{"id":5460,"date":"2021-11-16T07:59:37","date_gmt":"2021-11-16T06:59:37","guid":{"rendered":"https:\/\/www.teal-consulting.de\/?p=5460"},"modified":"2022-02-15T09:30:22","modified_gmt":"2022-02-15T08:30:22","slug":"windows-server-deployment","status":"publish","type":"post","link":"https:\/\/www.teal-consulting.de\/en\/2021\/11\/16\/windows-server-deployment\/","title":{"rendered":"Windows Server Deployment"},"content":{"rendered":"<div class=\"wpb-content-wrapper\">[vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]Our blog post for this month covers a topic that is not directly related to information security. Nevertheless, this topic should not be underestimated and neglected. It is about the automated installation of Windows Server in the enterprise. This might sound unspectacular, but we will cover some hidden stumbling blocks in this article.<\/p>\n<p>There is a variety of tools available for the automated deployment of Windows in the enterprise addressing different scenarios:<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>Microsoft provides the <a href=\"https:\/\/docs.microsoft.com\/windows-hardware\/get-started\/adk-install\" target=\"_blank\" rel=\"noopener\">Windows Assessment and Deployment Kit<\/a> (Windows ADK). The ADK includes several tools for automating Windows installations, such as the Configuration Designer, the System Image Manager or the Windows Preinstallation Environment (WinPE).<\/li>\n<li>Tool suites such as <a href=\"https:\/\/docs.microsoft.com\/mem\/configmgr\/core\/understand\/introduction\" target=\"_blank\" rel=\"noopener\">Microsoft Endpoint Configuration Manager<\/a>, which can install Windows in an automated manner on large number of devices for end-users or servers in data centers. Endpoint Configuration Manager also leverages tools from the Windows ADK but makes them easier to use by hiding many details from the administrator and provides an infrastructure to enable deployment to thousands of endpoints without manual intervention.<\/li>\n<li>In virtualized on-premises data centers, products from virtualization vendors such as <a href=\"https:\/\/www.vmware.com\/products\/vsphere.html\" target=\"_blank\" rel=\"noopener\">VMware vSphere<\/a> or <a href=\"https:\/\/docs.microsoft.com\/system-center\/vmm\/overview?view=sc-vmm-2019\" target=\"_blank\" rel=\"noopener\">Microsoft Virtual Machine Manager<\/a> are used to create virtual machine templates that can be used to deploy large numbers of VMs.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Windows should be installed as automated as possible\u2014no matter if it is a device for an end-user or a server in the data center\u2014with few manual activities. Automation leads to less effort when installing systems and to a reduction in misconfigurations, which always occur when many manual steps are performed. In addition, automated systems can be quickly reinstalled in the event of a failure, significantly reducing potential downtime.<\/p>\n<p>Tier 0 environments following ESAE principles typically have a high level of virtualization. For this reason the third deployment option using VM templates often makes sense. We would like to limit the focus in this article to the creation of the sources and installation media. The deployment procedure being used depends on the specific deployment scenario. However, if you have any additional questions, please feel free to contact us \ud83d\ude0a.<\/p>\n<p>The basic principle is that a reference VM with Windows Server is installed, additional configurations are performed, such as enabling <a href=\"https:\/\/www.teal-consulting.de\/2021\/07\/15\/esae-deep-dive-serie-teil-11-credential-guard\/\" target=\"_blank\" rel=\"noopener\">Credential Guard<\/a>, and installing additional software such as virus scanners, monitoring and backup agents, or the <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=46899\" target=\"_blank\" rel=\"noopener\">Microsoft Local Administrator Password Solution<\/a> (LAPS). Based on this reference VM, a template is then created, which is used to install the VMs in the environment.<\/p>\n<p>The reference VM for the deployment template can be installed manually or in an automated fashion. When using a manual approach, all steps must be properly documented to be able to reproduce the steps when a new version of the template is created. With an automated installation, the initial effort is higher, but further changes are then easier and safer to implement.[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30&#8243;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h3>Automating the Windows installation<\/h3>\n[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]There are basically several ways to customize a Windows image:<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>Using online servicing, Windows is installed on a reference device. On this device, drivers, applications, and configuration adjustments are added and then the Windows installation is generalized using the Sysprep tool.