Chapter 15 PowerPoint
Download
Report
Transcript Chapter 15 PowerPoint
Deploying
Windows 2000 Using RIS
•
•
•
•
RIS Overview
Implementing RIS
Administering RIS
RIS Frequently Asked Questions and Troubleshooting
1
RIS Overview
•
•
•
•
•
•
Remote OS Installation Overview
Remote Install Server Components
Remote Install Client Components
How the Remote OS Installation Process Works
RIS Server and Client Requirements
Network Cards Supported by RIS Boot Disk
2
Remote OS
Installation Overview
3
Remote Install
Server Components
•
•
•
Boot Information Negotiation Layer (BINL)
Trivial File Transfer Protocol Daemon (TFTPD)
Single Instance Store (SIS)
4
Boot Information
Negotiation Layer (BINL)
•
Added during the RIS installation process and provides overall
management of the RIS environment
•
Responsible for answering client computer network service
requests
•
Responsible for querying Active Directory on behalf of the client
computer
•
Responsible for ensuring that the correct policy and
configuration settings are applied to the client computer during
the OS installation
•
•
•
Ensures that the client is passed the correct files
Makes sure the correct RIS server services a prestaged client
Creates the client computer account object within Active
Directory if the client computer has not been prestaged
5
Trivial File Transfer Protocol
Daemon (TFTPD)
•
•
Server-side TFTP service
•
Used to download the CIW and all client dialog boxes contained
within the CIW for a given session
Responsible for hosting specific file download requests made by
the client computer
6
Single Instance
Store (SIS)
•
Responsible for reducing disk space requirements on the
volumes used for storing RIS installation images.
•
When RIS is installed as an optional component, the
administrator is prompted for a drive and directory where to
install RIS.
•
Attaches itself to the RIS volume and looks for any duplicate
files that are placed on that volume.
•
Creates a link to any duplicates found, thus reducing the disk
space required.
7
Types of Remote Boot-Enabled
Client Computers
•
•
Computers with PXE DHCP-based remote boot ROMS
Computers with network cards supported by the RIS boot disk
8
PXE Remote Boot
Technology
•
Remote OS Installation uses the PXE remote boot technology to
initiate the installation of an OS from a remote source to a client
hard disk.
•
The remote source, a server that supports RIS, provides the
network equivalent of a CD-based installation of Windows 2000
Professional or a preconfigured RIPrep desktop image.
•
Windows 2000 Professional OS is currently the only installation
option supported by RIS.
•
Once images have been posted on the RIS server(s), end users
equipped with PXE-based computers can request to install those
images from any available RIS server on the network.
•
Users can install the OS without administrator assistance, which
saves both time and expense normally associated with OS
installations.
9
CD-Based Installation
•
Similar to setting up a workstation directly from the Windows
2000 Professional CD-ROM
•
Differs from CD-ROM setup insofar as the source files reside
across the network on available RIS servers
10
RIPrep Image Format
•
Allows a network administrator to clone a standard corporate
desktop configuration.
•
After installing and configuring Windows 2000 Professional, its
services, and any standard applications on the computer, the
administrator runs a wizard that prepares the installation image
and replicates it to an available RIS server for installation on
other clients.
11
How the PXE Remote Boot
Technology Works
•
•
PXE is a new form of remote boot technology.
•
Net PC/PC98-compliant systems can take advantage of the
remote boot technology included in the Windows 2000 OS.
PXE enables companies to use their existing TCP/IP network
infrastructure with DHCP to discover RIS servers on the network.
12
PXE Remote Boot
ROM Boot Process
13
The RIS Boot Disk
•
Provided by Windows 2000 for computers that do not contain a
PXE-based remote boot ROM so that a remote boot disk can be
created for use with RIS
•
•
Used with a variety of PCI-based NICs
•
Simulates the PXE remote boot sequence and supports
frequently used NICs
Eliminates the need to retrofit existing client computers with
new NICs to take advantage of the Remote OS Installation
feature
14
RIS Architecture
15
How the Remote OS
Installation Process Works
•
The process is the same for both the PXE remote boot ROM and
the RIS boot disk boot processes.
•
The process of contacting an RIS server and selecting an OS
image is accomplished in a few steps.
•
•
The process is simple from an end user perspective.
