Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Remote or Unattended Installation Solutions? 45

Posted by Cliff from the not-habing-to-babysitting-newborn-servers dept.
HaloZero asks: "I work for a medium-sized company (350+ users), and am charged with new builds and deployments for a mix of aged and new desktops, and a smattering of similar laptops. The hardware is certainly not uniform across the entire infrastructure. Our current deployment 'system' (Ghost/Sysprep, Acronis/NewSID) is somewhat of a kludge -- as my mentor would say -- and I've been looking into alternative, cleaner methods. We're burgeoning on an Active Directory domain, so RIS has been the hot topic on my desk as of late. Does anyone have any experience with RIS? Is there anything that isn't very well documented that I should watch out for? We're considering other unattended install solutions, such as nLite, and a composite of Bart's PE Builder-type setups. Any other suggestions out there?"
This discussion has been archived. No new comments can be posted.

Remote or Unattended Installation Solutions? More

Remote or Unattended Installation Solutions?

Comments Filter:

  • Open Source project: Unattended (Score:5, Informative)

    by Scott Lockwood ( 218839 ) * on Friday June 09, 2006 @06:38PM (#15506241) Homepage Journal
    Why not use Unattended? http://unattended.sourceforge.net/ [sourceforge.net] - we use it, and it works wonders here. Unattended is a system for fully automating the installation of Windows 2000 Professional and Server, Windows XP, and Windows Server 2003. When you are finished setting up Unattended, you will be able to boot any PC from a floppy, from a CD-ROM, or directly from the network, answer a few questions, and come back an hour or two later to a fully-installed Windows workstation. We boot from the network, and the machines build themselves without our intervention. They have a step-by-step guide on how to set it up even.

    Note that RIS is not a very good solution. Even if you have uniform hardware, (Like Dell's, or HP/Compaq's) changing one driver can muck up the whole process. Not so with unattended. Being an Open Source project, you are im complete control of your build process.

  • RIS (Score:2, Informative)

    by narkotix ( 576944 )
    The thing with ris is that if you put in a lot of effort and time, you can make it do anything you want (and it pays off when you have multiple desktop platforms). I used to come from the ghost/acronis school of thought however after "seeing the light", RIS (and the new up and coming WIM solution - think of it as a combo b/w ris and ghost) is much better.

  • I'm afraid I haven't tried it recently... (Score:5, Funny)

    by ctid ( 449118 ) on Friday June 09, 2006 @06:48PM (#15506321) Homepage
    ... but Internet Explorer used to be very good at facilitating remote installs.

  • This was covered recently (Score:5, Informative)

    by Matt Perry ( 793115 ) <perry.matt54@ya[ ].com ['hoo' in gap]> on Friday June 09, 2006 @06:55PM (#15506358)
    This was covered recently in a nearly identical Ask Slashdot [slashdot.org] almost two months ago. You might find a lot of relvant information in the comments to that story. There were many great suggestions.

  • As it explains the article you linked from MS, the biggest hurtle you may have to jump is making sure that you meet the NIC requirement:

    "PXE DHCP-based boot ROM version 1.00 or later network adapter, or a network adaptor that is supported by the RIS boot disk."

    Because you have a hodge podge of clients on your network, you may have to make an investment to upgrade all your NICs if they don't meet spec. I would start first by determining what hardware you currently got and make some decisions on how mu

  • What we do, and how it scales... (Score:5, Informative)

    by mythosaz ( 572040 ) on Friday June 09, 2006 @07:24PM (#15506531)
    I support about 20,000 desktops, running mostly Windows XP, and here's what we do.

    For the actual system image itself, I've created a single DVD that contains a simple boot menu. There are some basic tools (like DBAN and an "old school" Bart's Network Boot Disk) but the bulk of the disk is devoted to an unattended XP install with (a) splipstreamed patches, (b) drivers for ALL of our major hardware models, (c)custom configuration, and (d) all of our enterprise software.

    Any time that Dell (or one of our other vendors - kiosks, tablets) ships us a new machine, I update one line in an INF file, add some drivers, and automatically build another image exactly to standard -- no mystyped keys -- no forgotten registry settings. The image completes, sysprep runs, the machine shuts off, and we make an image with Ghost to send to our vendors.

