Lesson 6: Implementing RIS

This section discusses the tasks necessary to implement RIS, including setting up and configuring RIS, creating an RIPrep image, creating an RIS boot disk, and verifying an RIS configuration.


After this lesson, you will be able to

  • Set up RIS
  • Configure RIS
  • Create an RIPrep image
  • Create an RIS boot disk
  • Verify an RIS configuration

Estimated lesson time: 30 minutes


Implementing RIS

To implement RIS you must complete the following tasks:

  • Set up RIS
  • Configure RIS
  • Create an RIPrep image
  • Create an RIS boot disk (optional)
  • Verify the RIS configuration

Setting Up RIS

RIS requires a two-stage setup process: adding the RIS component and installing RIS.

IMPORTANT


Refer to the "RIS Server and Client Requirements" section in Lesson 6, "Implementing RIS," before attempting to set up RIS.

Adding the RIS Component

The first stage of RIS setup is adding RIS as an optional component. This stage copies the files required for installation to the hard disk drive on the server. You can add the RIS component during Windows 2000 Server installation or after the server installation by using Add/Remove Programs.

Follow these steps to add the RIS component:

  1. Access the Windows Components wizard in one of the following ways:
    • During Windows 2000 Server installation
    • Click Start, point to Settings, point to Control Panel, open Add/Remove Programs, and then click Add/Remove Windows Components
  2. In the Windows Components Wizard dialog box, shown in Figure 20.24, select the Remote Installation Services check box, and then click Next.

Figure 20.24 Windows Components Wizard dialog box

  1. Insert the Windows 2000 Server CD-ROM when prompted.
  2. On the Completing The Windows Components Wizard page, click Finish.
  3. In the System Settings Change message box, click Yes to restart the server before installing RIS.

Installing RIS

The second stage of RIS setup occurs when RIS is installed. This stage installs RIS on the server.

Follow these steps to install RIS:

  1. Click Start, point to Programs, point to Administrative Tools, and then click Configure Your Server.
  2. In the Configure Your Server dialog box, click Finish Setup.
  3. In the Add/Remove Programs dialog box, in the Configure Remote Installation Services box, click Configure to start the Remote Installation Services Setup wizard.
  4. In the Welcome To The Remote Installation Services Setup Wizard dialog box, click Next.
  5. Continue through the prompts provided by the Remote Installation Services Setup wizard, including:
    • A location on the server where the RIS folder will be created
    • Whether the RIS server should begin servicing client computers immediately after completing setup
    • The location of the Windows 2000 Professional CD-ROM or a location on the network that contains the installation files
    • A location on the server where image installation files will be copied
    • A friendly description and associated help text that describes the OS image to users of the Client Installation wizard.

    After the Remote Installation Services Setup wizard completes, depending on the settings chosen, the RIS server either begins servicing client computers or pauses while you set RIS configuration options. The next section describes the configuration options available to an RIS administrator.

Configuring RIS

By default, an RIS server is not configured to begin servicing client computers immediately after the installation of RIS is completed. To configure RIS you must complete the following tasks:

  • Authorize RIS servers
  • Set RIS server properties
  • Set RIS client installation options
  • Set RIPrep image permissions

Authorizing RIS Servers

By specifying the RIS servers allowed to run on your network, you can prevent unauthorized (often referred to as rogue) RIS servers, ensuring that only RIS servers authorized by administrators can service clients. If an attempt is made to start an unauthorized RIS server on the network, it will be automatically shut down and thus unable to service client computers. An RIS server must be authorized before it can service client computers.

Follow these steps to authorize RIS servers:

  1. Click Start, point to Programs, point to Administrative Tools, and then click DHCP.
  2. In the DHCP console tree, click the DHCP node.
  3. On the Action menu, click Manage Authorized Servers.
  4. In the Manage Authorized Servers dialog box, click Authorize.
  5. In the Authorize DHCP Server dialog box, type the name or IP address of the RIS server to be authorized, and then click OK.
  6. In the DHCP message box, click Yes.
  7. In the Manage Authorized Servers dialog box, select the computer, and then click OK.

    The authorized RIS server is now listed under the DHCP node.

Setting RIS Server Properties

By setting properties on individual RIS servers, you control how the server supplies RIS to clients requesting service.

Follow these steps to set RIS server properties:

  1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users And Computers.
  2. In the console tree, click the folder that contains the computer whose con-figuration you want to verify, such as Computers or Domain Controllers.
  3. In the details pane, right-click the applicable RIS server, and then click Properties.
  4. In the Properties dialog box for the server, click the Remote Install tab.
  5. In the Remote Install tab (see Figure 20.25) of the Properties dialog box, set the options described in Table 20.11.