•
An administrator can also restrict the OS image(s) available to a
user, thus ensuring the correct OS installation type is offered to
the user for a successful installation.
An administrator can guide the user through a successful OS
installation by predetermining the installation options available.
16
The Remote OS Installation
Process
•
•
•
•
•
•
Network service request
BINL service
Client Installation Wizard (CIW)
User logon
User options
OS installation begins
17
CIW Installation Options
18
RIS Server Hardware
Requirements
•
Pentium or Pentium II 166 MHz; 200 MHz or faster processor
recommended
•
64 MB of RAM; 96 to 128 MB if additional services such as Active
Directory, DHCP, and DNS are installed
•
2 GB minimum hard disk or partition dedicated to the RIS
directory tree; RIS requires a significant amount of disk space
•
10 or 100 mbps NIC; 100 mbps preferred
19
RIS Server Software
Requirements
•
•
•
DNS
DHCP
Active Directory
20
RIS Client Hardware
Requirements
•
•
•
•
•
Pentium 166 MHz or faster processor Net PC client computer
32 MB RAM minimum; 64 MB recommended
800 MB hard disk drive
Supported PCI Plug and Play NIC
Optional: PXE-based remote boot ROM version . 99c or later
21
Implementing RIS
•
•
•
•
•
•
Implementing RIS
Setting Up RIS
Configuring RIS
Creating an RIPrep Image
Creating an RIS Boot Disk
Verifying an RIS Configuration
22
Implementing
RIS Overview
•
•
•
•
•
Set up RIS
Configure RIS
Create an RIPrep image
Create an RIS boot disk (optional)
Verify the RIS configuration
23
Windows Components
Wizard Dialog Box
24
Tasks to Configure RIS
•
•
•
•
Authorize RIS servers
Set RIS server properties
Set RIS client installation options
Set RIPrep image permissions
25
Authorizing RIS Servers
•
Specifying the RIS servers that are allowed to run on the
network can prevent unauthorized RIS servers, ensuring that
only RIS servers authorized by administrators can service clients.
•
•
Unauthorized RIS servers will be automatically shut down.
An RIS server must be authorized before it can service client
computers.
26
Remote Install Tab
27
New Clients Tab on the RIS
Properties Dialog Box
28
Images Tab on the RIS
Properties Dialog Box
29
Tools Tab on the RIS
Properties Dialog Box
30
Setting RIS Client
Installation Options
•
Enables an administrator to control the options presented to
different groups of users during the CIW.
•
Four options can appear on the CIW: Automatic Setup, Custom
Setup, Restart A Previous Setup Attempt, and Maintenance And
Troubleshooting.
31
Restart A Previous
Setup Attempt
•
•
Provided in case the installation of the OS fails for any reason
Enables administrators to customize the CIW to ask a series of
questions about the specific OS being installed
• When restarting a failed OS setup attempt, the end user is
not asked these questions again.
• Instead, Setup restarts the file copy operation and
completes the OS installation.
32
Maintenance And
Troubleshooting
•
•
Provides access to third-party hardware and software vendor
tools.
• Range from system BIOS flash updates and memory virus
scanners to a wide range of computer diagnostic tools that
check for hardware-related problems
• Available before installing and starting the OS on the client
computer
If the option to display the Maintenance And Troubleshooting
menu is enabled, user access to individual tool images is
controlled in the same way as OS options, by setting specific
end user permissions on the individual answer file (.sif) for that
tool.
33
Choice Options Properties
Dialog Box
34
Changes to RIS Policy
•
•
Take effect only when the policy is propagated to the computer
One of the following is done to initiate policy propagation:
• Type secedit /refreshpolicy user_policy at the
command prompt, and then press Enter.
• Restart the computer.
• Wait for automatic policy propagation, which occurs at
regular, configurable intervals; by default, every eight hours.
35
Setting RIPrep Image
Permissions
•
Enables administrators to guide users through the selection of
the unattended OS installation appropriate for their role within
the company.
•
When an OS image is added to an RIS server, the image will be
available to all users serviced by that RIS server.
36
Create an RIPrep Image
•
Many organizations use disk imaging or cloning software to build
and maintain standard desktops.
•
Cloning software enables administrators to configure a client
computer exactly how they want it, and then make a copy of
that image for installation on client computers on the network.
