Windows Deployment Services and Symantec Ghost

KB ID 0000108

Problem

There’s very little about this that seems to be stored in one place out there on the Internet, Why would you want to use Ghost and WDS together anyway? Well once upon a time we used the PXE element is RIS, (WDS’s Predecessor) to use the Symantec GhostCast server. So yes I understand why people raise an eyebrow because you can achieve all your imaging needs with WDS alone. however people have invested heavily in Ghost over the years and rely on ghost images – also if you are using ghost to back up machines, then you may want to image them WITHOUT sysprep-ing then first (Which WDS does not seem to want to let you do.)

Doing this in a virtual environment tends to be fraught with problems, with both with Microsoft and

VMware, I’ve had trouble testing this. But when using real machines it works fine – remember any drivers you need must be Windows Vista ones. And Windows PE wont run in a Guest VM in VMware ESX, unless you set the client type to Vista (Even if it is another OS).

Pre Requisites

1. The Server needs an installed and working DHCP Scope, WDS adds a PXE option to it.

2. You need a reference PC set up.

3. You need to download the WAIK (Windows Automated Installation Kit).

Solution

Phase 1: Install WDS

1. To start with, you need to add WDS as a Windows component, Start > Run > appwiz.cpl {enter}.

2. Scroll down to Windows Deployment Services and tick the box > Next. Note: This in an R2 SP2 Version of Windows Server 2003, if you cannot see WDS then install SP2.

3. WDS is added (The server may ask for the install CD).

4. Click Finish.

5. Click “Yes” to Reboot.

6. Start > Administrative Tools > Windows Deployment Services.

7. Expand Servers.

8. Select your server > Actions > Configure Server.

9. Next.

10. Provide a path to the location you want to store your images in.

11. If the location is on the system drive you may see this warning > Click Yes.

12. Tick Both > Next.

13. Bottom Option > DONT tick the box > Finish.

14. WDS Copies over some files and configures itself.

15. Untick the box, we are going to do this manually and just add what we want. > Finish.

Phase 2: Install Symantec Ghost

1. Run the setup.exe > Install.

2. Next.

3. Tick “I Accept..” > Next.

4. Tick “I have read….” > Next.

5. Enter a User and Organisation > Next.

6. Select Install Location > Next.

7. Next.

8. Install.

9. Coffee Time………..

10. Next.

11. Next

12. Finish

Phase 3: Install WAIK and create the Boot Image

Note: This is using the Windows Vista WAIK – If you are using the Windows 7 Version CLICK HERE

1. Download and install the WAIK.

2. Click Start > Microsoft Windows AIK > Windows PE Tool Command Prompt.

3. Execute the following command,

.copype.cmd x86 c:winpe_x86 {enter}

4. Execute the following command,

.imagex /mountrw c:winpe_x86winpe.wim 1 c:winpe_x86mount {enter}

5. Execute the following two commands,

.copy “C:Program FilesSymantecGhostGhost32.exe” c:winpe_x86mountwindows {enter}

copy “C:Program FilesSymantecGhostGhost32.exe” c:winpe_x86mountwindowssystem32 {enter}

Note: At this point you may want to copy and Network Card or Mass Storage Drivers to the Windows PE

Image as well (Remember they are vista drivers NOT DOS.NDIS Drivers).

copy “[NIC driver location]” c:winpe_x86mountwindows {enter}

copy “[Mass Storage Driver Location]” c:winpe_x86mountwindows {enter}

6. Click Start > Run > notepad {enter} File > Open > Navigate to c:winpe_x86mountwindowssystem32startnet.cmd (Note: change files of type to “all files” or you wont see it).

7. Add ghost32.exe (as shown) then save the file and exit.

8. Switch back to the Windows PE Tools Command Prompt, Execute the following command,

peimg /prep c:winpe_x86mountwindows {enter}

9. Type “Yes” {enter}.

10. When done it should say “PEIMG completed the operation successfully.”

11.Execute the following command,

.imagex /unmount c:winpe_x86mount /commit {enter}

12. Execute the following command,

copy c:winpe_x86winpe.wim c:winpe_x86ISOsourcesboot.wim {enter}

13. Type “Yes” to overwrite > When finished it should say 1 file copied.

Note: The image you need to give to WDS is called boot.wim, and you can find it here

C:winpe_x86ISOsources, You may wish to Copy it to your WDS Server to the directory you specified when setting up WDS (to hold Images).

