In this appendix, you will consider methods available to deploy Microsoft Windows 2000 Professional on a large number of client workstations. The two ways in which clients can be enabled to run Windows 2000 Professional are by upgrading an existing system or by installing a clean copy of Windows 2000 Professional. When a clean install is performed on a machine, all previously installed programs and settings are completely destroyed.
Table B.1 shows the standard automated installation techniques available and how each can be used.
Table B.1 Deployment Options
|Installation Tool||Installs which Windows 2000 Edition||Performs Upgrade||Performs Clean Install||Comments|
|Unattended Setup Answer File||Professional & Server||Yes||Yes||Used to automate an upgrade or installation by supplying answers to the setup process|
|SysPrep||Professional & Server||No||Yes||Used when the target computers have identical hardware, including the HAL and mass storage devices.|
|SysPart||Professional & Server||No||Yes||Used to build disk images that can be fitted into target machines to install Windows 2000 automatically.|
|Bootable CD-ROM||Professional & Server||No||Yes||Used on computers whose BIOS allows them to boot from the CD-ROM drive.|
|Remote Operating System Installation||Professional||No||Yes||Used to remotely install a Windows 2000 image on a system. No need to visit target computers.|
|SMS||Professional & Server||Yes||Yes||Used to deploy migration tasks to multiple systems that might be geographically remote.|
The answer file takes the place of user selections that would normally be requested during the Windows 2000 installation:
winnt32 /S:Z:\I386 /U:Z:\unattend.txt
The command above will attempt an installation of Windows 2000. The /S option specifies the source directory containing the Windows 2000 distribution folders. The /U option specifies the answer file used for unattended installation to control the installation process. In the above example, Z: represents the drive where the source files are held, and Unattend.txt represents the name of the answer file. The answer file is a text file that contains a number of sections, each dealing with a particular aspect of system configuration. For full details of the format of the answer file, extract the Unattend.doc file ("Microsoft Windows 2000 Guide to Unattended Setup") from the Deploy.cab file in the \Support\Tools folder of the Windows 2000 installation CD.
The Windows 2000 Setup Manager wizard, as shown in Figure B.1, can be used to create an answer file such as Unattend.txt to automate the installation of Windows 2000. To open the Setup Manager, extract the files in the Deploy.cab file in the \Support\Tools folder of the Windows 2000 installation CD and then open Setupmgr.exe.
Setup Manager has three components. Clicking the General Setup button shown in Figure B.1 opens the General Setup Options dialog box shown in Figure B.2. The General Setup Options dialog box can be used to create many of the general answer file specifications, the Networking Setup button can be used to set up network protocols and services, and the Advanced Setup button can be used to configure hardware components such as mouse and keyboard drivers.
Figure B.1 Setup Manager wizard
Figure B.2 General Setup Options dialog box
The Setup Manager wizard is not able to
The Setup Manager wizard can be used to modify an existing settings file, create an empty settings file, or create an answer file that duplicates the present configuration of a machine. It can also configure the user interaction level required during the install, from a fully automated installation to just providing the settings as defaults.
The answer file that is produced can be used in an installation, to perform a SysPrep installation (described next), or for use within RIS (described later).
During the creation of the answer file, you have the option to enter the Administrator password. Note that this password is held in text form in the answer file and is a potential security risk, as it is immediately visible to anyone who can view the file.
Once the answer file has been created, you can then edit it using a text editor such as Notepad and define additional parameters.
SysPrep is a utility program that enables you to use disk duplication to ease the installation of Windows 2000 on a large number of target machines. The Sysprep.exe program is contained in the Deploy.cab file in the \Support\Tools folder of the Windows 2000 installation CD. A master copy of an installation is prepared and then duplicated using third-party software onto the hard disks of the target systems.
The sequence of steps when using SysPrep would be as follows:
The Mini-Setup Wizard automatically finalizes Windows 2000 configuration and creates a unique SID for each computer system.
At the start of the distribution process, Windows 2000 is installed and configured on a master computer. Any required applications are added to this system to build an environment as required by the users. Once the installation has been audited and verified as correct, SysPrep is used to prepare the disk in the master computer for duplication.
When SysPrep completes, the disk in the master computer can be duplicated or distributed using an appropriate third-party tool. When a system containing a duplicated disk boots up, it performs a "mini-setup." Once the mini-setup has completed, the system reboots and the SysPrep folder is deleted, leaving a finished installation. The SysPrep process gives each machine a new, unique SID value during the install process.