•
Remote OS Installation supports creation and installation of
standard desktop images using RIPrep images.
•
Before an RIPrep image can be created, the following tasks
must be completed:
• Create the source computer
• Configure the workstation
37
Creating the
Source Computer
•
The Remote OS Installation feature is used to remotely install
the base Windows 2000 Professional OS.
•
Once the OS is installed, applications or application suites,
including in-house LOB applications, are installed.
•
The workstation is configured to adhere to company policies.
38
Configuring the Workstation
•
When creating RIPrep images, understanding the relationship of
user profiles, the changes made to an RIPrep source computer,
and the desired result for users that log on to computers
installed using the RIPrep image is important.
•
Applications that carry the “Certified for Windows” logo properly
separate user- and computer-specific configuration settings and
data.
•
Certified applications are also available to all users of systems
later installed with the resulting RIPrep image.
•
Non-Windows 2000–compliant applications may perform and/or
rely on per-user configurations that are specific to the profile of
the user actually installing the application prior to running
RIPrep, rather than to all users of the system.
39
Configuring the Workstation
(con’t)
•
Applications that remain specific to that user may result in the
application or configuration setting not being available or not
functioning properly for users of computers installed with the
RIPrep image.
•
Some non-application configuration changes, such as the
wallpaper specified for the user desktop, are by default applied
only to the current user’s profile and will not be applied to users
of systems installed with the RIPrep image.
•
Any applications or configuration settings desired for use must
be thoroughly tested.
•
Some configuration settings can be copied directly from the
profile where they were applied.
40
RIPrep Requirements
•
The destination computer is not required to contain hardware
identical to that of the source computer used to create the
image.
•
The destination computer’s disk capacity must be equal to or
larger than that of the source computer.
•
All copies of Microsoft software made or installed using RIS must
be properly licensed.
•
All copies of other software made or installed using RIS must be
properly licensed.
41
RIPrep Limitations
•
RIPrep currently supports replicating a single disk–single partition
Windows 2000 Professional installation to an available RIS server.
•
The OS and all applications must reside on the C partition prior to
running the Remote Installation Preparation Wizard.
•
The Remote Installation Preparation Wizard currently allows source
image replication only to available RIS servers; source replication
to alternate drives or media types is not supported.
•
•
Replication of encrypted files is not supported.
•
Modifications to replicated installation images are not supported.
Changes made in the source computer’s registry before running
the Remote Installation Preparation Wizard are not maintained in
the installation image.
42
Installation
Image Sources
•
The Remote Installation Preparation Wizard is used to create an
installation image of a client computer that was originally
installed using a retail version of Windows 2000 Professional.
•
RIPREP.SIF must be modified to include the PID number.
• The PID is a unique identification number specific to each
copy of Windows 2000 Professional used to identify the OS
installation and track the number of copies installed
throughout an organization.
43
Including the PID
in the RIPREP.SIF File
•
Open the RIPREP.SIF file located at
\RemoteInstall\Setup\applicable_language\Images
\applicable_image_name\I386\Templates\RIPREP.SIF.
•
Type ProductID = “xxxxx-xxx-xxxxxxx-xxxxx” into the
[UserData] section of the RIPREP.SIF file.
•
The PID for each client installation is randomly generated using
the PID entered in the RIPREP.SIF file.
44
Create an RIS Boot Disk
•
A boot disk must be created to support existing client computers
that do not have a PXE-based remote boot-enabled ROM but
that do have a supported network adapter.
•
The RIS boot disk works like the PXE boot process: Turn on the
computer, boot from the RIS boot disk, press F12 to initiate a
network service boot, and the CIW is downloaded and starts.
•
The rest of the RIS process is identical regardless of whether the
client was booted using a PXE boot ROM or the RIS remote boot
disk.
45
Remote Boot Disk
Generator Dialog Box
46
Verifying an RIS
Configuration
•
RIS provides the ability to check the integrity of the RIS-enabled
server.
•
The RIS configuration can be verified if the server is suspected
of failing, if inconsistent behavior is present, or if an RIS volume
needs to be restored from backup.
•
The Check Server Wizard checks whether all of the settings,
services, and configuration options are correctly set and
functioning.
