VM vs. DISM – patch Tuesday updating

I just read a quick debate on Twitter between Johan Arwidmark and Mike Terrill on the topic of which path makes for smaller Windows Images when you are doing the quick monthly incremental updates. You know them as Microsoft “Patch Tuesdays”. So just yesterday (Aug. 8, 2017) the most recent cumulative update came out. And I downloaded it with every intention of firing up Hyper-V, connecting to my Win10-Build VM and proceeding as normal. I don’t do reference images as such, nor do I use MDT. I literally run Windows Update interactively while logged in as local admin on my VM. I reboot the VM, login again, try WU again, make sure everything has been applied. Then I pull out my little sysprep cheat sheet and do a sysprep with unattend.xml (for  my customization) and OOBE and shutdown.

I then mount the Virtual Hard drive (.vhd) for that VM within my host OS. I run DISM command to capture/compress as much as possible to get the image size down. With Win10+Office2016 I hover around the 6.75GB to 7.5GB range in terms of the .wim file, using this process. But I was curious to look at how easy, or difficult it was to simply mount the .wim file and insert/import the Cumulative Update packaged as a .msu file from the MS website directly. I have known for a while this command line flag existed but never tried it out until I read the debate between Johan and Michael.

Full credit goes to Matt Shadbolt (MSFT) for this Technet article where I found a Powershell script to run all the DISM commands needed to update a .wim file:

Applying Windows Updates to a base WIM using DISM and Powershell

So I ran a second round of update just for comparison sake on an unaltered, un-updated .wim file using the DISM. I found a Powershell script that help speed this up a bit, and required less typing and pasting of commands to do all the steps. I first downloaded the Cumulative Update from the Microsoft Update Catalog and put into my F:\drive in a folder called “Updates”.


I took Matt Shadbolt’s PS script and modified it slightly. I added the /Cleanup-Image step and also the /Export-Image at the tail end of the script here:

$UpdatesPath = "F:\Updates\*"
$MountPath = “C:\test\offline”
$WimFile = “E:\shared\WIMs\images\2.wim”
DISM /Mount-Wim /WimFile:$WimFile /index:1 /Mountdir:$MountPath
$UpdateArray = Get-Item $UpdatesPath
ForEach ($Updates in $UpdateArray)
DISM /image:$MountPath /Add-Package /Packagepath:$Updates
Start-Sleep –s 10
Write-Host "Updates Applied to WIM"
DISM /Image:$MountPath /Cleanup-Image /StartComponentCleanup /ResetBase
DISM /Unmount-Wim /Mountdir:$MountPath /commit
DISM /Cleanup-Wim
DISM /Export-Image /SourceImageFile:$WimFile /SourceIndex:1 /DestinationImageFile:"F:\2.wim"

Now, let’s go back to Johan’s original tweet:

In my test I did the first run with my Hyper-V Build VM

  1. Run Windows Update
  2. Reboot
  3. Run Windows Update one more time
  4. Sysprep/Shutdown
  5. In Host OS mounted VHD, captured using DISM cmdline
  6. File size for 1.wim = 7,141,081,712Bytes (or 7.141GB)

Second run on an original .wim file captured previously from that same Hyper-V .vhd using Matt Shadbolt’s slighlty modified Powershell script (DISM with /Add-Package with some cleanup steps).

  1. Mount .wim
  2. /Add-Package
  3. /Cleanup-Image
  4. /Commit
  5. /Export
  6. File size for 2.wim = 7,144,702,046Bytes (or 7.144GB)

So caveats here are this was one run with the August Cumulative Update for Win10-1703+Office2016. Your mileage may vary on successive runs. But as near as I can tell using DISM /Add-package works just as well as doing a “Build+Capture” in your MDT Build Lab and Hyper-V environment as near as I can tell. The differences I am seeing are not 1GB but closer to ~3MB total difference between the two paths.


Deployment Bunny for the win

Had the privilege to study under the two “Jedi Masters” themselves Johan and Mikael this summer in Redmond, and some of what they covered there they presented last week at Ignite. Check out their video below! Mikael covers using MDT to build images, which is my preferred way to build images. Its definitely worth checking out!

via Mastering Windows 10 Deployments — MDTGuy.WordPress.com

The demos that Mikael and Johan give area always really good. I’m really interested in learning how to use Microsoft Deployment Toolkit. Learning about the customSettings.ini by watching Mikael run it and edit it is wonderful. You begin to understand what each section/setting does in real life.

The Persistence Argument for Running Your Own Server Is Wrong

Hosted Lifebits is the model I’m trying to follow as much as possible. And I’ve been happy on WordPress.com without ANY of the customization or plug-ins. I see other struggle along trying to keep their servers up to date, patched, getting the Apache and PHP and MySQL configured and adjusted. I could do that, but I choose not to, and cruise along enjoying reading and commenting on others blogs. I think Mike and Jon are onto something here. Gimme a Big ol’ Dumb Server any day.