The Mini-Setup Wizard runs the first time a computer is booted from a disk that has been created using SysPrep. It configures any Plug and Play devices on the target system and prepares Windows 2000 for execution on that machine. It reads the Sysprep.inf file and requests user input for any configuration items that are not supplied.
Normally, the Mini-Setup Wizard will request the user for configuration infor-mation. The Sysprep.inf file can be placed on the computer to customize and automate the installation of Windows 2000. The Sysprep.inf file contains configuration information that is used by the Mini-Setup Wizard. It is possible to provide this file on a floppy disk for use during the installation process.
You can also use SysPrep to audit an installation to ensure that it is configured correctly. This audit option removes the need to test the image on other systems. When running SysPrep in audit mode, it will not create new SID values for the system. However, SysPrep will perform all other installation options using the Mini-Setup Wizard and the Sysprep.inf file. The system can then be tested to ensure that all the settings are as required. Once the settings are verified, you would then rerun SysPrep to produce the image to be deployed.
Because the Mini-Setup Wizard performs Plug and Play enumeration of hardware in a system, it is not necessary for all the target machines to have exactly the same hardware configuration, but they must have the following:
If you have different hardware configurations, you will need a number of SysPrep images to be prepared and deployed.
SysPart is used in a situation in which you require similar Windows 2000 installations on a range of target machines that have differing physical hardware. SysPart is a new parameter that can be specified in the Winnt32.exe command that will perform the initial copy aspect of a Windows 2000 installation to a second hard disk in a reference computer. This second hard disk can then be imaged or placed into another computer, and the installation procedure for Windows 2000 can then be completed.
Unlike SysPrep, disks that are produced using SysPart are not Windows 2000 installations; instead, the disk contains the Windows 2000 distribution folders and a file that is used to control the resulting unattended installation. To prepare a system for installation in this way, you add additional parameters to the Windows 2000 setup program command:
winnt32 /S:Z:\I386 /unattend:unattend.txt /syspart:D /tempdrive:D noreboot
The drive letter after the /syspart option specifies the drive onto which the Windows 2000 distribution will be copied. The /tempdrive option is also required and must be set to the same drive. When the setup program finishes, it marks the SysPart partition as active. The next time the system is rebooted, it will be from this partition.
The prepared drive must be removed from the master system and installed or duplicated using another machine. The Unattended.txt file is used to configure Windows 2000 Setup when it runs on the target. It can be left out of the command, in which case, a standard installation will be performed.
For example, if you have a computer with a host name Michaelis containing two disk drives C: and D:, you can prepare the D: drive with the Windows 2000 files by running this command:
winnt32 /S:Z:\I386 /syspart:D /tempdrive:D noreboot
This command will do the following:
Figure B.3 SysPart hard disk initialization
Figure B.4 SysPart-created boot.ini file
Using SysPart does not preinstall any part of the Windows 2000 system on the disk, but it does eliminate the need for additional media such as a CD-ROM drive or a network connection. Windows 2000 is installed more quickly, as it does not have to be copied onto the system at the start of the installation.
When using this method, please note the following:
Best practice is to create a bootable Windows 2000 disk for your reference system prior to using SysPart. Otherwise, the C: drive in your reference system will no longer be bootable, and you will have to use recovery techniques to reboot into Windows 2000. Once you have used SysPart, remove the target hard disk. If it is a hot-swappable disk, you can reset the active partition by using Computer Management in the Administrative Tools folder. Otherwise, you might have to reboot using the bootable disk and then change the active partition back to the original C: drive in your reference machine.
In general, if you take an image of the drive for later deployment, ensure that the destination drive has the same geometry (sectors per track, number of tracks, and so on); otherwise, the copied disks might not boot correctly.
If the target machines are able to boot from the CD-ROM drive, Windows 2000 can be deployed in this way. Note that the bootable CD-ROM only detects existing versions of Windows 2000 on the hard disk and not any version of Windows NT, so the bootable CD-ROM install cannot be used to perform any upgrades of Windows NT. It can be used on a Windows NT system only to perform a clean install of Windows 2000. The setup can be configured as for an unattended installation. The unattended answer file must be supplied on a floppy disk. The file on the disk must be named Winnt.sif. The sequence for installation on a system using a CD-ROM is as follows:
If the client systems are connected to a network, it is possible to use the network to distribute Windows 2000 Professional. The distribution takes the form of a clean install in that it is not possible to perform an upgrade using Remote OS Installation. The installation starts with a client system booting up and making contact with a RIS server. This then drives the installation and configuration of the client system.