47
Administering RIS
•
•
•
•
Administering RIS
Managing RIS Client Installation Images
Managing RIS Client Computers
Managing RIS Security
48
Managing RIS Client
Computers
•
•
Prestaging RIS client computers
Finding RIS client computers
49
Prestaging RIS Client
Computers
•
The process of creating a valid client CAO within Active
Directory.
•
After RIS client computers are prestaged, the RIS servers can be
configured to respond only to prestaged client computers.
•
•
•
• Ensures that only those client computers that have been
prestaged as authorized users are allowed to install an OS
from the RIS server.
Saves time and money by reducing or eliminating the need to
fully preinstall the computer.
Enables administrators to define a specific computer name and
optionally specify the RIS server to service the computer.
• This information is used to identify and route the client
computers during the network service boot request.
The appropriate access permissions must be set for users of the
prestaged client computer.
50
New Object-Computer
Dialog Box
51
Managed Dialog Box
52
Host Server Dialog Box
53
Finding RIS Client
Computers
•
Active Directory can be searched for RIS client computer
accounts by using their computer name or GUID.
•
The Show Clients feature searches for all client computers that
are prestaged for this RIS server.
•
The search process can include the entire Active Directory
structure or can be limited to a specific domain.
•
The search process returns a list of the client computers and
displays them by their computer name and GUID.
54
GUID for Client Computers
Overview
•
•
The manufacturer supplies the computer’s GUID.
•
Valid entries for the client GUID are restricted to the following: 0
1 2 3 4 5 6 7 8 9 a b c d e f – A B C D E F.
•
Dashes are optional and spaces are ignored; brackets {} must
be included.
The GUID must be in the form {dddddddd-dddd-dddd-dddddddddddddddd}, where d is a hexadecimal text digit.
55
Locating the GUID for
Client Computers
•
•
•
Label on the side of the computer case
Label within the computer case
BIOS of the client computer
56
Find Remote Installation
Clients Dialog Box
57
Tasks for Managing
RIS Security
•
Set permissions for creating computer accounts
•
• Creating prestaged computer accounts
• Creating user-created computer accounts
Set permissions for joining computer accounts to a domain
• Joining computer accounts created in the Computers
container to the domain
• Joining computer accounts created in OUs to the domain
58
Initiating Policy Propagation
•
Type secedit /refreshpolicy machine_policy at the
command prompt, and then press Enter.
•
•
Restart the computer.
Wait for automatic policy propagation, which occurs at regular,
configurable intervals; by default, occurs every eight hours.
59
RIS Frequently Asked Questions and
Troubleshooting
•
•
Frequently Asked RIS Questions
Troubleshooting RIS
60
Symptom: Command Settings Are Not
Being Processed During the
Unattended Installation
•
Cause: When using the “OemPreinstall = yes” setting in an .sif
file, the correct directory information is required
•
Solution: Change the directory information to
\RemoteInstall\Setup\applicable_language\Images
\applicable_image_name\$oem$
61
Symptom: Language Choice Options
Are Not Displayed During the CIW
Session
•
Cause:
•
• By default, RIS uses the WELCOME.OSC file to manage the
client installation image choices.
• For multiple language installation image options, the default
WELCOME.OSC file needs to be replaced with the
MULTILND.OSC file.
Solution:
• The CIW uses the WELCOME.OSC file located in the
\RemoteInstall\OSChooser folder to manage client
installation image choices.
• After WELCOME.OSC is removed and MULTILNG.OSC is
renamed to WELCOME.OSC, the CIW will also offer a menu
of multiple language choices to the user.
• The WELCOME.OSC file can be edited to create custom
language options.
62
Symptom: The Client Computer Is
Prestaged to an RIS Server But Is Being
Serviced by a Different Server
•
Cause: When a client computer is prestaged into a domain with
multiple domain controllers, the replication delay of the CAO
information can cause a client computer to be serviced by
another RIS server
•
Solution: Wait for the computer account information to be
propagated during the next scheduled replication session or
modify the replication frequency between the domain controllers
63
Symptom: Following the Restoration of a
Backup of an RIS Volume, RIS No Longer
Functions Properly
•
•
Cause: Backup restored the volume without an SIS directory
Solution: Verify the configuration of the RIS volume and then
restore the volume again
64