Figure 20.25 Remote Install tab

Table 20.11 Options on the Remote Install Tab of the Properties Dialog Box

Configuration Option Description
Respond To Client Computers Requesting Service The RIS server responds to all clients requesting service.
Do Not Respond To Unknown Client Computers The RIS server does not respond to unknown client computers. This option is available only if the Respond To Client Computers Requesting Service check box is checked.
  1. In the Remote Install tab, click Advanced Settings.
  2. In the Remote Installation Services Properties dialog box for the server, in the New Clients tab (see Figure 20.26), set the options described in Table 20.12.

Figure 20.26 New Clients tab on the Remote Installation Services Properties dialog box

Table 20.12 Options on the New Clients Tab of the Remote Installation Services Dialog Box

Configuration Option Description
Generate Client Computer Names Using When the client computer name is automatically generated, this option determines how the name is formatted. It provides flexibility in naming new client computers during OS installation without the need for end user or administrator involvement.
Customize This option accesses the Computer Account Generation dialog box on which you can create a custom naming format for the client computer.
Client Account Location This option specifies one of three directory service locations of the client computer account. Default Directory Service Location specifies that the computer account object for the client computer be created in the Active Directory location where all computer accounts are created by default during the domain join operation. Same Location As That Of The User Setting Up The Client Computer specifies that the client computer account object be created within the same Active Directory container as the user setting up the machine. Use The Following Directory Service Location allows the administrator to set a specific Active Directory container where all client computer account objects installing from this server are created. It is assumed that most administrators will select this option and specify a specific container for all remote installation client computer account objects to be created in.
  1. In the Remote Installation Services Properties dialog box for the server, in the Images tab (see Figure 20.27), view the images installed on the RIS server. Click Add and follow the directions in the wizard to install additional images on the RIS server. See Lesson 7, "Administering RIS," for details.

Figure 20.27 Images tab on the Remote Installation Services Properties dialog box

  1. In the Remote Installation Services Properties dialog box for the server, in the Tools tab (see Figure 20.28), view the maintenance and troubleshooting tools installed on the RIS server.
  2. In the Remote Installation Services Properties dialog box, click OK.
  3. In the Properties dialog box for the server, click OK.

Administrators wishing to remotely manage their servers from computers running Windows 2000 Professional can access the administrative tools by installing the Windows 2000 Administration Tools package located on the Windows 2000 Server CD-ROM.

Figure 20.28 Tools tab on the Remote Installation Services Properties dialog box

NOTE


When using Windows 2000 Administration Tools on a system other than the RIS server, the administrator cannot add additional OS images or verify the integrity of the RIS server. All other configuration options are available.

Setting RIS Client Installation Options

By setting the RIS client installation options, you can control the options presented to different groups of users during the Client Installation wizard. There are four client installation options (see Figure 20.23) that can appear on the Client Installation wizard:

  • Automatic Setup
  • Custom Setup
  • Restart A Previous Setup Attempt
  • Maintenance And Troubleshooting

Automatic Setup

The Automatic Setup option is the client installation option that all users of the Remote OS Installation feature have access to by default. The Automatic Setup option allows you to restrict the OS installation options so that that the user simply logs on and the OS installation starts automatically. The user is not prompted during the OS install, which avoids calls to help desk professionals for assistance and saves the organization additional expenses in support costs.

While restricting installation options, you can still allow users to choose the OS for installation. Remote OS Installation allows you to provide a friendly description and associated help text that describes the OS options so that an end user can choose the most appropriate OS.

By preselecting the Remote OS Installation configuration options, you predefine the automatic machine naming format and the location within Active Directory where client computer accounts will be created.

Custom Setup

The Custom Setup option is very similar to the Automatic Setup option, but it also allows you to set up a computer for another person within the organization. This option can be used to fully preinstall a client computer or to prestage the client computer by creating a corresponding computer account within the Active Directory service.

The Custom Setup option lets you override the automatic computer naming and location where the computer account is created within Active Directory. By default, the RIS server will generate a computer name based on a format defined by the Remote OS Installation administrator. You can also define where client computer account objects (CAOs) will be created in the Active Directory service during the installation. By default, the automatic computer naming policy is set to create computer names based on the person who logs on to the Client Installation wizard.

