Mouse and keyboard not detected by Windows 7 setup

We recently got a batch of new workstations on campus that are using USB3 for half of the supplied USB ports. We had some problems during the WDS setup of these as there is no native support for USB3 in WinPE 3.0 as supplied with Windows 7 Service Pack 1, and of course our WDS boot menus use WinPE 3.0.

After hitting F12 to initiate the WDS setup WinPE happily loaded but obviously offered no mouse or keyboard support when using the USB3 ports. Okay, you could swap mouse and keyboard to USB2 and this would immediately resolve the issue. However, best to get the USB3 drivers into PE. I did this using the driver injection method as blogged about previously: WDS How To – deploy drivers See the section titled: “Boot image driver injection has become very easy!” (WDS dynamic driver management is excellent, I may have mentioned that before… )

For those of you who don’t know, USB3 ports are coloured blue on the inside, so you can easily spot them if they’re there:

usb3 image

Pre-staging Computers in Active Directory for WDS with PowerShell and Quest AD cmdlets

One of the most common issues when buidling computers with Windows Deployment Services (WDS, and RIS before that) are typos in the GUIDs used to net-boot the PCs. When you’re entering them by hand as you pre-stage the computer objects in Active Directory it’s very easy to make mistakes, especially when you’re entering a lot of them. It’s also extremely time consuming if you have to boot each machine to the point of PXE displaying the MAC and GUID – that’s why the smart move is to request that information from the supplier, preferably before they deliver the machines.

Anyone who has pre-staged a computer object before will be aware of the jiggery-pokery that goes on with switching round the first half of the GUID, so that when you view it later in ADUC, you see something significantly different to what you typed in. It appear that this conversion is done by the GUI when you create the object, so when you’re adding them programatically, you need to change the format yourself.

Microsoft published a VBScript function to reformat the GUIDs so they could be added to AD by a script, but I haven’t seen similar in PowerShell, so here it is:

function flip-guid ([string]$g) {
$g = $g.replace("-","").replace(" ","")
-join $g.substring(0,16).tochararray()[6,7,4,5,2,3,0,1,10,11,8,9,14,15,12,13] + $g.substring(16,16)

The function takes the GUID as a string and first removes any dashes or spaces (since I’ve received them from suppliers with both at different times). Next it converts the first half into an array of characters, selects them back in the new order and uses the join operator to make them back into a string, to which it concatenates the second half, unchanged from the original. As with most things in PowerShell it could be reduced down to a single line, or expanded further to enhance readability.

So, given the ability now to change the format, I use Quest’s AD cmdlets (if you haven’t come across these before, take a look now!) to create the computer objects. Assuming that you have a CSV file containing the new PC’s name and GUID, just do this…

Import-Csv newpcs.csv | foreach {
New-QADComputer $ -ParentContainer "SomeOU" -ObjectAttributes @{netbootguid = ([guid](flip-guid $_.guid)).ToByteArray()}

That’ll leave you with a load of new computer objects ready for WDS. 🙂

NB. It’s likely that the code snippets above have been wrapped to fit the page layout. In the function there are only two lines – everything from “-join” to the end is the same line. In the foreach scriptblock that’s just a single line.


Happy New Year everyone. A New Year and a new team for us! The Information Systems and Services (ISS) function of Newcastle University has recently been restructured and The Windows Infrastructure Team (who, amongst many, many other things, have written this blog for the past couple of years) have now merged with the Unix Infrastructure Team to become the Infrastructure Systems Group…. Not sure what will become of our blog over coming months but whilst it’s still here, I thought I’d go ahead and make the first posting of 2011 anyway.

Back in July last year I wrote a post about Dynamic Driver Provisioning via WDS:

We’ve now been running with DDP for supplying drivers to Windows 7 builds for quite a while and this has, so far, been working extremely well without any issues or conflicts. Whilst doing a little New Year’s cleanup, I realised that the setup notes I posted with the above had a couple of syntax errors in them, so I thought I’d post them again with corrections. I see a lot of questions about WDS driver provisioning in various forums and hope that my notes can be of use to others who are setting up WDS servers. My amended notes are linked from the original post and are also linked here:WDS How To – deploy drivers

Driver support for Windows 7 using Dynamic Driver Provisioning

Just a bit of info for those who are considering using WDS Dynamic Driver Provisioning to add hardware support to Windows images, and also for anyone who is curious to know how we provide operating system support to the myriad of PCs, servers and laptops out there on campus

In order to fully support Windows 7 client deployment and to start to wind-down support for Windows XP, recently we converted 2 out of 3 of our Mixed-mode WDS servers to Native Mode. The Native Mode servers run on Server 2008 R2 and therefore include the option to use Dynamic Driver Provisioning (DDP).

So what is DDP and why is it good for us?

Microsoft tell us that this new WDS functionality provides the following benefits:

  • Eliminates the need to add driver packages manually by using the tools in the Windows Automated Installation Kit.
  • Minimizes the size of install images.
  • Makes it easier to update and manage drivers because the drivers are stored outside the images.
  • Eliminates the need to maintain multiple images for different hardware configurations.
  • Eliminates the need for additional tools to manage drivers (for example, the Microsoft Deployment Toolkit (MDT) or non-Microsoft solutions).
  • Eliminates the need to use an Unattended installation file to add drivers.