<\/li>\n<li>Using offline servicing, the Windows image is copied from the installation medium and mounted in a temporary directory using the DISM tool. Changes such as additional drivers, updates, applications, and configuration changes are injected into this temporary directory and then written back to the image.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Regardless of the chosen method, the image can then be installed on any number of systems.<\/p>\n<p>Offline servicing has the disadvantage that in case a new version of the image is created, the steps to modify the image must be repeated manually. With online servicing, when a new version of the operating system is released, the additional files can be added to the new installation medium and then a new image version can be created. This method will be briefly described here.[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30px&#8221;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h3>Creating an Autounattend.xml<\/h3>\n[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]The required input while installing Windows, such as the selection of the operating system edition or language and keyboard layout can be suppressed using an <a href=\"https:\/\/docs.microsoft.com\/windows-hardware\/manufacture\/desktop\/update-windows-settings-and-scripts-create-your-own-answer-file-sxs\" target=\"_blank\" rel=\"noopener\">answer file<\/a>. The Windows setup program uses the settings stored in this file and installs Windows automatically and does not display any input dialogs.<\/p>\n<p>&nbsp;<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-5402 lazyload\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-1.png\" alt=\"\" width=\"700\" height=\"525\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-1.png 1020w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-1-300x225.png 300w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-1-768x576.png 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-1-800x600.png 800w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-1-700x525.png 700w\" data-sizes=\"(max-width: 700px) 100vw, 700px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 700px; --smush-placeholder-aspect-ratio: 700\/525;\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>The Windows ADK contains the <a href=\"https:\/\/docs.microsoft.com\/windows-hardware\/customize\/desktop\/wsim\/windows-system-image-manager-overview-topics\" target=\"_blank\" rel=\"noopener\">Windows System Image Manager<\/a> (Windows SIM) tool designed to create and customize answer files. This graphical tool can be used to adjust the settings for Windows Setup.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-5405 lazyload\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment_2.gif\" alt=\"\" width=\"478\" height=\"317\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 478px; --smush-placeholder-aspect-ratio: 478\/317;\">[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30px&#8221;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_empty_space height=&#8221;10&#8243;][vc_column_text]The result of the adjustments in Windows SIM is an answer file in XML format. Below you can find an abbreviated excerpt from an example answer file for illustrative purposes.[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text css=&#8221;.vc_custom_1636967833426{padding-top: 20px !important;padding-bottom: 20px !important;padding-left: 10px !important;background-color: #f2f2f2 !important;}&#8221;]<span class=\"code-text\">&lt;?xml version=&#8221;1.0&#8243; encoding=&#8221;utf-8&#8243;?&gt;<\/span><br \/>\n<span class=\"code-text\">&lt;unattend xmlns=&#8221;urn:schemas-microsoft-com:unattend&#8221;&gt;<\/span><br \/>\n<span class=\"code-text\">&lt;settings pass=&#8221;windowsPE&#8221;&gt;<\/span><br \/>\n<span class=\"code-text\">&lt;component name=&#8221;Microsoft-Windows-International-Core-WinPE&#8221; processorArchitecture=&#8221;amd64&#8243; publicKeyToken=&#8221;31bf3856ad364e35&#8243; language=&#8221;neutral&#8221; versionScope=&#8221;nonSxS&#8221; xmlns:wcm=&#8221;http:\/\/schemas.microsoft.com\/WMIConfig\/2002\/State&#8221; xmlns:xsi=&#8221;http:\/\/www.w3.org\/2001\/XMLSchema-instance&#8221;&gt;<\/span><br \/>\n<span class=\"code-text\">&lt;InputLocale&gt;en-US;de-DE &lt;\/InputLocale&gt;<\/span><br \/>\n<span class=\"code-text\">&lt;SystemLocale&gt;en-US&lt;\/SystemLocale&gt;<\/span><br \/>\n<span class=\"code-text\">&lt;UserLocale&gt;en-US&lt;\/UserLocale&gt;<\/span><br \/>\n<span class=\"code-text\">&lt;UILanguage&gt;en-US&lt;\/UILanguage&gt;<\/span><br \/>\n<span class=\"code-text\">&lt;\/component&gt;<\/span><br \/>\n<span class=\"code-text\">[\u2026]<\/span>[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]The settings for the answer file are documented in the <a href=\"https:\/\/docs.microsoft.com\/windows-hardware\/customize\/desktop\/unattend\/\" target=\"_blank\" rel=\"noopener\">Unattended Windows Setup Reference<\/a>.