    That image is sent back to the OEM, and our boxes come pre-imaged. You don't need a lot of pull with your vendors for this. Most OEMs are hungry enough for your business that they'll do it no matter how small you are -- and Dell's CFI group has been a pleasure to work with.

    When a machine shows up at any of our 50+ facilities, the first thing it does after getting a machine-name post-sysprep is boot up, logon as the local administrator, and visit a webpage that presents a "pretty" front end to our automated software deployment tool. [We use Marimba.] The password for the administrative account is then changed to a unique pattern-based one automatically (to allow support from Desktop, but to prevent worm-like activity) and the machine is deployed with any regional or departmental programs chosen from the Marimba front-end.

    While you may not have Marimba or Alteris or SMS to do your customization dirty-work for you, you've got Active Directory, and people in the right OU's will get whatever you want deployed to them.

    Similarly, we use AD to do all of our policy management -- keeping enforcement of screensavers and proxy manageable.

    There's a great joy in having all of your machines running the EXACT same image - with "Extra" software installed from a known reference point (even network shares - as long as it's your network share).

    The unattended guides at MSFN.org are a fantastic reference for making an unattended CD/DVD.

    • Re:What we do, and how it scales... (Score:4, Interesting)

      by Oriumpor ( 446718 ) on Friday June 09, 2006 @09:54PM (#15507154) Homepage Journal
      I concur with the parent as far as building unattended installs goes:
      a few resources (some of which were mentioned earlier):
      MSFN.org [msfn.org]
      nlite [nliteos.com]
      BartPE [nu2.nu]
      Technet XP Deployment ref [microsoft.com]
      Disclaimer: Scan anything you download thoroughly for viruses. The worst thing you could do is inject a vulnerability in your image framework.

      If you are in the position to need to reload your systems for any reason remotely I would suggest using a PXE deployment solution of some kind. Ghost/Altiris both provide good PXE and post-install config utilities. We use altiris and deploy our images through PXE. This allows for imaging in place after the fact, something that we try do semi-anually.

      Every major vendor provides UNDI [nilo.org]-Driver capable on-board nics now-a-days, so the headache of PXE (nic specific) boot images is pretty much a thing of the past (unless you were one of the saps who bought the Gateway E-4300s.)

      There's something about booting to your nic, loading an image on a station in 8 minutes and monitoring the unattended install from a remote TS console miles away from the station you're reloading.
    • the first thing it does after getting a machine-name post-sysprep is boot up, logon as the local administrator,

      How do you get a sysprep'ed machine to run non-interactively? So a script can gather and apply the machine's name a.s.o.

      • You may never see this reply, and you don't have a listed email, but...

        Technicians taking a machine out of the box have to do one thing -- enter a machine name. After they've done that, the machine (pre-sysprep) was configured for one more auto-logon as the local administrator with an semi-secure password. There's a RUNONCE key that launches a script that runs the final configurations. Those configurations include the changing of the local administrative password to a pattern based "secure" one and some
        • The startup process is automated so far that the machine name is derived from its IP address, the box joins the domain, some programs get re-installed in order to get adjusted to the new name or SID, finally the install files are cleaned up and the machine powers down. This part is working well.

          The part that's wrong is:

          whenever I finally sysprep -reseal , in order to have the image perform a rescan of the hardware and regenerate the SID, the booted machine does not perform the hardware rescan and eventually

  • Why is Ghost a kludge? (Score:3, Interesting)

    by Curien ( 267780 ) on Friday June 09, 2006 @07:36PM (#15506611)
    I use Ghost to create networks of up to 300 workstations about once a month. There's no hassle. I made a floppy image for Ghost using FreeDOS and the 3COM universal NDIS driver. That combined with pxelinux's keeppxe option, and every computer boots up off the network with nearly zero configuration necessary (ok, so I have to tell BIOS to boot from the network... big deal). When you get a new type of computer, just update the image to include the new drivers. One image works for all systems.
  • Interns.