And Microsoft are quite right. So far, DDP is working beautifully in our environment. I wont say it’s not a little clunky in places, because it is. Certainly some of the Filters could be better. But this will hopefully come in later versions.

For us, DDP is the perfect solution because we don’t need anything fancy to deploy our operating system images – the MDT is a sledgehammer to crack a nut in our environment, where software is deployed separately using Group Policy and SpecOps (

For those who are interested in the detail of how we use DDP here at Newcastle, please feel free to browse my setup notes

Everything you wanted to know about Microsoft OS Activation

There seems to be some confusion as to how Vista/Windows 7/Server 2008/Server 2008 R2 OS activation works both inside/outside the campus domain and on/off the university network so I’ll try and explain what the options are:

KMS activation

KMS (Key Management Server) activation is designed for machines (doesn’t matter which OS) which are connected to the University network at least once in every 6 months.

If a machine is joined to the campus domain then you don’t need to do anything else, the machine will just activate against the ISS KMS server and you can forget about it.

If the machine is on the University network but not in the campus domain then you can manually point the machine at the ISS KMS server and it will activate (see below)

Once a machine has activated against the ISS KMS server it will periodically re-activate automatically, you’ll only a have a problem with it if it doesn’t talk to the KMS server for over 6 months in which case you should use….

MAK Activation

MAK (Multiple Activation Key) activation should be used for machines which are off the campus network for periods of 6 months or more e.g. a University laptop which is always used off campus. If you need a MAK key then you should email the ISS Helpline and ask for a MAK code stating that you need a MAK code along with the OS that you are using e.g. Windows 7. Once you have the MAK code activate windows by typing activate windows in the search box on the start and follow the on screen prompts and enter the MAK code when asked to do so.

MAK activation requires an internet connection but once it’s done your machine will never need activating again unless you re-install the OS (this is the same type of activation you would use on a computer you bought from PC World etc).

Useful activation commands

All of these commands need to be run from a command prompt running with administrator rights, the easiest way to do this is by typing cmd in the search box on the start menu then right click the cmd icon that it finds and select run as administrator.

1 – Activate a machine on the University network which is NOT in the campus domain

cscript c:\windows\system32\slmgr.vbs -skms

cscript c:\windows\system32\slmgr.vbs -ato

2 – Force activation on a machine that is in the campus domain (if you’re impatientJ)

cscript c:\windows\system32\slmgr.vbs -ato

3 – Convert a machine from using MAK to KMS activation and vice versa (you’ll still need to request and use a MAK code if you need one).

N.B. These are generic product keys that are available for all to see at

slmgr -upk

slmgr -ipk 33PXH-7Y6KF-2VJC9-XBBR8-HVTHH

slmgr -ato

The above is for Windows 7 Enterprise, replace the product key as appropriate from the table below

Operating system edition
Product key

Windows 7 and Windows Server 2008 R2

Windows 7 Professional

Windows 7 Professional N

Windows 7 Professional E

Windows 7 Enterprise

Windows 7 Enterprise N

Windows 7 Enterprise E

Windows Server 2008 R2 Web

Windows Server 2008 R2 HPC edition

Windows Server 2008 R2 Standard

Windows Server 2008 R2 Enterprise

Windows Server 2008 R2 Datacenter

Windows Server 2008 R2 for Itanium-based Systems

Windows Vista and Windows Server 2008

Windows Vista Business

Windows Vista Business N

Windows Vista Enterprise

Windows Vista Enterprise N

Windows Web Server 2008

Windows Server 2008 Standard

Windows Server 2008 Standard without Hyper-V

Windows Server 2008 Enterprise

Windows Server 2008 Enterprise without Hyper-V

Windows Server 2008 HPC

Windows Server 2008 Datacenter

Windows Server 2008 Datacenter without Hyper-V

Windows Server 2008 for Itanium-Based Systems

Windows 7 has arrived on campus!

Could Newcastle University be the first organisation in the UK to have Windows 7 RTM available for deployment by WDS…. ?

Whilst there is much discussion at present on campus about how and when we will begin to properly support Windows 7, we didn’t want to let the grass grow under our feet as far as our WDS implementation of the new o/s was concerned.

Adding it to the existing WDS Service was a breeze of course, so perhaps there’s nothing to brag about really 🙂

The March of Progress Continues…

March of Progress

I thought it would be interesting to see where things stand with Operating System usage in the Active Directory compared with the data I collected in March. These figures are based on Active Computer Objects.

Windows Clients: 10960

Windows Clients

Windows Vista: (March) 472 (5%)
Windows Vista: (Today) 1571 (14%)
Windows XP: (March) 9894 (95%)
Windows XP: (Today) 9386 (86%)

Windows Server: 392

Windows Server

Windows Server 2008(March): 65 (17%)
Windows Server 2008(Today): 136 (31%)
Windows Server 2003(March): 323 (83%)
Windows Server 2003(Today): 307 (69%)