<\/p>\n<p>The contents of the installation medium are copied to a so-called build directory. The answer file is stored in the root of the build directory with the name <a href=\"https:\/\/docs.microsoft.com\/windows-hardware\/manufacture\/desktop\/automate-windows-setup\" target=\"_blank\" rel=\"noopener\">Autounattend.xml<\/a>. Windows Setup looks for a file with this name in the root directory of the installation medium and then uses it.[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30px&#8221;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h3>Adding boot-critical drivers<\/h3>\n[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]Windows includes the so-called <a href=\"https:\/\/docs.vmware.com\/en\/VMware-vSphere\/7.0\/com.vmware.vsphere.hostclient.doc\/GUID-ED3ECA21-5763-4919-8947-A819A17980FB.html\" target=\"_blank\" rel=\"noopener\">driver store<\/a>. The driver store contains <a href=\"https:\/\/docs.vmware.com\/en\/VMware-vSphere\/7.0\/com.vmware.vsphere.hostclient.doc\/GUID-ED3ECA21-5763-4919-8947-A819A17980FB.html\" target=\"_blank\" rel=\"noopener\">driver packages<\/a> that are stored in the directory <span class=\"code-text\">%SystemRoot%\\System32\\DriverStore<\/span>. During installation, Windows uses the hardware IDs of the connected devices and <a href=\"https:\/\/docs.vmware.com\/en\/VMware-vSphere\/7.0\/com.vmware.vsphere.hostclient.doc\/GUID-ED3ECA21-5763-4919-8947-A819A17980FB.html\" target=\"_blank\" rel=\"noopener\">searches<\/a> the driver store (and possibly Windows Update and additional locations) for matching driver packages and <a href=\"https:\/\/docs.vmware.com\/en\/VMware-vSphere\/7.0\/com.vmware.vsphere.hostclient.doc\/GUID-ED3ECA21-5763-4919-8947-A819A17980FB.html\" target=\"_blank\" rel=\"noopener\">installs<\/a> them.<\/p>\n<p>Boot-critical drivers are required to be installed and loaded for a Windows installation to succeed. These are especially drivers for I\/O controllers, which control the access to the hard disk. Without a loaded driver Windows cannot access the hard disk and the Windows installation will fail.<\/p>\n<p>Drivers that are not included in the Windows driver store must be added to the build directory. An additional directory for drivers is created in the build directory and this directory will be referenced in the Autounattend.xml. The drivers in this directory and its sub-directories are installed by the Windows setup program.<\/p>\n<p>A common example where a boot-critical driver is needed is with VMware VMs that use the <a href=\"https:\/\/docs.vmware.com\/en\/VMware-vSphere\/7.0\/com.vmware.vsphere.hostclient.doc\/GUID-7A595885-3EA5-4F18-A6E7-5952BFC341CC.html\" target=\"_blank\" rel=\"noopener\">VMware Paravirtual SCSI controller<\/a>. The necessary drivers are not included with Windows and are copied from the <a href=\"https:\/\/docs.vmware.com\/en\/VMware-vSphere\/7.0\/com.vmware.vsphere.hostclient.doc\/GUID-ED3ECA21-5763-4919-8947-A819A17980FB.html\" target=\"_blank\" rel=\"noopener\">VMware Tools ISO<\/a> to the <span class=\"code-text\">.\\drivers<\/span> directory.[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]<img decoding=\"async\" class=\"size-full wp-image-5446 alignnone lazyload\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-3.png\" alt=\"\" width=\"400\" height=\"400\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-3.png 400w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-3-300x300.png 300w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment-3-150x150.png 150w\" data-sizes=\"(max-width: 400px) 100vw, 400px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 400px; --smush-placeholder-aspect-ratio: 400\/400;\" \/>[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]The path is referenced in the autounattend.xml answer file. It should be noted that the drive letter D: will be assigned to the installation medium when the Windows setup program is started.