Setting Up the Windows Server

Setting up the Windows boot and install server consists of several tasks:

1. Set up Windows Active Directory and RIS services on the Windows RIS server.

2. Install OS provisioning scripts on the Windows RIS server.

3. Install Windows Remote Shell Service (RSH) or Secure Shell Service (SSH) on Windows RIS server.

4. Set up a Windows RIS image on the Windows RIS server.

5. Configure the Setup Information (.sif) file for the above image.

6. Configure the OSchooser files for OS provisioning image deployment.

How to Set Up the Windows RIS Server

Steps

1. Install Windows 2003 Server Edition operating system for 32–bit systems on the Windows boot and install server.

   Create a separate NTFS partition that is big enough to store at least one image of roughly 700 Mbytes to hold RIS images. You will need to identify this partition when you make the server into a RIS server.

   ---

   Note –

   Windows 2003 Server Edition operating system for 64–bit systems is not supported on the Windows boot and install server.

   ---

2. Install and configure Active Directory Server on this machine.

   Identify this system as a domain controller. For information about Active Directory Server, see Microsoft Knowledge Base Article 324753.

3. Install and configure RIS server on this machine.

   For more information, see Microsoft Knowledge Base Article 325862.

4. Provide appropriate RIS server settings.

   In the RemoteInstall properties for the RIS server, set the following two variables:

   • Respond to client computers requesting service

   • Do not respond to unknown client computers

5. Add the RIS server's IP address (Provisioning subnet interface IP address) in the DHCP snap-in:- "Manage Authorized Servers" list.

6. Disable any kind of DHCP service if its already running on the RIS server.

7. Configure user accounts for the RIS server.

   Create two user accounts in the RIS server's Active Directory and add them to the groups Administrators, Domain Admins, and Domain Users:

   • OS provisioning administration user – For example, username n1ospadmin.

   • OS provisioning RSH/SSH user – The RSH user name should always be root because the DHCP service on the OS provisioning server runs as root. The SSH user name can be any valid username.

8. Run the “Delegate control” wizard for the domain controller in the Active Directory Users and Computers snap-in:

   1. Select Join a Computer to the Domain.

   2. Set the user to the username that you defined in the previous step for the OS provisioning administration user.

9. Install Windows 2000/2003 Resource Kit software on the Windows boot and install server.

   You can install this software either from Windows Resource Kit CD or an online location. This package includes tools like setupmgr, deploy.cab, and xcacls used by the OS provisioning scripts.

How to Install OS Provisioning Scripts on the Windows RIS Server

Steps

1. Copy the following Windows OS provisioning scripts, sample files, and tools from the product media to a user-specified directory:

   • /dvd/release/n1osp/1.0/Windows/SampleOSCFiles

   • /dvd/release/n1osp/1.0/Windows/SampleSIFFiles

   • /dvd/release/n1osp/1.0/Windows/IspScripts

   • /dvd/release/n1osp/1.0/Windows/IspTools

   Where /dvd/release/n1osp/1.0/Windows/ is the path from the product media to the Windows directory that contains these files.

2. Create a folder to store the customized SIF files that are generated during provisioning.

   Put this folder under the RemInst share (for example, D:\RemoteInstall\folder-name). Name the folder something relevant, like n1osp.

3. Give read and write access to the folder that you created in the previous step for the OS provisioning administration user and the RSH/SSH user.

4. Verify that the OS provisioning administration user and the RSH/SSH user have read, write, and execute permissions to the temporary folder in the RemInst share.

   For example, D:\RemoteInstall\tmp. This access is needed so that the scripts can remove any stale temporary SIF files created by BINLSVC as a result of previous provisioning operations.

   To verify or change permissions, right-click on the folder and choose the Properties->Security->Advanced tab button. Select the checkbox for all files and folders to inherit the settings.

How to Install Windows RSH Server on the Windows RIS Server

The OS provisioning plug-in supports WinRsh (Native Windows RSH Service) for Windows 2003.

Steps

1. Install Windows Services for Unix 3.5 (SFU3.5) software on the Windows boot and install server.

   You can install this software either from Windows Resource Kit CD or an online location. This package includes Windows Remote Shell Service (RSH) service. For SFU install instructions, see Microsoft Knowledge Base Article 321712 .