Also: You can create a bootable CD iso from the .wim image using the following command,

oscdimg -n -bc:winpe_x86etfsboot.com c:winpe_x86ISO c:winpe_x86winpe_x86.iso

Phase 4: Add your new boot image to WDS

1. Start > Administrative Tools > Windows Deployment Services. > Expand Windows Deployment Services > Servers > Your Server > Right Click Boot Images > Select “Add Boot Image”.

2. Browse to the Boot.wim file you created above.

3. Give the image a sensible name and description > Next.

4. Next

5. The image will be coped into WDS.

6. When done you should see it on the right.

Phase 5: Set GhostCast Server to Accept an Image

1. Start > All Programs >Symantec Ghost > Ghostcast Server.

2. Give it a Session Name > Select Create Image (Assuming you have a reference machine ready to image TO the server) > Click Browse to Find a location that has enough space to hold the image file. > Note you will need to create the filename.gho to continue. > Click “Accept Clients”.

Phase 6: PXE Boot your client to the network, and image it

1. Remember to boot from the network the client must have a PXE capable network card and it must be set in the BIOS to be higher in the Boot order that the system drive, most machines now give you a key to press on boot, to boot from the network (Usually F12).

2. Cast you mind back to phase 3 step 7, those are the commands getting executed, winpeinit is the plug and play loader for windows PE.

Note: If you are using VMware and you have not set “Vista” as the machine type it may hang here and never launch ghost.

3. Like an old friend, Ghost appears > OK.

4. GhostCast > Unicast.

5. Give it the session name you set up in phase 5, > Either let ghost find the ghost cast server or enter its IP address. > OK > Select the Disk you wish to Image > OK > When asked about compression Select High > Click OK > Imaging will start.

Note: Make sure it displays a valid IP address at the bottom or it will fail, (If it says 127.0.0.1 then you need to add the drivers for his machine to the image).

Adding drivers to a WIM image.

6. Back at the GhostCast Server > You will see the session imaging across.

Note: To Deploy an Image TO the client, the operation is the same exept in the ghostcast server tick “Restore Image” and point it to the image-name.gho file to deploy, and on the client select “Multicast” when PXE Booted.

Related Articles, References, Credits, or External Links

NA

Adding Drivers to Images on WDS

KB ID 0000314

Problem

Before Server 2008 R2 when we needed to inject drivers into our WDS images we had to do it like this.

Now however the process is a lot more elegant! Simply import the drivers into WDS, then inject them into the boot images (Yes the boot images NOT the Windows Images you are deploying!)

Solution

Add Driver Packages to Image is “Greyed out”

If while attempting to add drivers, the option to “Add Driver Packages to Image” is grayed out.

Then you may need to update your boot images from Server 2008/Vista images to 2008 R2/Windows 7 Images. (or from version 6.0.6000 to 6.1.7600).

 

Related Articles, References, Credits, or External Links

NA

WDS – PXE Boot Error TFTP Timeout

KB ID 0000485 

Problem

Seen when using WDS on Windows Server 2008 (and 2008 R2). When attempting to PXE boot a client machine, it sucessfully gets an IP address. But it times out at the TFTP stage.

This is a common occurance if the WDS server is also a DNS server. It happens on machines that have had the MS08-037 security update installed. Basically the ports that WDS needs are being reserved for DNS.

Solution

1. On the WDS server > Start > in the search/run box type regedit {enter}.

2. Navigate to:

[box]HKEY_LOCAL_MACHINESystemCurrentControlSetServicesWDSServerParameters[/box]

3. In the right hand window locate the UdpPortPolicy value and change it from 1 to 0 (Zero).

4. Then run services.msc > Locate the “Windows Deloyment Server Service” > Right Click > Restart.

Related Articles, References, Credits, or External Links

NA

WDS – “The Network Path was not found” when adding an Unattend file

KB ID 0000487

Problem

Saw this last week, while trying to use an unattended file for the roll out of some machines with WDS.

Every time you try and enter a value you get “The network path was not found” error, no combination of file path or UNC path seems to cure the problem.

Solution

This is a “work around” not a fix, essentially it will not accept any value you put into the path without throwing and error. If you close and reopen this page the value you enter has not been accepted.

So we are going to populate the entry by editing the registry, if you go back and view the entry afterwards it will STILL ERROR but the value will say put and the unattended file will work (providing the path you specify is correct of course!)