[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text css=&#8221;.vc_custom_1636970040962{padding-top: 20px !important;padding-bottom: 20px !important;padding-left: 10px !important;background-color: #f2f2f2 !important;}&#8221;]<span class=\"code-text\">&lt;component name=&#8221;Microsoft-Windows-PnpCustomizationsWinPE&#8221; processorArchitecture=&#8221;amd64&#8243; publicKeyToken=&#8221;31bf3856ad364e35&#8243; language=&#8221;neutral&#8221; versionScope=&#8221;nonSxS&#8221; xmlns:wcm=&#8221;http:\/\/schemas.microsoft.com\/WMIConfig\/2002\/State&#8221; xmlns:xsi=&#8221;http:\/\/www.w3.org\/2001\/XMLSchema-instance&#8221;&gt;<br \/>\n&lt;DriverPaths&gt;<br \/>\n&lt;PathAndCredentials wcm:keyValue=&#8221;6b86e64&#8243; wcm:action=&#8221;add&#8221;&gt;<br \/>\n&lt;Path&gt;D:\\drivers&lt;\/Path&gt;<br \/>\n&lt;\/PathAndCredentials&gt;<br \/>\n&lt;\/DriverPaths&gt;<br \/>\n&lt;\/component&gt;<\/span>[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30px&#8221;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h3>Adding Scripts and Applications<\/h3>\n[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]Since the first Windows NT versions, Windows has the capability to add files to the installation. A subdirectory named <a href=\"https:\/\/docs.microsoft.com\/windows-hardware\/customize\/desktop\/wsim\/distribution-shares-and-configuration-sets-overview#folders-in-a-distribution-share\" target=\"_blank\" rel=\"noopener\">$OEM$<\/a> is created in the <span class=\"code-text\">.\\sources<\/span> directory. In this directory are additional subdirectories with a fixed meaning.<\/p>\n<table style=\"height: 100px\" width=\"954\">\n<tbody>\n<tr>\n<td width=\"85\">\n<p style=\"text-align: left\">$OEM$<\/p>\n<\/td>\n<td width=\"539\">\n<p style=\"text-align: left\">Contains additional directories and files for automated or custom installation.<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"85\">\n<p style=\"text-align: left\">$OEM$\\$$<\/p>\n<\/td>\n<td width=\"539\">\n<p style=\"text-align: left\">Files and subdirectories are copied to %SystemRoot%.<\/p>\n<\/td>\n<\/tr>\n<tr>\n<td width=\"85\">\n<p style=\"text-align: left\">$OEM$\\$1<\/p>\n<\/td>\n<td width=\"539\">\n<p style=\"text-align: left\">Represents the drive where Windows is installed. Files and subdirectories are copied to %SystemDrive%.<\/p>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>There are several ways to automatically start custom scripts and programs during or after Windows setup. One of them is to add a SetupComplete.cmd file to the directory <span class=\"code-text\">%SystemRoot%\\Setup\\Scripts<\/span>. This batch file will be executed automatically at the end of the setup. It must be copied to <span class=\"code-text\">.\\sources\\$OEM$\\$\\Setup\\Scripts<\/span> in the build directory.<\/p>\n<p>A directory structure underneath $OEM$ can look like this:[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text css=&#8221;.vc_custom_1636975974822{padding-top: 20px !important;padding-bottom: 20px !important;padding-left: 10px !important;}&#8221;]<img decoding=\"async\" class=\"size-full wp-image-5455 alignnone lazyload\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2021\/11\/teal-windows-server-deployment_4-e1636975925702.png\" alt=\"\" width=\"535\" height=\"764\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 535px; --smush-placeholder-aspect-ratio: 535\/764;\">[\/vc_column_text][vc_column_text]In the batch file SetupComplete.cmd applications can then be installed, or further scripts can be executed. In this example, the referenced files are copied to the directory C:\\Install by the Windows setup program. This directory can then be deleted with a script at the end of the installation.[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30px&#8221;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h3>Creating an installation media<\/h3>\n[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]Once the installation files and scripts are added to the build directory, the installation media can be created.<\/p>\n<p><strong>USB installation media<\/strong><br \/>\nFor physical hardware that is easily accessible, an USB stick with the Windows installation files be used. The USB stick must be formatted with the FAT32 file system, and the contents of the build directory simply copied to the USB stick.<\/p>\n<p><strong>ISO installation media<br \/>\n<\/strong>For physical hardware located in a remote data center and for VMs, an ISO installation media is used. Server hardware often comes with management solutions such as HP Integrated Lights-Out (ILO) that allows mounting an ISO file to a physical server.<\/p>\n<p>The <a href=\"https:\/\/docs.microsoft.com\/windows-hardware\/manufacture\/desktop\/oscdimg-command-line-options?view=windows-11\" target=\"_blank\" rel=\"noopener\">Oscdimg<\/a> tool that is included in the deployment tools part of the Windows ADK creates the ISO installation media,. If the build directory is for instance <span class=\"code-text\">D:\\Build\\Windows_Server_2019<\/span>, the following command creates an ISO file <span class=\"code-text\">D:\\Images\\Windows_Server_2019_Custom.iso<\/span>:[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text css=&#8221;.vc_custom_1636968404559{padding-top: 20px !important;padding-bottom: 20px !important;padding-left: 10px !important;background-color: #f2f2f2 !important;}&#8221;]<span class=\"code-text\">.