  • I *JUST* finished the exact same thing. (Score:5, Insightful)

    by Jester998 ( 156179 ) on Friday June 09, 2006 @07:50PM (#15506675) Homepage
    I work for a mid-size company (~1500 desktops at 40+ remote sites), and I've been working on exactly the same problem for the last 2 weeks. Our solution until now has been buiding a new 'base' system and using PowerQuest V2i to take a disk image. This works OK, except for the fact that we had to build a new image from scratch every time slightly new hardware came out, and since our current hardware list is HUGE (we're slowly phasing out old hardware with new standardized stuff), it was impossible to build an image for every permutation.

    Over the last 2 weeks or so I've been building up an automated deployment suite -- I started first by figuring out how to do unattended installs of all our client software (this is different for each piece of software you'll deploy, so RTFM). Microsoft generally provides *great* tools for deployment (and usually anything using the Windows Installer is easy to customize), everything else is a mixed bag. Once I had applications installing properly in unattended mode, I turned my sights to the operating system.

    I explored a couple of options, like Sysprep/Image. The sysprep method worked, but there were a couple things that weren't ideal in our environment (for one, we would have had to ship 3 CDs to each of our branches -- one for the V2i restore utility itself, then 2 or 3 for the spanned disk image. Not all our machines have DVD-ROMs yet, nor do they all have local servers). The disc duplication efforts alone were a time sink.

    What I ended up doing was using nLite (http://www.nliteos.com) to customize the install process, including the unattended settings. I RARed up the unattended applications, and included the RAR file, a commandline UnRAR utility, and miscellaneous filesystem stuff in the $OEM$ folder on the Windows disc. Then I put some entries in RunOnceEx which automatically UnRARed the archive, then installs each application in turn.

    The total install process involves two steps of user interaction -- the first is to select what partition to install Windows to during the text-based portion of the install, and again during the setup process to ask for a machine name (we use a structured machine naming convention). The machine is joined to the domain automatically, apps are set up automatically, and the machine reboots to its 'final' state automatically. About 20-30 minutes after popping in the disc, you have a complete, reimaged system, and you only need to pay attention to it for about 30 seconds.

    After stripping the OS CD down with nLite, and RARing up our customized apps, my disc came out at a nice 664MB... small enough to fit on one CD, with room left over for future service packs, patches, and additional drivers.

    Now all we have to do is add new drivers and roll in new service packs and patches as needed, which is a breeze with the nLite wizard. We plan a new 'release' of the disc every 2-3 months, with incremental OS and application patches pushed out as needed.

    Best of luck; it takes a little while to really figure out the best approach, but once you do it's quite easy to maintain, and is definitely a huge time saver.
    • Why would you use RAR? Does its performance justify paying for (or illegally using) it to archive these files? Just a thought from your friendly neighborhood freedom lover :)
      • We have licensed copies of RAR (Windows & Linux) to create the archives, but there are many free unpackers available, one of which I included on the image.

        Although, TBH, WinRAR really isn't that expensive if we wanted to license it... $5 per machine for 999 licences, would would probably buy 2000 or so, so probably an even better discount. $5 per machine is a very, very small cost compared to Windows license, Office license, Citrix CAL, Exchange CAL, antivirus, etc.

  • MSFN.org & Image vs Unattended (Score:4, Informative)

    by Jonah Hex ( 651948 ) <hexdotms AT gmail DOT com> on Friday June 09, 2006 @07:59PM (#15506718) Homepage Journal
    Check out http://www.msfn.org/ [msfn.org], the "home" of nLite and many other projects. Personally I use nLite, WPI (Windows Post Installer), BTS Driverpacks, and AutoIT3. I have done both Image/Ghost style for multiple PCs and scripted installations, images are too hard to update on a regular basis, I much prefer scripted installs.

    HEX

  • Altiris + Sysprep (Score:3, Informative)

    by stevenbdjr ( 539653 ) <steven@mrchuckles.net> on Friday June 09, 2006 @08:11PM (#15506773) Homepage
    You can achive all of this quite easily with Altiris Deployment Solution [altiris.com], and then some. Imaging, application packaging and deployment, remote execution, basic inventory, remote control, and other management functions are all included. I've been using it for over 5 years and haven't used anything better for managing Windows PCs. You can buy it stand alone or bundled with the Client Management Suite, although for an organization of your size, the CMS is probably overkill. If you create your images properly with sysprep, you can achive near full hardware independence.
  • A former coworker works there, so I'm biased, but the Mountain View Data PowerCockpit [mountainviewdata.com] software seems to be pretty darn easy to use for large environments. Remote install, image-from-machine, install and configure many clones from an image, works with most of the PC OSes, etc.