Restart A Previous Setup Attempt

The Restart A Previous Setup Attempt option is provided in the event that the installation of the OS fails for any reason. The Client Installation wizard can be customized to ask a series of questions about the specific OS being installed. When restarting a failed OS setup attempt, the end user is not asked these questions again. Rather, Setup already has this information and simply restarts the file copy operation and completes the OS installation.

Maintenance And Troubleshooting

The Maintenance And Troubleshooting option provides access to third-party hardware and software vendor tools. These tools range from system BIOS flash updates and memory virus scanners to a wide range of computer diagnostic tools that check for hardware-related problems. These tools are available before installing and starting the OS on the client computer.

If the option to display the Maintenance And Troubleshooting menu is enabled, user access to individual tool images is controlled in the same way as OS options, by setting specific end user permissions on the individual answer file (.sif) for that tool. For example, you can allow end users access to only one computer diagnostic tool while providing help desk professionals with access to the entire suite of diagnostic tools. When the user calls a help desk professional for assistance, the professional can guide him or her through the diagnostic tool to get the information necessary to diagnose the problem. If the help desk staff must visit the end user for further investigation, they simply log on to the Client Installation wizard and, based on their credentials, they can access the tools they need to resolve the problem.

Follow these steps to set client installation options:

  1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users And Computers.
  2. In the console tree, right-click the applicable OU, such as Computers or Domain Controllers, click Properties, and then click the Group Policy tab.
  3. In the Properties dialog box for the Group Policy, click the Group PolicyGPO, and then click Edit to start Group Policy.
  4. In the Group Policy console tree, click User Configuration, open Windows Settings, and then click Remote Installation Services.
  5. Double-click the Choice Options object.

    In the Choice Options Properties dialog box (see Figure 20.29), the following installation options affect how the Client Installation wizard appears to users:

    • Automatic Setup
    • Custom Setup
    • Restart Setup
    • Tools

Figure 20.29 Choice Options Properties dialog box

  1. Click one of the following Group Policy options for each installation option:
    • Allow. Use this policy option to offer the installation option to users to which this policy applies.
    • Don't Care. Use this policy option to accept the policy settings of the parent container. For example, if the administrator for the entire domain has set Group Policy that is specific to RIS, and the administrator of this container has chosen the Don't Care option, the policy that is set on the domain is applied to all users that are affected by that policy. Don't Care is the default setting.
    • Deny. Use this policy option to deny the users that are affected by this policy access to the installation option.
  2. In the Choice Options Properties dialog box, click OK.
  3. Close the Group Policy snap-in, and then, in the Properties dialog box for the Group Policy, click OK.

NOTE


Because the changes that you make to RIS policy take effect only when the policy is propagated (applied) to your computer, do one of the following to initiate policy propagation:
  • Type secedit /refreshpolicy user_policy at the command prompt, and then press Enter.
  • Restart your computer.
  • Wait for automatic policy propagation, which occurs at regular, configur-able intervals. By default, policy propagation occurs every 8 hours.

Setting RIPrep Image Permissions

By specifying which users or groups of users should have access to the RIPrep OS images available on the RIS server, you can guide users through the selection of the unattended OS installation appropriate for their role within the company. By default, when an OS image is added to an RIS server, the image is available to all users serviced by that RIS server.

Follow these steps to set RIPrep image permissions:

  1. Click Start, point to Programs, point to Accessories, and then click Windows Explorer.
  2. In the \RemoteInstall\Setup\applicable_language\Images\applicable_image_name\ i386\templates folder (or the location on the server where you chose to copy image installation files), right-click the appropriate .sif file, and then click Properties.
  3. In the Properties dialog box for the file, click the Security tab.
  4. Set the appropriate permissions to allow users access to images, and click OK.

NOTE


To reduce the work involved in maintaining the security applied to images, where possible, set the security on the Templates folder of the image rather than the individual .sif files. Grant or restrict access to groups rather than individual users.

Create an RIPrep Image

To build and maintain standard desktops, many organizations use disk imaging or cloning software that allows you to configure a client computer exactly as you want it, and then make a copy of that image for installation on client computers on the network. Remote OS Installation supports creation and installation of standard desktop images using RIPrep images.

Before you can create an RIPrep image, you must complete the following tasks:

  • Create the source computer
  • Configure the workstation

Creating the Source Computer

To create the source computer, use the Remote OS Installation feature to remotely install the base Windows 2000 Professional OS. Once the OS is installed, you can install applications or application suites, including in-house line of business (LOB) applications. Then configure the workstation to adhere to company policies. For example, you may choose to define specific screen colors, set the background bitmap to a company-based logo, remove any games installed by the base OS, and set Internet Explorer proxy settings.