1. On the WDS server >Start > regedit {enter}.

2. Navigate to:

[box]HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWDSServerProvidersWdsImgSrvUnattend[/box]

3. Locate the “Enabled” value and change it from 0 to 1.

4. Below this key you will see there is a key for each “image processor type”. I’m adding a 32 bit (x86) Unattended file so expand that, and set the “FilePath” value to your unattended xml file (Note: the path is from the WDS root directory, keep it simple and put your unattended file in the WDSClientUnattend folder. In this example mines called WDSClientUnattend.xml).

5. Finally restart the “Windows Deployment Services Server” service.

 

Related Articles, References, Credits, or External Links

NA

WDS – Unattended file – Removing /Formatting Drive Partitions

KB ID 0000490 

Problem

Over the last couple of years I’ve done a lot of imaging of School PC’s I don’t know why but they come with a myriad of different drive and partition configurations. Even big vendors like HP and Dell ship their machines with recovery partitions these days.

If you are imaging with WDS this can cause a problem so what I usually want to do is remove all the partitions, create one big one that takes up all the drive, and format it as NTFS.

Solution

Before you begin make sure you are clued up on working with WDS unattended files, run through my instructions here.

The following procedure needs to be added to the WDS Unattended file NOT the unattended file for the image, (again run through KB0000180 if you are unsure.)

1. While editing your Unattended answerfile you need to locate, “Microsoft-Windows-Setup_neutral” and add “DiskConfiguration” to the “1 windowsPE” component.

2. Right click it and add a disk > Set Disk ID = 0 > Set WillWipeDisk = true.

3. Right Click > Create Partition > Set Extend = true > Set Order = 1 > Set Type = Primary.

4. Select Modify Partitions > Set Active = true > Set Extend = false > Set Format = NTFS > Set Label = SYSTEM > Set Letter = C > Set Order = 1 > Set Partition ID = 1.

5. This procedure will add the following to your unattended file.

 

Related Articles, References, Credits, or External Links

NA

WDS – Unattended file – Joining a Domain Automatically

KB ID 0000494 

Problem

During a large rollout the more things you can automate the better, before you continue though be aware of one thing…

You can only automatically join a client to a domain if it has an auto generated random machine name!*

*Note: This is not 100% true, if you pre-stage the computer objects into Active Directory with the GUID of the machine (you can see this on the screen at pXe boot time, or get it from the BIOS) Then you can auto join the machines and they will come in with the correct name. However, if you have a large number of machines to build, this is more time consuming than simply renaming them after they have been imaged.

Solution

Before you begin make sure you are clued up on working with WDS unattended files, run through my instructions here.

The following procedure needs to be added to the images unattended file NOT the WDS Unattended file, (again run through KB0000180 if you are unsure.)

1. While editing your unattended answerfile you need to locate, “Microsoft-Windows-Shell-Setup_neutral”, add it to pass 4 (Specialize) and set the ComputerName entry to * (an asterisk).

Note: In this section you can also enter to windows product code, and owner details, as well as your time zone.

2. Then locate, “Microsoft-Windows-UnattendedJoin”, add it to pass 4 (Specialize). Set the JoinDomain entry to the name of your domain. Set UnsecureJoin to “true”.

4. This procedure will add the following to your unattended file.

 

Related Articles, References, Credits, or External Links

Windows Deployment Services (On Server 2008 R2) Deploying Windows 7

Windows Deployment Services (Server 2003) Deploying Windows XP

 

Windows Deployment Services – Asks for Locale and Keyboard

KB ID 0000734 

Problem

Seen when deploying images with WDS, even though you have specified language, and keyboard settings in your answerfile. The system still asks you to set the language and keyboard options. For a couple of machines you might put up with this, but for a few thousand machines it can get quite annoying!

Solution

There is a reason it’s doing this, and it’s because the next thing it asks you to do is authenticate to the WDS server like so;

if there was a problem you might not be able to log in, (because you are using complex passwords like all good sysadmins) and all those ‘special characters’ can be on lots of different keys, with lots of different languages and keyboard layouts.

So to stop it asking for language settings, set the answerfile to auto authenticate to WDS. You do this by adding the ‘Windows Deployment Services‘ sub component, from the ‘Microsoft-Windows-Setup_neutral‘ component. Add it to the ‘1 windowsPE‘ pass and fill in the credentials accordingly.

Note: This is set in the WDS Unattended answerfile, NOT the one for the image you are deploying.

Adding via System Image Manager

Adding to the Answerfile (via XML)

Related Articles, References, Credits, or External Links

NA

Windows Deployment Services (On Server 2008 R2) Deploying Windows 7

KB ID 0000180

Problem

It’s been a while since I posted run through’s on WDS – they were on Server 2003, and were for deploying Windows XP.