  • What I do (Score:3, Informative)

    by Shawn is an Asshole ( 845769 ) on Friday June 09, 2006 @08:39PM (#15506879)
    I use Unattended [sf.net] for the OS installation and WPKG [wpkg.org] for applications/updates/configuration/policies (w/ secedit and ActivePerl).
  • Here's my two cents. If your sticking with strictly Microsoft OSes, I'd recommend the Business Desktop Deployment Solution Accelerator from Microsoft. It not only discusses the technologies needed to roll out a standard desktop, but also the practices needed to keep the project running. You can find it by searching technet for Desktop Deployment.

    It comes in two different versions, standard and enterprise. The standard version will work with smaller organizations, but I highly recommend the enterprise versio
  • There. Since you didn't actually mention WTF you install, that's all the help you're getting from me. I'm not going to assume anything, since you are the one who asked. Form a question first, don't expect us to decode your bullshit.
  • There are obviously guys on here with experience in larger enterprises than I have been exposed to. Thanks for sharing guys, there are some good tools that I need to go look into.

    All I can offer is my own experience with RIS, Windows 2000 Server, and Windows 2000 Pro and XP desktops. The biggest PITA with RIS is the network drivers. With Ghost you just get the NDIS driver, set the driver to use with your bootdisk, and then image your workstation. It includes all the nifty utils to flip the SID, name the

    • RIS for 1-2 occational installs where you have mixed hardware. This suits my needs and I use it all the time.
      Ghost has multicast ability and is nice if you have more than 2 machines you need to build and they are identical ('identical' can be bypassed if you put a lot of effort into building the images).

      RIS only got unicast, which means you will hog your network. It was very fun to see the MS-fanboy taking charge of the imaging process at my college and trying to do 50 installs simultaniously.
      • You don't have something set up right. I've had 30 workstations RISing at one time and still only took 20 minutes for the whole lot. I've had 15 laptops plugged into a Netgear switch all pulling the same image with no slowdown at all.
        • My tests show that RIS provides the files at 10mbit, but that is very dependant on your hardware. This is a server with 10k RPM SCSI drives doing 1 remote install.
          It would be 10mbit* if the disk IO doesn't kill the throughput of the harddrives. On 100mbit that would give you 7-8 clients before the slowdown occurs. On a gigabit link you could possibly do 70-80.
          Ghost uses multicast, one read from the disk and one stream to the clients. With multicasting you can scale to whatever number of nodes you need, with
  • Trust me, you won't want to be attending the installation of Skynet's T-1000.
  • I've been toying withn things like this for some time now.
    If you take a look on Microsofts CD, you'll find plenty documentation on how to automatically set up machines with names, IP, security patches all unatended. Then you'll need to keep up with your list of software - and their updates etc ...

    I would go with Computer Associates USD product because It's the one I know. from within that product you can install, and maintain accross you wan/lan your desktops -from the os to your software packages.
  • If this is a commercial installation then Novell ZEnworks is worthy of analysis. Linux pre-boot, PE mods, PXE support, imaging up and down, all very and integrated with platform independant patch management if you want it. Most ZENworks installations these days are on Windows platforms so don't let the Novell brand put you off :-)
  • "Does anyone have experience with RIS?"

    Well yes... in fact, there's a company that fully supports all aspects of the RIS product, and even offers a series of training certifications that allow certificated individuals to demonstrate a passable knowledge of the product. The company is called Microsoft.

    This whole article is FUD. Does this guy honestly believe it's possible that nobody understands how to use a pretty fundamental Windows technology? Wait, wait... he's used to asking for support from Linux fo

Slashdot Top Deals

THEGODDESSOFTHENETHASTWISTINGFINGERSANDHERVOICEISLIKEAJAVELININTHENIGHTDUDE

Close