Configuring the Workstation

When creating RIPrep images, it is important to understand the relationship of user profiles, the changes made to an RIPrep source computer, and the desired result for users that log on to computers that are installed using the RIPrep image. Applications that carry the "Certified for Windows" logo properly separate user-specific and computer-specific configuration settings and data, and can therefore be installed computer-wide so that they are available to all users of the system. Such applications would also then be available to all users of systems later installed with the resulting RIPrep image. Non-Windows 2000-compliant applications may perform and/or rely on per-user configurations that are specific to the profile of the user actually installing the application prior to running RIPrep (typically a local administrator), rather than to all users of the system. Such configurations remain specific to that user, which may result in the application or configuration setting not being available or not functioning properly for users of computers installed with the RIPrep image. In addition, some nonapplication configuration changes, such as the wallpaper specified for the user desktop, are by default applied only to the current user's profile and will not be applied to users of systems installed with the RIPrep image.

You must thoroughly test any applications or configuration settings desired for use in an RIPrep image to ensure they will work properly with your organization's implementation of user profiles. To test, make the change as one user (typically a local administrator of the computer), log off, and log on as a user account that is representative of your organization. If the changes you made are applied to the second user, the changes will also apply to users that log on to systems installed with an RIPrep image that contains the same change. To complete the test, create an RIPrep image, restore it to a different computer, and log on as a different representative user. Verify that the changes are applied and fully functional.

Some configuration settings can be copied directly from the profile they were applied to (the local administrator in the preceding example) the All Users profile, such as the desktop wallpaper, some Start menu options, and shortcuts. However, all such changes must be tested carefully to verify that their functionality is not broken by the manual adjustments.

Creating an RIPrep Image

When the workstation is configured exactly to specifications, you are ready to create an RIPrep image.

Follow these steps to create an RIPrep image:

  1. On the client workstation, click Start, click Run, and then type the UNC path of the RIPrep utility in the Open box and click OK. For example: \\Server\Share\RemoteInstall\Admin\I386\ RIPREP.EXE
  2. In the Welcome To The Remote Installation Preparation Wizard dialog box, click Next.
  3. Continue through the prompts provided by the Remote Installation Preparation wizard, including the following:
    • Server Name. The name of the server to which this installation image will be copied. By default this is the server on which you are running the Remote Installation Preparation wizard.
    • Folder Name. The name of the folder on the RIS server to which this installation image will be copied.
    • Friendly Description And Help Text. A friendly description and associated help text that describes the OS image to users of the Client Installation wizard.
  4. Stop all programs or services on the source computer before proceeding. Review the list of programs or services that are currently running on the source computer, close any running applications, and then click Next.
  5. Review the settings summary, and then click Next.
  6. Review the information from Completing The Remote Installation Preparation Wizard and click Next to replicate the source computer installation image onto the RIS server.

    NOTE


    If the source computer contains a 1 GB disk drive and the destination computer contains a 2 GB disk drive, by default RIS formats the destination computer's drive as a 2 GB partition in the same file system format as the source computer used to create the image.

    After the initial image questions have been answered, the wizard configures the workstation to a generic state, removing anything unique to the client installation such as the computer's unique security identifier (SID), computer name, and any registry settings unique to that system. Once the preparation phase is complete, the image is automatically replicated to the RIS server provided. After the image is replicated to the RIS server, it is added to the list of available OS installation choices displayed within the Client Installation wizard. At this point, any remote boot-enabled or compatible client computers that use the PXE-based remote boot technology can install the image.

  7. The source computer shuts down when the image replication process is complete. The abbreviated Setup program automatically runs when you restart the source computer. Complete the setup process to use this client computer to create another installation image.

RIPrep Requirements

  • The destination computer (the computer that installs the image posted to the RIS server) is not required to contain hardware identical to that of the source computer that was used to create the image. RIPrep uses the Plug and Play support in the computer running Windows 2000 Professional to detect differences between the source and the destination computers' hardware during image installation. However, the hardware abstraction layer (HAL) drivers must be the same between the source computer and all destination computers that later install the image (for example, they both must be Advanced Configuration and Power Interface (ACPI)-based or both must be non-ACPI-based). In most cases, workstations do not require the unique HAL drivers that servers require.
  • The destination computer's disk capacity must be equal to or larger than that of the source computer.
  • All copies of Microsoft software made or installed using RIS must be properly licensed. All copies of other software made or installed using RIS must be properly licensed, and it is the licensee's obligation to ensure that it is licensed to make any such copies.

