5.7. Windows Client Configuration In the next few sections, you can configure a new Windows XP Professional disk image on a staging machine. You will configure all software, printer settings, profile and policy handling, and desktop default profile settings on this system. When it is complete, you copy the contents of the C:\Documents and Settings\Default User directory to a directory with the same name in the NETLOGON share on the domain controllers. Much can be learned from the Microsoft Support site regarding how best to set up shared profiles. One knowledge-base article in particular stands out: "How to Create a Base Profile for All Users."[22] [22] <http://support.microsoft.com/default.aspx?scid=kb;EN-US;168475>
5.7.1. Configuration of Default Profile with Folder Redirection Log onto the Windows XP Professional workstation as the local Administrator. It is necessary to expose folders that are generally hidden to provide access to the Default User folder. EXPOSE HIDDEN FOLDERS 1. | Launch the Windows Explorer by clicking Start  Show hidden files and folders, and click OK. Exit Windows Explorer.
| 2. | Launch the Registry Editor. Click Start regedt32, and click OK.
|
REDIRECT FOLDERS IN DEFAULT SYSTEM USER PROFILE 1. | Give focus to HKEY_LOCAL_MACHINE hive entry in the left panel. Click File OK.
| 2. | Browse inside the newly loaded Default folder to:
HKEY_LOCAL_MACHINE\Default\Software\Microsoft\Windows\ CurrentVersion\Explorer\User Shell Folders\
The right panel reveals the contents as shown in Figure 5.3.
Figure 5.3. Windows XP Professional User Shared Folders 
| 3. | You edit hive keys. Acceptable values to replace the %USERPROFILE% variable includes:
A drive letter such as U: A direct network path such as \\MASSIVE\profdata A network redirection (UNC name) that contains a macro such as %LOGONSERVER%\profdata\
| 4. | Set the registry keys as shown in Table 5.4. Your implementation makes the assumption that users have statically located machines. Notebook computers (mobile users) need to be accommodated using local profiles. This is not an uncommon assumption.
Table 5.4. Default Profile RedirectionsRegistry Key | Redirected Value |
|---|
Cache | %LOGONSERVER%\profdata\%USERNAME%\InternetFiles | Cookies | %LOGONSERVER%\profdata\%USERNAME%\Cookies | History | %LOGONSERVER%\profdata\%USERNAME%\History | Local AppData | %LOGONSERVER%\profdata\%USERNAME%\AppData | Local Settings | %LOGONSERVER%\profdata\%USERNAME%\LocalSettings | My Pictures | %LOGONSERVER%\profdata\%USERNAME%\MyPictures | Personal | %LOGONSERVER%\profdata\%USERNAME%\MyDocuments | Recent | %LOGONSERVER%\profdata\%USERNAME%\Recent |
| 5. | Click back to the root of the loaded hive Default. Click File 6. | Click File 7. | Now follow the procedure given in Section 5.3.1.3. Make sure that each folder you have redirected is in the exclusion list.
| 8. | You are now ready to copy[23] the Default User profile to the Samba domain controllers. Launch Microsoft Windows Explorer, and use it to copy the full contents of the directory Default User that is in the C:\Documents and Settings to the root directory of the NETLOGON share. If the NETLOGON share has the defined UNIX path of /var/lib/samba/netlogon, when the copy is complete there must be a directory in there called Default User.
[23] There is an alternate method by which a default user profile can be added to the NETLOGON share. This facility in the Windows System tool permits profiles to be exported. The export target may be a particular user or group profile share point or else the NETLOGON share. In this case, the profile directory must be named Default User.
|
Before punching out new desktop images for the client workstations, it is perhaps a good idea that desktop behavior should be returned to the original Microsoft settings. The following steps achieve that ojective: RESET FOLDER DISPLAY TO ORIGINAL BEHAVIOR 1. | To launch the Windows Explorer, click Start Show hidden files and folders, and click OK. Exit Windows Explorer.