\\oscdimg.exe -m -o -u2 -udfver102 -bootdata:2#p0,e,bD:\\Build\\Windows_Server_2019\\boot\\etfsboot.com#pEF,e,b<br \/>\nD:\\Build\\Windows_Server_2019\\efi\\microsoft\\boot\\efisys.bin D:\\Build\\Windows_Server_2019 D:\\Images\\Windows_Server_2019_Custom.iso<\/span>[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]When using vSphere, the reference VM can be <a href=\"https:\/\/docs.vmware.com\/en\/VMware-vSphere\/7.0\/com.vmware.vsphere.vm_admin.doc\/GUID-5B3737CC-28DB-4334-BD18-6E12011CDC9F.html\" target=\"_blank\" rel=\"noopener\">copied<\/a> to template after Windows has been installed. VMs can now be deployed using this template, that can <a href=\"https:\/\/docs.vmware.com\/en\/VMware-vSphere\/7.0\/com.vmware.vsphere.vm_admin.doc\/GUID-F3E382AB-72F6-498A-BD26-7EC0BFE320A0.html\" target=\"_blank\" rel=\"noopener\">customize Windows<\/a> by running Sysprep, changing the computer name, or performing a domain join.[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30px&#8221;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h3>Updating the installation media for new Windows versions<\/h3>\n[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]If the installation medium must be updated for a new Windows version, such as Windows Server 2022, a new build directory is created, and the following files and directories are copied over to the new build directory.[\/vc_column_text][vc_column_text]\n<table>\n<tbody>\n<tr>\n<td style=\"text-align: left\" width=\"623\"><span class=\"code-text\">.\\Autounattend.xml<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left\" width=\"623\"><span class=\"code-text\">.\\drivers<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left\" width=\"623\"><span class=\"code-text\">.\\sources\\$OEM$<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]If no further adjustments are necessary, for instance caused by updated settings in answer file of the new Windows version, the installation medium can be created again as described above and the adaption of the automated installation to the new Windows version is already done.[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30px&#8221;][vc_row_inner row_type=&#8221;row&#8221; type=&#8221;full_width&#8221; text_align=&#8221;left&#8221; css_animation=&#8221;&#8221;][vc_column_inner][vc_column_text]\n<h3>Conclusion<\/h3>\n[\/vc_column_text][vc_empty_space height=&#8221;10&#8243;][vc_column_text]The article describes the basic steps for automating a Windows installation, which can be used for ESAE Tier 0 environments without the need of a tool suite such as Endpoint Configuration Manager that can serve as the basis for a largely automated creation of vSphere templates, and we hope this is helpful for everyday work.[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;100&#8243;][vc_empty_space height=&#8221;50&#8243;][vc_separator type=&#8221;small&#8221; position=&#8221;center&#8221; color=&#8221;#eeeeee&#8221; thickness=&#8221;2&#8243; width=&#8221;1100&#8243;][vc_empty_space height=&#8221;50&#8243;][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;center&#8221; background_image_as_pattern=&#8221;without_pattern&#8221; z_index=&#8221;&#8221;][vc_column width=&#8221;1\/2&#8243; offset=&#8221;vc_hidden-sm vc_hidden-xs&#8221;][vc_column_text][\/vc_column_text][\/vc_column][vc_column width=&#8221;1\/2&#8243; offset=&#8221;vc_hidden-sm vc_hidden-xs&#8221;][vc_column_text][\/vc_column_text][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;grid&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;center&#8221; background_image_as_pattern=&#8221;without_pattern&#8221; z_index=&#8221;&#8221;][vc_column width=&#8221;1\/2&#8243; offset=&#8221;vc_hidden-lg vc_hidden-md&#8221;][vc_column_text][\/vc_column_text][\/vc_column][vc_column width=&#8221;1\/2&#8243; offset=&#8221;vc_hidden-lg vc_hidden-md&#8221;][vc_column_text][\/vc_column_text][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;center&#8221; background_image_as_pattern=&#8221;without_pattern&#8221; z_index=&#8221;&#8221;][vc_column width=&#8221;1\/2&#8243;][vc_empty_space height=&#8221;30&#8243;][vc_column_text]\n<blockquote class=\"instagram-media\" style=\"background: #FFF;border: 0;border-radius: 3px;margin: 1px;max-width: 540px;min-width: 326px;padding: 0;width: calc(100% - 2px)\" data-instgrm-permalink=\"https:\/\/www.instagram.com\/p\/CNF_8xCjiyu\/?utm_source=ig_embed&amp;utm_campaign=loading\" data-instgrm-version=\"13\">\n<div style=\"padding: 16px\">\n<p>&nbsp;<\/p>\n<div style=\"flex-direction: row;align-items: center\">\n<div style=\"background-color: #f4f4f4;border-radius: 50%;flex-grow: 0;height: 