the embedded
SetupComplete.cmd script, you would have to remake the entire Windows image (this will become more clear in the following sections). This just makes it a little more future proof by being able to edit the script in an offsite location.
So this script is the one that will actually start configuring Windows (deploying software, adjusting settings, etc.). And as I mentioned, you could just put all of this into the
SetupComplete.cmd script, but having a separate file is just easier and if you are in a position to need to be following this article, you probably follow this practice for other systems in your environment.
The first part of the script is crucial for security. Since the first script contains a username/password of a user that connects to the network share, we need to make sure this file gets deleted (including any cached copies).
And yes, I realize the irony of saving the password in cleartext, but in certain environments, it works to get the job done. Some day, I’d like to see a utility like Sophos’ Obfuscation Tool for use on other systems:
del /f %windir%\Setup\Scripts\SetupComplete.cmd del /f %windir%\system32\sysprep\unattended.xml del /f %windir%\system32\sysprep\Panther\unattended.xml
Next, comes the bulk of the script in which I just call a bunch of other pre-made scripts that silently install some software. Making these scripts is beyond the scope of this article, but once you have them, just put them each on a line.
call \\someserver\someshare\SomeSoftware.bat call \\someserver\someshare\AnotherSoftwareInstall.bat call "\\someserver\someshare\Some Printer.bat" [...]
Now with these two scripts in hand, you are ready to make your Windows 10 image.
Load Up Boot Camp On Your Mac
- Open Boot Camp Assistant.app
- Select your Windows 10
- Choose Install
- Wait for the install to complete and the computer to restart
Install Windows 10
- Click through the manual Windows 10 installer once the computer has restarted and booted into the Windows installer
- Choose the
BOOTCAMPpartition when prompted
- Click Use Express Settings after the computer restarts
- Click through the setup assistant (create user, choose domain, etc.)
- Install Boot Camp (the installer should auto-open when Windows logs you in)
- Restart the computer
- Log into Windows when it boots back up
Running through the BootCamp installer will add the drivers to Windows so they are available when you sysprep the image. You could always run the installer after deploying Windows, but it makes sense to just do it now.
I also usually run Apple Software Update to get any newer versions of drivers that are not included in the BootCamp installer.
Install A First Boot Script That Will Run When Windows Is Deployed To A New Machine
The default Windows image is good enough, and it’s a good practice to keep the image as clean as possible. You can configure and customize the install after it is deployed. For that reason, the only things you should do is to add the script and the answer file, then run sysprep.
- Create a new folder named
- Copy your
SetupComplete.cmdinto this new folder
As I mentioned before, this
SetupComplete.cmd runs automatically if it exists in the path specified. You don’t need to do anything special; Windows just looks for this file and runs it if it’s there.
sysprep To Generalize Your Windows 10 Installation
To make sure Windows can be deployed to a machine, it needs to be generalized, meaning anything unique to the machine it’s installed on is stripped away. Then, when you deploy the image, your answer file adds your specifications in (language, adding a domain, etc.). So it is necessary to run sysprep.
- Copy your
- Open an administrative Command Prompt
- Enter this command:
C:\Windows\System32\Sysprep\sysprep.exe /generalize/ oobe /unattend:C:\Windows\System32\Sysprep\Unattended.xml /shutdown
- Boot back into macOS after the computer shuts down
Sysprep will go through and generalize your Windows installation so it can be re-deployed to more machines and will shut down when it’s done. Make sure you boot back into macOS and not Windows, otherwise it will start configuring your computer as if it is a new machine being deployed. This is why you need to boot back to macOS and capture the image using Winclone Pro.
Capture Your sysprep’d Image With Winclone Pro
Two Canoes has a decent guide on doing this, but my steps below are specific to my experience with Windows 10 and MacBook Pro hardware.
- Make sure you are booted back into macOS
- Open Winclone Pro
- Right-click the BOOTCAMP partition
- Choose Shrink
- Highlight the newly-created Winclone image
- Click Save Image…
- Name the file
- Choose Windows 8 or later
- Right-click the Winclone image
- Choose Make Self Extracting…
- Highlight Make Package
- Click Make Package…
- Create a package identifier (typically in reverse domain notation)
- Keep the 50%/50% split, or select a different option if you think it’s better
- Click Create Package…
- Save the file
You should now have a
.pkg that can be used to deploy Windows.
I have found that you need to disable SIP for the package to deploy properly.
Deploy Windows To A Mac With Your New Package
- Run the installer
- Hold Option while restarting
- Select Windows
- Watch the magic happen as Windows deploys via
sysprepand then automatically installs all your software via your
If you want Windows to start automatically at boot, just change the Startup Disk via System Preferences.