|
5.7.2. Configuration of MS Outlook to Relocate PST File Microsoft Outlook can store a Personal Storage file, generally known as a PST file. It is the nature of email storage that this file grows, at times quite rapidly. So that users' email is available to them at every workstation they may log onto, it is common practice in wellcontrolled sites to redirect the PST folder to the users' home directory. Follow these steps for each user who wishes to do this. Note  | It is presumed that Outlook Express has been configured for use. |
Launch Outlook Express 6. Click Tools Follow the on-screen prompts to relocate the PST file to the desired location. 5.7.3. Configure Delete Cached Profiles on Logout Configure the Windows XP Professional client to auto-delete roaming profiles on logout: Click Start MMC and click OK. Follow these steps to set the default behavior of the staging machine so that all roaming profiles are deleted as network users log out of the system. Click File The Microsoft Management Console now shows the Group Policy utility that enables you to set the policies needed. In the left panel, click Local Computer Policy Do not check for user ownership of Roaming Profile Folders = Enabled Delete cached copies of roaming profiles = Enabled Close the Microsoft Management Console. The settings take immediate effect and persist onto all image copies made of this system to deploy the new standard desktop system. 5.7.4. Uploading Printer Drivers to Samba Servers Users want to be able to use network printers. You have a vested interest in making it easy for them to print. You have chosen to install the printer drivers onto the Samba servers and to enable point-and-click (drag-and-drop) printing. This process results in Samba being able to automatically provide the Windows client with the driver necessary to print to the printer chosen. The following procedure must be followed for every network printer: STEPS TO INSTALL PRINTER DRIVERS ON THE SAMBA SERVERS 1. | Join your Windows XP Professional workstation (the staging machine) to the MEGANET2 domain. If you are not sure of the procedure, follow the guidance given in Chapter 15, "A Collection of Useful Tidbits", Section 15.1.
| 2. | After the machine has rebooted, log onto the workstation as the domain root (this is the Administrator account for the operating system that is the host platform for this implementation of Samba.
| 3. | Launch MS Windows Explorer. Navigate in the left panel. Click My Network Places Massive Printers and Faxes.
| 4. | Identify a printer that is shown in the right panel. Let us assume the printer is called ps01-color. Right-click on the ps01-color icon and select the Properties entry. This opens a dialog box that indicates that "The printer driver is not installed on this computer. Some printer properties will not be accessible unless you install the printer driver. Do you want to install the driver now?" It is important at this point you answer No.
| 5. | The printer properties panel for the ps01-color printer on the server MASSIVE is displayed. Click the Advanced tab. Note that the box labeled Driver is empty. Click the New Driver button that is next to the Driver box. This launches the "Add Printer Wizard".
| 6. | The "Add Printer Driver Wizard on MASSIVE" panel is now presented. Click Next to continue. From the left panel, select the printer manufacturer. In your case, you are adding a driver for a printer manufactured by Lexmark. In the right panel, select the printer (Lexmark Optra Color 40 PS). Click Next, and then Finish to commence driver upload. A progress bar appears and instructs you as each file is being uploaded and that it is being directed at the network server \\massive\ps01-color.
| 7. | The driver upload completes in anywhere from a few seconds to a few minutes. When it completes, you are returned to the Advanced tab in the Properties panel. You can set the Location (under the General tab) and Security settings (under the Security tab). Under the Sharing tab it is possible to load additional printer drivers; there is also a check-box in this tab called "List in the directory". When this box is checked, the printer will be published in Active Directory (Applicable to Active Directory use only.)
| 8. | Click OK. It will take a minute or so to upload the settings to the server. You are now returned to the Printers and Faxes on Massive monitor. Right-click on the printer, click Properties 9. | This is necessary so that the printer settings are initialized in the Samba printers database. Click Apply to commit your settings. Revert any settings you changed just to initialize the Samba printers database entry for this printer. If you need to revert a setting, click Apply again.
| 10. | Verify that all printer settings are at the desired configuration. When you are satisfied that they are, click the General tab. Now click the Print Test Page button. A test page should print. Verify that it has printed correctly. Then click OK in the panel that is newly presented. Click OK on the ps01-color on massive Properties panel.
| 11. | You must repeat this process for all network printers (i.e., for every printer on each server). When you have finished uploading drivers to all printers, close all applications. The next task is to install software your users require to do their work.
|
5.7.5. Software Installation Your network has both fixed desktop workstations as well as notebook computers. As a general rule, it is a good idea to not tamper with the operating system that is provided by the notebook computer manufacturer. Notebooks require special handling that is beyond the scope of this chapter. For desktop systems, the installation of software onto administratively centralized application servers make a lot of sense. This means that you can manage software maintenance from a central perspective and that only minimal application stubware needs to be installed onto the desktop systems. You should proceed with software installation and default configuration as far as is humanly possible and so long as it makes sense to do so. Make certain to thoroughly test and validate every aspect of software operations and configuration. When you believe that the overall configuration is complete, be sure to create a shared group profile and migrate that to the Samba server for later reuse when creating custom mandatory profiles, just in case a user may have specific needs you had not anticipated. 5.7.6. Roll-out Image Creation The final steps before preparing the distribution Norton Ghost image file you might follow are: Unjoin the domain Each workstation requires a unique name and must be independently joined into domain membership. Defragment the hard disk While not obvious to the uninitiated, defragmentation results in better performance and often significantly reduces the size of the compressed disk image. That also means it will take less time to deploy the image onto 500 workstations. | 