2. Install and configure Windows RSH (WinRsh service) on the RIS server as N1 RSH user (that is, as user root).

   For more information, see http://www.microsoft.com/technet/interopmigration/unix/sfu/sfu35rsh.mspx.

   ---

   Note –

   Incorrect file permissions can cause WinRsh to fail. Symptoms of this problem include an Access denied message to the client and a log entry in the Event Viewer. To resolve this problem, assign full permissions to the user group Administrators/SYSTEM in the .rhosts ACL list.

   The following example shows the contents of the system-drive/windows/system32/drivers/etc/.rhosts file.

   ------------------ 10.5.133.22 root ------------------

   ---

How to Install Windows SSH Server on the Windows RIS Server

The OS provisioning plug-in supports Cygwin's OpenSSH package for Windows 2003.

Step

Install and configure Cygwin's Open Secure Shell Service (OpenSsh service) for Windows 2003 on the RIS server as N1 SSH user.

For more information, see the Cygwin Home Page and the Open Ssh Windows Install Instructions.

How to Set Up a Windows Image on the Windows RIS Server

Steps

1. Copy the Windows distribution from a CD or Network Share to the RIS server CIFS.

   Use the RiSetup.exe utility.

   ---

   Note –

   Do not use MSDN Combo CDs to create a RIS Image. You will get an error message that was described in the Microsoft Knowledge Base Article #300556. To resolve this issue, please use a retail version of the OS image being created.

   ---

2. Add the required drivers to the RIS image created in the previous step.

   Be sure to include all the drivers, such as those for the network adapter, SCSI hard drives, video, and modem.

   For more information about adding drivers to RIS images, see Microsoft Knowledge Base Article 315279, Microsoft Knowledge Base Article 246184, Microsoft Knowledge Base Article 254078, and information about adding mass storage devices to RIS.

   ---

   Note –

   Create the distribution folder accordingly.

   ---

   See the sample setup files in SampleSIFFiles folder for more details.

3. Create the folder product-directory/$OEM$/$1/N1ISP/ under the image distribution folder.

   product-directory is the Windows image distribution folder that has "i386" as a subfolder that contains the kernel files.

   For example:

   D:\RemoteInstall\Setup\English\Images\WinAS_2000\$OEM$\$1\N1ISP D:\RemoteInstall\Setup\English\Images\WinAS_2000\i386

4. Copy the assignIPInfo.exe file from the Windows boot and install server IspTools folder to the product-directory/$OEM$/$1/N1ISP/ folder that you created in the previous step.

   ---

   Note –

   The script expects the N1ISP folder to be part of the image. Copy the tools required for provisioning to this directory path product-directory/$OEM$/$1/N1ISP/. Do not change the N1ISP folder name.

   ---

   ---

   Tip –

   You created the Windows boot and install server IspTools folder in step 1 of How to Install OS Provisioning Scripts on the Windows RIS Server.

   You can also copy the N1 SPS RA binary to the above folder, if you want to install a RA on the target machine.

   ---

   The following example shows a sample directory structure.

   D:\RemoteInstall\Setup\English\Images\WIN2003_TRIAL\$OEM$\$1\N1ISP>dir Volume in drive D is Local Disk Volume Serial Number is A8D9-4012 Directory of D:\RemoteInstall\Setup\English\Images\WIN2003_TRIAL\$OEM$\$1\N1ISP 02/04/2005 02:39 PM <DIR> . 02/04/2005 02:39 PM <DIR> .. 02/04/2005 11:34 AM 29,184 assignIPInfo.exe 01/31/2005 03:33 PM 27,595,776 cr_ra_win32_5.0.msi 2 File(s) 27,624,960 bytes 2 Dir(s) 23,775,776,768 bytes free

How to Configure the Setup Information for the Windows Image

Setup information for Windows is stored in a RIS configuration profile. See the sample setup files from SampleSIFFiles folder for more details.

Steps

1. Edit the configuration profile file for each distribution to set the parameters mentioned in the following steps.

   To edit this file, use the SetupMgr.exe utility. from the Windows Resource Kit CD (deploy.cab file). You can also manually edit the file using the notepad tool.