40px;margin-right: 14px;width: 40px\"><\/div>\n<div style=\"flex-direction: column;flex-grow: 1;justify-content: center\">\n<div style=\"background-color: #f4f4f4;border-radius: 4px;flex-grow: 0;height: 14px;margin-bottom: 6px;width: 100px\"><\/div>\n<div style=\"background-color: #f4f4f4;border-radius: 4px;flex-grow: 0;height: 14px;width: 60px\"><\/div>\n<\/div>\n<\/div>\n<div style=\"padding: 19% 0\"><\/div>\n<div style=\"height: 50px;margin: 0 auto 12px;width: 50px\"><\/div>\n<div style=\"padding-top: 8px\">\n<div style=\"color: #3897f0;font-family: Arial,sans-serif;font-size: 14px;font-style: normal;font-weight: 550;line-height: 18px\">Sieh dir diesen Beitrag auf Instagram an<\/div>\n<\/div>\n<div style=\"padding: 12.5% 0\"><\/div>\n<div style=\"flex-direction: row;margin-bottom: 14px;align-items: center\">\n<div>\n<div style=\"background-color: #f4f4f4;border-radius: 50%;height: 12.5px;width: 12.5px\"><\/div>\n<div style=\"background-color: #f4f4f4;height: 12.5px;width: 12.5px;flex-grow: 0;margin-right: 14px;margin-left: 2px\"><\/div>\n<div style=\"background-color: #f4f4f4;border-radius: 50%;height: 12.5px;width: 12.5px\"><\/div>\n<\/div>\n<div style=\"margin-left: 8px\">\n<div style=\"background-color: #f4f4f4;border-radius: 50%;flex-grow: 0;height: 20px;width: 20px\"><\/div>\n<div style=\"width: 0;height: 0;border-top: 2px solid transparent;border-left: 6px solid #f4f4f4;border-bottom: 2px solid transparent\"><\/div>\n<\/div>\n<div style=\"margin-left: auto\">\n<div style=\"width: 0px;border-top: 8px solid #F4F4F4;border-right: 8px solid transparent\"><\/div>\n<div style=\"background-color: #f4f4f4;flex-grow: 0;height: 12px;width: 16px\"><\/div>\n<div style=\"width: 0;height: 0;border-top: 8px solid #F4F4F4;border-left: 8px solid transparent\"><\/div>\n<\/div>\n<\/div>\n<div style=\"flex-direction: column;flex-grow: 1;justify-content: center;margin-bottom: 24px\">\n<div style=\"background-color: #f4f4f4;border-radius: 4px;flex-grow: 0;height: 14px;margin-bottom: 6px;width: 224px\"><\/div>\n<div style=\"background-color: #f4f4f4;border-radius: 4px;flex-grow: 0;height: 14px;width: 144px\"><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<p style=\"color: #c9c8cd;font-family: Arial,sans-serif;font-size: 14px;line-height: 17px;margin-bottom: 0;margin-top: 8px;overflow: hidden;padding: 8px 0 7px;text-align: center\"><a style=\"color: #c9c8cd;font-family: Arial,sans-serif;font-size: 14px;font-style: normal;font-weight: normal;line-height: 17px;text-decoration: none\" href=\"https:\/\/www.instagram.com\/p\/CNF_8xCjiyu\/?utm_source=ig_embed&amp;utm_campaign=loading\" target=\"_blank\" rel=\"noopener\">Ein Beitrag geteilt von TEAL Technology Consulting (@tealconsulting)<\/a><\/p>\n<\/div>\n<\/blockquote>\n[\/vc_column_text][\/vc_column][vc_column width=&#8221;1\/2&#8243;][vc_empty_space height=&#8221;30&#8243;][vc_column_text]\n<blockquote class=\"instagram-media\" style=\"background: #FFF;border: 0;border-radius: 3px;margin: 1px;max-width: 540px;min-width: 326px;padding: 0;width: calc(100% - 2px)\" data-instgrm-permalink=\"https:\/\/www.instagram.com\/p\/CMUM_xrjqno\/?utm_source=ig_embed&amp;utm_campaign=loading\" data-instgrm-version=\"13\">\n<div style=\"padding: 16px\">\n<p>&nbsp;<\/p>\n<div style=\"flex-direction: row;align-items: center\">\n<div style=\"background-color: #f4f4f4;border-radius: 50%;flex-grow: 0;height: 40px;margin-right: 14px;width: 40px\"><\/div>\n<div style=\"flex-direction: column;flex-grow: 1;justify-content: center\">\n<div style=\"background-color: #f4f4f4;border-radius: 4px;flex-grow: 0;height: 14px;margin-bottom: 6px;width: 100px\"><\/div>\n<div style=\"background-color: #f4f4f4;border-radius: 4px;flex-grow: 0;height: 14px;width: 60px\"><\/div>\n<\/div>\n<\/div>\n<div style=\"padding: 19% 0\"><\/div>\n<div style=\"height: 50px;margin: 0 auto 12px;width: 50px\"><\/div>\n<div style=\"padding-top: 8px\">\n<div style=\"color: #3897f0;font-family: Arial,sans-serif;font-size: 14px;font-style: normal;font-weight: 550;line-height: 18px\">Sieh dir diesen Beitrag auf Instagram an<\/div>\n<\/div>\n<div style=\"padding: 12.5% 0\"><\/div>\n<div style=\"flex-direction: row;margin-bottom: 14px;align-items: center\">\n<div>\n<div style=\"background-color: #f4f4f4;border-radius: 50%;height: 12.5px;width: 12.5px\"><\/div>\n<div style=\"background-color: #f4f4f4;height: 12.5px;width: 12.5px;flex-grow: 0;margin-right: 14px;margin-left: 2px\"><\/div>\n<div style=\"background-color: #f4f4f4;border-radius: 50%;height: 12.5px;width: 12.5px\"><\/div>\n<\/div>\n<div style=\"margin-left: 8px\">\n<div style=\"background-color: #f4f4f4;border-radius: 50%;flex-grow: 0;height: 20px;width: 20px\"><\/div>\n<div style=\"width: 0;height: 0;border-top: 2px solid transparent;border-left: 6px solid #f4f4f4;border-bottom: 2px solid