Went to IndieWebCamp this weekend, just for a little bit, mainly to listen to the keynotes and hang out with Ward Cunningham and Pete Forsyth. I love the work these people are doing, but I wanted to kick back against one myth there I see repeated over and over.

There are a whole bunch of reasons for running your own server in the age of platform capitalism, but the one I hear used the most often is “Well, you know what happens — you put all your stuff on a new service, and then they delete it on you as they go out of business!” This is followed by a list of things from Google Buzz to Bebo to Friendster that have gone away, taking your history with them.

The thing is this is primarily a first adopter problem. If you were a person in the mid-00s that joined every…

View original post 853 more words

Flash memory in the news

Just to make it clear, the hard drive companies are promoting Optane Memory in order to sell hard drives paired with the technology to deliver a superior user experience.

via Flash Industry Trends Could Lead Users Back to Spinning Disks

There’s something happening here.

What it is ain’t exactly clear.

There’s a manufacturer over there,

Tellin’ me I’ve got to take care,

It’s time stopped, what’s that sound, cost of SSDs are going down,…

But not really what’s going down is the engineering for price and sacrificing the performance. The old adage of “get an SSD, and it feels like new computer” are fast going away. Reason is the demand has increased to such an extent the older, higher performing designs just cost too much compared to what people are willing to pay. It’s a race to the bottom for larger single disk sizes at lower cost/GByte. And the speeds/throughputs keep going down.

I remember seeing speeds start around 200MByte/sec, and peak out at 500MBytes/sec right before the Samsung 840 Pro series took the awards for best SATA SSD. Things got real cloudy after that though. NVMe seemed to be a way forward, but even those devices are no guarantee of better performance (again, due to the cost cutting measures of designers at the fabrication plants for Flash memory). The TL;DR really is at the top of the article here, Intel’s newest product (Optane) is likely a next gen fix, at least as a secondary level storage cache between a slower spinning disk and the CPU. Hopefully sizes will increase (I remember having to eke by a 32GB SSD back in 2009!) and be useful to a wider range of applications and users.

This is a great survey of independent film shorts -well worth watching

By Dean Treadway In this. the first Allan Fish Online Film Festival, constructed by the site’s co-founder Sam Juliano after the untimely death of his British co-hort Allan Fish, Sam has asked many of the site’s contributors to throw in on a film festival designed to highlight Fish’s obviously consuming love of cinema. Many of […]

via Allan Fish Online Film Festival, Day 3: A Sidebar of Experimental Short Films — Wonders in the Dark

You have everything from Norman McLaren to Stan Brackhage and everything in between. Watch all the films it will make you want to see more, I guarantee.

It’s a bargain, I tell ya’!

The FBI paid approximately $900,000 to a third party to help break into the iPhone 5c of San Bernardino shooter Syed Rizwan Farook, U.S. Senator Dianne Feinstein said recently when questioning FBI director James Comey at a Senate Judiciary Committee oversight hearing.

via Sen. Feinstein claims FBI paid $900K to crack San Bernardino shooter’s iPhone — AppleInsider – Frontpage News

Given the fact that cracking “could” be done when it needed to be done, law enforcement did it’s job. But to say that it shouldn’t be so hard or cost so much? I’m not on board with that. Cracking a phone should be expensive, and hard to do, especially for the pursuit of justice. This may be a case of false equivalency, but compare the cost of a Hellfire II missile and a drone mission in Yemen or Afghanistan to the cost of cracking 1-encryped iPhone. No comparison cost-wise. The phone crack is much cheaper. And in light of what it costs to maintain the security of the President of the United States on every weekend trip he makes to Florida? (a bargain by any measure) So carry on DOJ, carry on US Congress/Senate. Nothing to see here, just move along now and let the market dictate what level of security the consumer requires, THANK YOU!

The Elephant Bone Yard of popular electronics past

The Raiders of the Lost Walmart is a recurring series here at Consumerist, where the brave explorers who read this site excavate their local discount stores, finding ancient treasures along the way. What we mean is that readers send us pictures of overpriced electronics that are obsolete or even unusable, and that will probably never…

via The Most Precious Treasures Of The Raiders Of The Lost Walmart — Consumerist

The best part of this whole collection is that the Electronics managers of the respective Walmart facilities keep these things on the shelves for people to see. They may never buy them, but they can pick them up and hold them and read the packaging just like it was some kind of hands-on exhibit at the Smithsonian Museum of American History. And those security tags! The best, truly the best.