IntelliMirror and Remote OS Installation use a variety of Windows 2000 technologies to perform user settings management, user data management, software installation, and operating system installation. The technologies required by Remote OS Installation are shown in Table B.2.
Table B.2 Technologies Required by Remote OS Installation
|Technology||Use in Remote Operating System Installation|
|Remote Installation Services (RIS)||Manages and distributes Windows 2000 Professional image files to clients.|
|Dynamic Host Configuration Protocol (DHCP)||Allows remote clients to automatically acquire an IP address. They can then use TCP/IP to contact the RIS server.|
|Domain Name System (DNS)||Allows a client to resolve computer names into TCP/IP addresses.|
|Group Policies||Allows particular groups of users and computers to be assigned particular desktop configurations during the install.|
|Active Directory directory services||Allows client computers and RIS servers to locate each other. Holds the GPOs that are used to configure the installation process.|
In addition, the client systems must contain network cards that can be configured for remote boot and fitted with a remote boot ROM. If the network cards cannot boot from the network, a floppy disk can be created that will connect to the network and start the remote installation.
The RIS server is a service that can be installed on a Windows 2000 Server (see Figure B.5). It accepts requests from clients and distributes Windows 2000 images to them. For further information on deploying Windows 2000 via RIS, see Chapter 15 of MCSE Training Kit—Windows 2000 Active Directory Services from Microsoft Press.
Figure B.5 Installing RIS
The distribution of a large number of images can produce a lot of network traffic and loading on the host server. The timing and number of simultaneous distributions should be carefully controlled to reduce the impact on normal network operation.
Systems Management Server (SMS) is a management tool that uses Windows Management Instrumentation (WMI) and software scanners to build and maintain a detailed inventory of systems on a network. The information is held in a Microsoft SQL Server–based repository.
In addition, administrators can create and deploy jobs that are executed by the SMS agents on the systems. The jobs can perform a clean installation or an upgrade of software such as Windows 2000 Professional and Windows 2000 Server (and their associated service packs) on the client machines. SMS can also be used to contact agents in the remote systems and perform diagnostic tasks.
SMS is applicable only if the destination system is already running an operating system connected to SMS and running the appropriate agents. However, the inventory mechanisms that form part of SMS can be useful in managing the migration process, in that the number and nature of the upgrades that have been performed can be obtained from the SQL repository.
It might be necessary to install applications in addition to Windows 2000 Professional. Some of the installation tools just discussed allow applications to be distributed at the same time as the operating system. For example, you can use SysPrep to create an image that contains any number of additional programs.
For some installations, it might be necessary to set up the applications once Windows 2000 has been installed. This can be achieved by using the [GuiRunOnce] section, which can be added to the unattended answer file.
The [GuiRunOnce] section specifies commands to be executed the first time a user logs on to a computer after setup has completed. These commands can perform the installation of the applications. The commands can simply run the setup program of the required program (using a quiet form of the setup if possible), or they can invoke Windows Installer Service to perform the installation.
Windows Installer Service is a Windows 2000 component that performs the installation of applications on Windows systems. Windows Installer Service operates on Windows Installer package files. These are files with the extension .msi and describe the applications in a standard way to ensure that they can be installed correctly. Ideally, the applications to be distributed as part of a Windows 2000 migration should use Windows Installer Service and GPOs. Figure B.6 shows the locations for software installations and upgrades in a GPO.
Figure B.6 Software deployment location in a GPO
Third-party tools are available to repackage pre–Windows Installer applications into Windows Installer format. Windows 2000 includes WinINSTALL Limited Edition (LE) repackager, as shown in Figure B.7.
Figure B.7 Veritas Windows Installer Packager
Windows Installer Package Editor is supplied on the Windows 2000 installation CD in the \Valueadd\3rdparty\Mgmt\Winstle folder.
A complete lesson on using GPOs and Windows Installer for software management is contained in MCSE Training Kit—Windows 2000 Active Directory Services from Microsoft Press.