RIPrep Limitations

  • RIPrep currently supports replicating a single disk-single partition (C partition only) Windows 2000 Professional installation to an available RIS server. This means that the OS and all of the applications that make up the standard installation must reside on the C partition prior to running the Remote Installation Preparation wizard.
  • Th e Remote Installation Preparation wizard currently allows source image replication only to available RIS servers. Source replication to alternate drives or media types is not supported.
  • Replication of encrypted files is not supported.
  • Changes made in the source computer's registry before running the Remote Installation Preparation wizard are not maintained in the installation image.
  • Modifications to replicated installation images are not supported.

Installation Image Sources

When you use the Remote Installation Preparation wizard to create an installation image of a client computer that was originally installed using a retail version (rather than a Select or original equipment manufacturer [OEM] version) of Windows 2000 Professional, the RIS unattended setup answer file (RIPREP.SIF) must be modified to include the product identification number (PID). The PID is a unique identification number specific to each copy of Windows 2000 Professional used to identify the OS installation and track the number of copies installed throughout an organization.

NOTE


If the PID is not entered in the RIPREP.SIF file, the installation process stops and the user is prompted for the PID information during the installation of that RIPrep image.

Follow these steps to include the PID in the RIPREP.SIF file:

  1. Open the RIPREP.SIF file located at \RemoteInstall\Setup\applicable_ language\Images\applicable_image_name\I386\Templates\RIPREP.SIF.
  2. Type ProductID = "xxxxx-xxx-xxxxxxx-xxxxx" (including the dashes and quotation marks, where x is the PID of the retail version of Windows 2000 Professional) into the [UserData] section of the RIPREP.SIF file.

The PID for each client installation is randomly generated using the PID entered in the RIPREP.SIF file.

When the source computer OS is installed from the Select or OEM version of the Windows 2000 Professional CD, the PID does not need to be modified in the RIPREP.SIF file.

Creating an RIS Boot Disk

You must create a boot disk to support existing client computers that do not have a PXE-based remote boot-enabled ROM but do have a supported network adapter. The RIS boot disk works like the PXE boot process. First you: turn on the computer, booting from the RIS boot disk. Then you immediately press F12 to initiate a network service boot, and the Client Installation wizard is downloaded and starts. Once the Client Installation wizard starts, the rest of the RIS process is identical regardless of whether the client was booted using a PXE boot ROM or the RIS remote boot disk.

Follow these steps to create an RIS boot disk:

  1. Click Start, click Run, and then type the UNC path of the RBFG utility in the Open box and click OK. For example: \\server\share\RemoteInstall\Admin\I386\RBFG.EXE
  2. Insert a formatted disk into the disk drive.
  3. In the Windows 2000 Remote Boot Disk Generator dialog box (see Figure 20.30), click the appropriate destination drive option (either Drive A or Drive B), and then click Create Disk.

Figure 20.30 Windows 2000 Remote Boot Disk Generator dialog box

  1. Click Close when the disk is ready, and then remove the disk from the disk drive.

NOTE


You can use the boot disk only with computers that contain supported PCI-based network adapters. To view the list of supported network adapters, click Adapter List in the Windows 2000 Remote Boot Disk Generator dialog box.

Verifying an RIS Configuration

RIS enables you to check the integrity of the RIS-enabled server. You can verify an RIS configuration if you suspect that the server is failing, if you are currently seeing inconsistent behavior, or if you need to restore an RIS volume from backup. The Check Server wizard checks whether all of the settings, services, and configuration options are correctly set and functioning.

Follow these steps to verify an RIS configuration:

  1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users And Computers.
  2. In the console tree, click the folder that contains the computer whose configuration you want to verify, such as Computers or Domain Controllers.
  3. In the details pane, right-click the applicable RIS server, and then click Properties.
  4. In the Properties dialog box for the server, in the Remote Install tab, click Verify Server to start the Check Server wizard.
  5. On the Welcome To The Check Server Wizard page, click Next.
  6. Read the summary on the Remote Installation Services Verification Complete page, and then click Finish.

NOTE


If you are verifying the server configuration because you need to restore an RIS volume from backup, you must verify the server configuration before you restore the volume.

Lesson Summary

In this lesson you learned about the tasks necessary to implement RIS, including setting up and configuring RIS, creating an RIPrep image, creating an RIS boot disk, and verifying an RIS configuration.



MCSE Training Kit(c) Microsoft Windows 2000 Accelerated 2000
MCSE Training Kit(c) Microsoft Windows 2000 Accelerated 2000
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 244

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net