6435A_10

Download Report

Transcript 6435A_10 

Module 10:
Designing Operating
System Deployment and
Maintenance
Module Overview
• Determining Operating System Deployment Requirements
• Designing Windows Deployment Services
• Windows Deployment Services Images
• Designing Multicast Transmission of Images
• Designing a Software Update Process
Lesson 1: Determining Operating System
Deployment Requirements
• Design Options for Deploying Operating Systems
• Security Considerations for Operating System Deployment
• Tools for Operating System Deployment
Design Options for Deploying Operating Systems
Options
Description
Bare metal
Install on computer without existing software
Light touch
Limited manual interaction
Zero touch
No manual interaction
Security Considerations for Operating System
Deployment
Security considerations for operating system
deployment planning:
• Secure user credentials, PIDS, company
information, or other restricted data in answer
files, log files or image files
• Secure the storage locations for images, user
state, and backups
• Scan source and destination computers for
viruses
• Do not transmit data over the Internet unless the
connection is encrypted
• Secure the PXE network boot process to prevent
unauthorized users from joining computers to
the domain
• Windows Server 2008 domain controllers do not
allow the NETSETUP_JOIN_UNSECURE option
Lesson 2: Designing Windows Deployment
Services
• Enhanced Features in WDS
• Network Infrastructure Requirements
• Comparing Transport Server and Deployment Server
• Considerations for Upgrading from RIS to WDS
Enhanced Features in WDS
Enhanced features in WDS from RIS are:
• Support for deployment of Windows Vista
and Windows Server 2008
• Higher performing PXE and TFTP servers
• New boot menu format
• Support for .wim format
• Windows PE as boot operating system
• Multicast support
Network Infrastructure Requirements
Requirement
Active Directory
Domain Services
DHCP
Description
• WDS server must be a member of a
domain.
• Configures workstations with an IP
during PXE boot
DNS
• Required for WDS server
NTFS volume
• Required for image storage
• Must be a local administrator on WDS
Credentials
server to install
• Must be a domain user to start WDS
client
Comparing Transport Server and Deployment
Server
Deployment Server
Transport Server
Server
requirements
Requires AD DS, Dynamic Host
Configuration Protocol (DHCP),
and Dynamic Name Services
(DNS) in the environment
PXE
Supports PXE boot with the
default PXE provider
Image server
Includes the Windows
Deployment Services Image
Server (WdsImgSrv)
Transmission
method
Allows unicasting and
multicasting
• Allows only multicasting
Management
tools
You manage using the Windows
Deployment Services MMC
snap-in or WDSUTIL
• You manage with WDSUTIL only
Client
Use the Windows Deployment
Services client, WDSMCAST, or
custom multicast client
application
• Does not require other servers
in the environment
• Supports PXE boot using the
default PXE provider, or if you
have a custom PXE provider
• Does not include the Windows
Deployment Services Image
Server (WdsImgSrv)
• Use WDSMCAST or custom
client application only
Considerations for Upgrading from RIS to WDS
Windows Server 2003 RIS to Windows Server 2008
WDS upgrade process:
• Upgrade RIS to WDS on Windows Server 2003
• Change WDS from legacy mode to native mode
• Upgrade to Windows Server 2008
Lesson 3: Windows Deployment Services Images
• Image Capture Utilities
• Considerations for Maintaining Boot and Install Images
Image Capture Utilities
Functionality
WDSCapture
ImageX
Captures a partial volume?
No
Yes
Captures a non-Sysprep image?
No
Yes
Specifies compression type?
Yes: only LZX or
XPRESS
Yes: LZX, XPRESS, or
no compression
Uploads directly to WDS Server?
Yes
No
Can the process be automated?
Yes
Yes
Has a GUI?
Yes
No
Provides additional functionality
beyond image capture?
No
Yes
Specifies capture exclusion list?
Yes
Yes
Captures directly to network location
without making a local image copy?
No
Yes
Considerations for Maintaining Boot and Install
Images
Boot images:
• Must be Windows PE in
.wim format
Install images:
• Windows Vista can only
be rearmed three times
• Must be marked as boot
from RAMDISK
• You can mount and edit
offline images by using
ImageX
• Boot.wim must not be
older than the operating
system being deployed
• Editing offline images is
not suitable for
application installs
• Must have all necessary
drivers
• You must export the
image from WDS to edit
offline
Lesson 4: Designing Multicast Transmission of
Images
• Types of Multicast Transmissions
• Considerations for Designing Multicast Transmissions
Types of Multicast Transmissions
Auto-cast:
• Multicast begins when a single computer requests it
• Additional computers can join in
Scheduled-cast:
• Multicast begins when criteria are met
• Criteria are: number of clients joined or specific day and
time
• Clients cannot join after multicast has started
Considerations for Designing Multicast
Transmissions
Considerations for designing multicast transmissions are:
• All routers must support multicasting
• Boot.wim from Windows Vista does not support multicasting
(use boot.wim from 2008 media)
• If multiple servers are using multicast, they must use unique
multicast addresses
• Use MADCAP to avoid conflicting multicast addresses
• You must restart WDS for network configuration changes to
take effect
Lesson 5: Designing a Software Update Process
• Guidelines for Planning WSUS Infrastructure
Guidelines for Planning a WSUS Infrastructure
When planning the number and placement of servers:
• Connect one WSUS server to the Internet
• Chain WSUS servers
• Place servers close to client computers
When planning the configuration of servers:
• Download updates in the languages required
• Use a local database or Microsoft Update
• Create a synchronization schedule for downloads