I’ve completely re-written this page and shot a series of videos to make the process a little easier to understand.

Solution

Step 1 Notes

1. If the WDS Server is NOT the DHCP server then do NOT tick both the DHCP options, (as stated in the video), on your DHCP scope configure “DHCP Options” 66 and 67, like so;

2. If you are going to capture and deploy x64 Bit images you want to import the x64 bit boot.wim file from either the Windows 7 OR Windows Server 2008 R2 DVD (In the sources Directory).

Step 2 (Capture the Windows 7 Reference Machine).

Step 2 Notes

1. If your having trouble with talking to the WDS server over the network you may need to import the network drivers into the boot images on the WDS server, see here and here.

2. Make sure your machines are able to boot from the network.

3. If you CANT see a drive to image then sysprep did not complete correctly.

Step 3 (Prepare and Import the Unattended Answer files).

1. Windows Automated Install Kit (Windows 7) LINK

2. Sysprep Modules to Add for WDSClientUnattend.xml

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

1. WindowsPE

amd64_Microsoft-Windows-International-Core-WinPE

InputLocale = en-GB SystemLocale = en-GB UILanguage = en-GB UILanguageFallback = en-GB UserLocale = en-GB

SetupUILanguage

InputLocal = en-GB

2. OfflineServicing

Nothing.

3. Generalize

Nothing.

4. Specialize

Nothing.

5. AuditSystem

Nothing.

6. AuditUser

Nothing.

7. OobeSystem

Nothing.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Note: If you want to remove partitions and carry out drive formatting see the following article.

WDS – Unattended file – Removing /Formatting Drive Partitions

3. Sysprep Modules to add for OOBEunattend.xml

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

1. WindowsPE

Nothing.

2. OfflineServicing

Nothing.

3. Generalize

Nothing.

4. Specialize

amd64_Microsoft-Windows-Shell-Setup_6.1.7600.16385_neutral

Computername > * (Note: Generates a random name). CopyProfile> true Registered Organization> Your Organisation Registered Owner> Your Owner ShowWindowsLive> false TimeZone> GMT Standard Time

5. AuditSystem

Nothing.

6. AuditUser

Nothing.

7. OobeSystem

amd64_Microsoft-Windows-International-Core_6.1.7600.16385_neutral

InputLocale = en-GB SystemLocale = en-GB UILanguage = en-GB UserLocale = en-GB

amd64_Microsoft-Windows-Shell-Setup_6.1.7600.16385_neutral

OOBE

HideEULAPage = true HideWirelessSetup = true NetworkLocation = Work ProtectYourPC = 1

UserAccounts

LocalAccounts

LocalAccount

Description = Admin DisplayName = Admin Group = Administrators Name = Admin

Password

Value = password123

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

4. Additional stuff you might want to add to OOBEUnattended.xml

THIS ENABLES THE Local Administrator

4. Specialize

amd64_Microsoft-Windows-Deployment_6.1.7600.16385_neutral

RunSynchronous

RunSynchronousCommand

Order= 1 path = net user administrator /active>yes WillReboot = Never

 

THIS Automatically Activates the Machine with your VL / MAK Key

4. Specialize

amd64_Microsoft-Windows-Security-SPP-UX_6.1.7600.16385_neutral

SkipAutoActivation> true

7. OobeSystem

amd64_Microsoft-Windows-Shell-Setup_6.1.7600.16385_neutral

AutoLogon

Enabled> true LogonCount>2 Username> administrator

Password> {Administrator Password}

FirstLogonCommands

SynchronousCommand[Order=”1″]

CommandLine = cscript //b c:windowssystem32slmgr.vbs /ipk XXXXX-XXXXX-XXXXX-XXXXX-XXXXX (Windows 7 VL / MAK key) Order 1 RequiresUserInput> false

SynchronousCommand[Order=”2″]

CommandLine = cscript //b c:windowssystem32slmgr.vbs /ato Order 2 RequiresUserInput = false

5. Unless you generate a random computer name you CANNOT JOIN A DOMAIN! for more info see,

WDS – Unattended file – Joining a Domain Automatically

6. If you want to manually specify a computer name you need to delete the line from the unattended file that reads:

[box]<computername></computername> or <computername>*</computername> or </computername> [/box]

Step 4 (Deploy the Image to the Target Machines.).

Step 4 Notes

1.If you are deploying a lot of machines and the network is struggling, consider multicasting.

 

Related Articles, References, Credits, or External Links

NA