   For a Windows 2003 image, the default SIF file is on the RIS Server at the following location:

   //Reminst/Setup/English/Images/Windows2003/i386/templates/ristndrd.sif

2. Verify or add the following configuration parameters to the [data] section in your ristndrd.sif configuration file:

   AutoPartition=1
   UnattendedInstall="Yes"

3. Verify or add the following configuration parameters to the [Unattended] section in your ristndrd.sif configuration file:

   UnattendMode=FullUnattended
   NtUpgrade=No
   OverwriteOemFilesOnUpgrade=No
   OemPreinstall = Yes

4. Verify or add the following configuration parameters to the [UserData] section in your ristndrd.sif configuration file:

   FullName = "N1isp SunUser"
   OrgName = "Sun Microsystems"
   ProductKey=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
            

   ---

   Note –

   Replace the FullName and OrgName values with something that is appropriate for your environment.

   While deploying some operating systems, such as Windows 2000 Advanced Server, ProductKey does not work. Instead, use a ProductID variable.

   ---

5. Verify or add the following configuration parameters to the [GuiUnattended] section in your ristndrd.sif configuration file:

   AdminPassword="sun123"
   AutoLogon=Yes
   AutoLogonCount=1
   EncryptedAdminPassword=NO

   ---

   Note –

   AutoLogonCount=1 implies that the super-user administrator is automatically logged on to the target host after installation with the default password as sun123 for the very first time. This is required to execute the provision time commands specified in the [GuiRunOnce] section in the SIF file. When the Administrator user attempts to login again, he will be prompted to change the password.

   ---

6. Verify or add the following sections to your ristndrd.sif configuration file:

   [Branding]
           BrandIEUsingUnattended=Yes
   [Proxy]
           Proxy_Enable=0
           Use_Same_Proxy=0

   ---

   Tip –

   The SetupMgr.exe utility generally adds these sections for you.

   ---

7. Add any specific plug and play drivers to the image.

   See the instructions in Microsoft Knowledge Base article #: 315279.

How to Configure OS Chooser Files for Image Deployment

The following procedure explains how to configure the OS chooser files for English users. The procedure might be slightly different for other languages. For more information, see the Microsoft documentation.

Steps

1. Copy the following files in the //RemoteInstall/OSChooser/i386 directory on the RIS server.

   1. Create a backup copy of the startrom.com file to startrom.bak.

   2. Copy the startrom.n12 file to startrom.com.

2. Edit the CIW Screens to simplify user interactions.

   The following sub-steps explain how to make changes that simply the following features:

   • Add Autoenter functionality for all the required .osc screens. This capability eliminates all user interactions with CIW screens during the installation phase.

   • Add user information for authentication in the login.osc file. This step eliminates the user interaction during installation. Automating the user information in the login.osc file authorizes and enables the target host to download and install files directly from the RIS server.

   • Add an OS provisioning customized path to the image in the oschoice.osc file. This step points the oschoice CIW screen to a known RIS image location for the .sif file. This value points to a customized path to an OS provisioning temporary .sif file that is generated during provisioning run-time.

   1. Create backup copies of the following files:

      • //RemoteInstall/OSChooser/Welcome.osc

      • //RemoteInstall/OSChooser/English/install.osc

      • //RemoteInstall/OSChooser/English/login.osc

      • //RemoteInstall/OSChooser/English/oschoice.osc

      • //RemoteInstall/OSChooser/English/warning.osc

      For example:

      copy //RemoteInstall/OSChooser/Welcome.osc //RemoteInstall/OSChooser/Welcome.osc.bak copy //RemoteInstall/OSChooser/English/install.osc //RemoteInstall/OSChooser/English/install.osc.bak copy //RemoteInstall/OSChooser/English/login.osc //RemoteInstall/OSChooser/English/login.osc.bak copy //RemoteInstall/OSChooser/English/oschoice.osc //RemoteInstall/OSChooser/English/oschoice.osc.bak copy //RemoteInstall/OSChooser/English/warning.osc //RemoteInstall/OSChooser/English/warning.osc.bak

   2. Copy the supplied Welcome.osc file to //RemoteInstall/OSChooser.

   3. Copy the supplied install.osc, login.osc, oschoice.osc, and warning.osc files from the SampleOSCFiles folder to //RemoteInstall/OSChooser/English.

   4. Modify the INPUT tags for USERNAME and PASSWORD in the login.osc to match the OS provisioning administration user name and password.