transparent\"><\/div>\n<\/div>\n<div style=\"margin-left: auto\">\n<div style=\"width: 0px;border-top: 8px solid #F4F4F4;border-right: 8px solid transparent\"><\/div>\n<div style=\"background-color: #f4f4f4;flex-grow: 0;height: 12px;width: 16px\"><\/div>\n<div style=\"width: 0;height: 0;border-top: 8px solid #F4F4F4;border-left: 8px solid transparent\"><\/div>\n<\/div>\n<\/div>\n<div style=\"flex-direction: column;flex-grow: 1;justify-content: center;margin-bottom: 24px\">\n<div style=\"background-color: #f4f4f4;border-radius: 4px;flex-grow: 0;height: 14px;margin-bottom: 6px;width: 224px\"><\/div>\n<div style=\"background-color: #f4f4f4;border-radius: 4px;flex-grow: 0;height: 14px;width: 144px\"><\/div>\n<\/div>\n<p>&nbsp;<\/p>\n<p style=\"color: #c9c8cd;font-family: Arial,sans-serif;font-size: 14px;line-height: 17px;margin-bottom: 0;margin-top: 8px;overflow: hidden;padding: 8px 0 7px;text-align: center\"><a style=\"color: #c9c8cd;font-family: Arial,sans-serif;font-size: 14px;font-style: normal;font-weight: normal;line-height: 17px;text-decoration: none\" href=\"https:\/\/www.instagram.com\/p\/CMUM_xrjqno\/?utm_source=ig_embed&amp;utm_campaign=loading\" target=\"_blank\" rel=\"noopener\">Ein Beitrag geteilt von TEAL Technology Consulting (@tealconsulting)<\/a><\/p>\n<\/div>\n<\/blockquote>\n[\/vc_column_text][\/vc_column][\/vc_row][vc_row css_animation=&#8221;&#8221; row_type=&#8221;row&#8221; use_row_as_full_screen_section=&#8221;no&#8221; type=&#8221;full_width&#8221; angled_section=&#8221;no&#8221; text_align=&#8221;left&#8221; background_image_as_pattern=&#8221;without_pattern&#8221;][vc_column][vc_empty_space height=&#8221;30&#8243;][vc_column_text]\n<h2>LATEST POSTS<\/h2>\n[\/vc_column_text][vc_empty_space height=&#8221;30&#8243;]\n<div class='latest_post_holder boxes three_columns one_row' >\n    <ul>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/04\/01\/logging-in-instead-of-breaking-in\/\"><img decoding=\"async\" width=\"539\" height=\"303\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/03\/blog_headerbild_teal_krux-mit-der-KI_AI-539x303.jpg\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image lazyload\" alt=\"\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/03\/blog_headerbild_teal_krux-mit-der-KI_AI-539x303.jpg 539w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/03\/blog_headerbild_teal_krux-mit-der-KI_AI-300x169.jpg 300w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/03\/blog_headerbild_teal_krux-mit-der-KI_AI-1024x575.jpg 1024w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/03\/blog_headerbild_teal_krux-mit-der-KI_AI-768x432.jpg 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/03\/blog_headerbild_teal_krux-mit-der-KI_AI-1536x863.jpg 1536w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/03\/blog_headerbild_teal_krux-mit-der-KI_AI-700x393.jpg 700w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/03\/blog_headerbild_teal_krux-mit-der-KI_AI.jpg 1920w\" data-sizes=\"(max-width: 539px) 100vw, 539px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 539px; --smush-placeholder-aspect-ratio: 539\/303;\"><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h3 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/04\/01\/logging-in-instead-of-breaking-in\/\">\u201cLogging In Instead of Breaking In\u201d: Why Your Identities Are the Biggest Security Risk<\/a><\/h3>\n                            <p class=\"excerpt\">Attackers no longer \u201csimply\u201d break in, they LOG in. If you\u2019re still relying on traditional defenses in 2026, we believe you\u2019ve probably already lost the battle for your data....<\/p>\n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">01 April, 2026 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/03\/03\/passwordless\/\"><img decoding=\"async\" width=\"539\" height=\"303\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/06\/chatgpt_teal_blog_part3-539x303.jpg\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image lazyload\" alt=\"\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/06\/chatgpt_teal_blog_part3-539x303.jpg 539w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/06\/chatgpt_teal_blog_part3-300x169.jpg 300w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/06\/chatgpt_teal_blog_part3-1024x575.jpg 1024w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/06\/chatgpt_teal_blog_part3-768x432.jpg 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/06\/chatgpt_teal_blog_part3-1536x863.jpg 1536w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/06\/chatgpt_teal_blog_part3-700x393.jpg 700w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2023\/06\/chatgpt_teal_blog_part3.jpg 1920w\" data-sizes=\"(max-width: 539px) 100vw, 539px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 539px; --smush-placeholder-aspect-ratio: 539\/303;\"><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h3 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/03\/03\/passwordless\/\">Bye-bye, password frustration: Why TEAL is now going passwordless<\/a><\/h3>\n                            <p class=\"excerpt\">As security consultants, we see every day that passwords are not only a security risk, but also slow you down massively in your everyday work. That's why we at TEAL have decided: ...