For those who have worked with Windows 2000 networks, Remote Installation Service (RIS) is a familiar Windows component used for creating and deploying on-demand desktop images. Though the desktop deployment features are still included, Windows Server 2003 now extends the functionality of RIS to include the ability to create on-demand server images for all versions of Windows 2000 and 32-bit versions of the Windows Server 2003 operating system. RIS Is Not Included RIS is not included in the Windows Server 2003, Web Edition operating system. The primary benefits of using RIS for building Windows Server 2003 servers include the following:
System Requirements for RISTo take advantage of RIS, there are certain hardware and software system requirements that must be met. The following list describes the hardware requirements for building a RIS server:
For the machine that will serve as the template, in other words, the machine from which an image will be taken, there are a couple of hardware requirements as well:
To Obtain a List of Network Adapters that RIS Supports... run the Rbfg.exe utility that is installed with Remote Installation Service. This file can be found in \\server- name \reminst\admin\ i386\rbfg.exe. The networking environment in which you install a RIS server must meet a few requirements as well. These requirements are listed here:
Finally, some additional considerations that are more software-based are needed when planning to use RIS. These include the following:
Although there seems to be a rather long list of prerequisites to using RIS, most Windows Server 2003 environments will have all of the elements mentioned previously present already. As such, most companies would be able to add this service to their infrastructure quite easily with a single additional server with a good size data partition. Creating a Remote Installation Preparation Wizard (RIPrep) ImageThere are two types of operating system images that can be used with RIS. The first type is a flat image, which is similar to using a CD install, only the installation files are located on a RIS server. The benefit of using a flat image type is that RIS supports flat images for all Windows 2000, XP, and Windows Server 2003 editions, including 64-bit editions. Riprep Images Cannot Be Used for 64-Bit Versions of Windows Server 2003 RIPrep images cannot be used for 64-bit versions of Windows Server 2003 and cannot be used to create images of Windows 2000 if Internet Information Server (IIS) is installed. The second type of RIS image is a Remote Installation Preparation Wizard (RIPrep) image. The RIPrep image type enables you to add application installations and other customizations to the image. RIPrep also uses the Plug and Play feature; therefore computers targeted with these images do not have to be exactly the same, though they do need to share the same Hardware Abstraction Layer (HAL). Because of this flexibility to customize the image, the RIPrep image has the most practical utility for most companies. The remainder of this section will detail the process by which a RIPrep image is created. To install a RIPrep image of a Windows Server 2003, perform the following steps:
Multiple Profiles on the Source Machine At this point, a screen might appear indicating multiple profiles on the source machine, or services that are still running that should be stopped . See Figure 11.4 for an example of this screen. It is recommended to stop these services before proceeding. Figure 11.4. Running the RIPrep utility.
Installer Must Be An Administrator To run the RIPrep utility, the installer must be an administrator on the source machine and have permission to write to the RIS server data folder. When the replication process completes, the source server will shut down. When the source server starts up again, it will run a mini-setup. RISETUP Utility The RISETUP utility must be run in the security context of an Enterprise Administrator to authorize a RIS server in Active Directory. Securing Server ImagesRIS in Windows Server 2003 provides functionality for securing the imaging process of servers and desktops. RIS has an authorization feature that will prevent unauthorized RIS servers from making images available on an Active Directory network. RIS can be used to specify which RIS servers can accept and process requests, and which RIS servers can only service clients on the network. Before a RIS server can accept requests, it must be authorized to run in Active Directory. To authorize a RIS server in Active Directory, run RISETUP Check. RIS also offers the capability to individually secure particular images. Using this feature allows flexibility on who is able to install the various images from the RIS server. For example, to limit access to install a Windows Server 2003 image from a RIS server to the Domain Admins group, the Authenticated Users group should be removed from the permissions on that particular image. Making the Most of the RIS Deployment ToolRIS is a valuable deployment tool for companies that use it correctly. To gain the efficiency, security, and disaster recovery benefits of using RIS, consider the following best practices in designing and maintaining an enterprise RIS solution:
|