      <FORM ACTION="CHOICE">
          &nbsp&nbspUser name: <INPUT NAME="USERNAME" MAXLENGTH=255 TYPE=TEXT VALUE=n1ispadmin>
          &nbsp&nbsp&nbspPassword: <INPUT NAME="*PASSWORD" TYPE=PASSWORD MAXLENGTH=20 VALUE=sun123>
          <BR>
            ...
            ...
            ...
      </FORM>

      ---

      Tip –

      You created the administration user and password in step 7 of How to Set Up the Windows RIS Server.

      ---

      ---

      Note –

      Do not modify any other information.

      ---

   5. Modify the OPTION tag in the oschoice.osc file with the path that points to the location of the OS provisioning temporary .sif file that is generated during provisioning runtime.

      Generally, this file path contains the folder name that you created in step 3 of How to Install OS Provisioning Scripts on the Windows RIS Server, appended with the GUID file name that is created at provisioning time as %guid%.sif. For example, D:\RemoteInstall\N1Ispguid.sif.

      <OPTION VALUE="D:\RemoteInstall\N1Isp\%guid%.sif" TIP="This will install
      N1 ISP customized Windows OS Image" SELECTED>%guid%</SELECT>

How to Set BIOS Boot Order on the Target Host

Steps

1. Set the BIOS Settings on the target host in the following order:

   1. Boot from Network (PXE-enabled)

   2. Boot from Hard Disk

   3. Boot from CD

   4. Boot from Floppy

2. Identify the target host's primary NIC MAC address for a PXE network boot and the GUID value.

   You can obtain the GUID from the target host's BIOS settings or from any of the following other sources:

   • A label on the side of the computer case.

   • A label within the computer case.

   • The basic input/output system (BIOS) of the client computer.

   • Network traffic from the client computer. You can use a network utility to sniff the network traffic and locate the DHCPDiscover packet. That field will contain the 128-bit, 16-byte GUID/UUID.

   ---

   Note –

   The GUID must be in the form {dddddddd-dddd-dddd-dddd-dddddddddddd}, where d is a hexadecimal text digit. For example, {921FB974-ED42-11BE-BACD-00AA0057B223}. Valid entries for the client GUID are restricted to the numbers 0 through 9, lowercase alphabetical characters, uppercase alphabetical characters, and a dash. Spaces, underscores, and other special symbols are not permitted in a GUID.

   ---

How to Create the Windows Image Server (Browser Interface)

Steps

1. In the Common Tasks section of the provisioning software page, select OS Provisioning.

2. On the OS Provisioning Common Tasks page, click Create in the Windows Image Servers section.

3. On the Plans Details page, click Run.

4. Choose variables to use for this plan.

   • To use an existing variables set, select a name from the drop-down menu in the WindowsServer component row of the Plan Parameters table.

   • To create a new variables set, click Select from List in the WindowsServer component row of the Plan Parameters table.

     1. Click Create Set.

     2. Type a name for the variables set.

     3. Verify variables and change them, if needed.

        The image server component has only a few variables, most of which you are unlikely to change. For a list of those variables and their default values, see Windows Image Server Component Variables.

     4. Save the variables set.

     5. Select the variables set that you just saved from the drop-down menu in the WindowsServer component row of the Plan Parameters table.

5. Select the host on which to create the Windows image server.

6. Click Run Plan (includes preflight).

7. To verify that the image server is created successfully, click the Hosts link in the left side of the provisioning server window.

   You should see the name of the virtual host appended with -windows. For example, if you installed on host masterserver, the virtual host is masterserver-windows.

How to Create the Windows Image Server (Command-Line Interface)

To create the Windows image server from the command line, follow these steps.

Steps

1. Create a variables set.

   Use a command similar to the following example:

   # cr_cli -cmd cdb.vs.add -comp NM:/com/sun/n1osp/untyped/WindowsServer -name "winRisServer" \ -u admin -p admin -vars "active_directory_userid=n1ispadmin; \ active_directory_password=Clz6pK2b6qw=;boot_server_access_protocol=rsh; \ boot_server_access_userid=root;boot_server_access_password=; \ ciw_directory=D:\\\\RemoteInstall\\\\OSChooser\\\\English; \ temporary_sif_directory=D:\\\\RemoteInstall\\\\N1isp;installPath=C:\\\\N1ispRisProj"

2. Run the plan.

   # cr_cli -cmd pe.p.run -u admin -p admin -PID NM:/com/sun/n1osp/untyped/WindowsServer-create \ -tar H:NM:masterserver -comp + -vs winRisServer -pto 30 -nto 10

Windows Image Server Component Variables