<\/p>\n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">03 March, 2026 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n    \n        <li class=\"clearfix\">\n            <div class=\"boxes_image\">\n                                <a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/02\/02\/take-action-with-ntlm\/\"><img decoding=\"async\" width=\"539\" height=\"303\" data-src=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/01\/Blog-Headerbild_ntlm.png-539x303.jpg\" class=\"attachment-latest_post_boxes size-latest_post_boxes wp-post-image lazyload\" alt=\"\" data-srcset=\"https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/01\/Blog-Headerbild_ntlm.png-539x303.jpg 539w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/01\/Blog-Headerbild_ntlm.png-300x169.jpg 300w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/01\/Blog-Headerbild_ntlm.png-1024x575.jpg 1024w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/01\/Blog-Headerbild_ntlm.png-768x432.jpg 768w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/01\/Blog-Headerbild_ntlm.png-1536x863.jpg 1536w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/01\/Blog-Headerbild_ntlm.png-700x393.jpg 700w, https:\/\/www.teal-consulting.de\/wp-content\/uploads\/2026\/01\/Blog-Headerbild_ntlm.png.jpg 1920w\" data-sizes=\"(max-width: 539px) 100vw, 539px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 539px; --smush-placeholder-aspect-ratio: 539\/303;\"><\/a>\n            <\/div>\n            <div class=\"latest_post\"  >\n                <div class=\"latest_post_text\">\n                    <div class=\"latest_post_inner\">\n                        <div class=\"latest_post_text_inner\">\n                            <h3 itemprop=\"name\" class=\"latest_post_title entry_title\"><a itemprop=\"url\" href=\"https:\/\/www.teal-consulting.de\/en\/2026\/02\/02\/take-action-with-ntlm\/\">Look, a rainbow! &#8211; Why Google forces you to take action with NTLM<\/a><\/h3>\n                            <p class=\"excerpt\">The alternative to NTLM* is called Kerberos and has been integrated into Active Directory since 2000. The most important difference to NTLM is the integration of a Key Distribution Center (KDC)...<\/p>\n                            <span class=\"post_infos\">\n                                                                    <span class=\"date_hour_holder\">\n                                        <span itemprop=\"dateCreated\" class=\"date entry_date updated\">02 February, 2026 <meta itemprop=\"interactionCount\" content=\"UserComments: 0\"\/><\/span>\n                                    <\/span>\n                                                                                                \n                                \n                                                            <\/span>\n                        <\/div>\n                    <\/div>\n                <\/div>\n            <\/div>\n        <\/li>\n        <\/ul>\n<\/div>[\/vc_column][\/vc_row]\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Our blog post for this month deals with a topic that is not directly related to information security. Nevertheless, this topic should not be underestimated and neglected. It is about the automated installation of Windows Server in the enterprise.<\/p>\n","protected":false},"author":14,"featured_media":5422,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[8,14],"tags":[],"class_list":["post-5460","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weitere-themen","category-further-topics-en"],"_links":{"self":[{"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/posts\/5460","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/comments?post=5460"}],"version-history":[{"count":7,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/posts\/5460\/revisions"}],"predecessor-version":[{"id":5805,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/posts\/5460\/revisions\/5805"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/media\/5422"}],"wp:attachment":[{"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/media?parent=5460"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/categories?post=5460"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.teal-consulting.de\/en\/wp-json\/wp\/v2\/tags?post=5460"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}