[an error occurred while processing this directive]


Exploring 2000 - Installing Windows 2000 Professional
(Nov 1999)
John Savill guides us through installing Windows 2000 Professional in both a SOHO and Enterprise environment

[an error occurred while processing this directive]

This article is based on the latest builds of Windows 2000 Server & Professional RC 1.

As an NT user you must have had to install or repair an NT installation at one time or another. Finding the four start-up disks (or recreating them), booting off of them, using the CD, performing the entire configuration only for a user to wreck it all and have to start again. Windows NT had some technologies to help deployment such as unattended installations and SYSPREP that we will look at but they were quite primitive. Windows 2000 Professional with Windows 2000 Servers offer much nicer options.

Four disks and a CD

When you purchase Windows 2000 Professional or Server you are supplied with four disks and a CD-ROM. To install you insert disk 1, then disk 2, disk 3, disk 4 and finally you insert the CD.

The disk-based stages installs a base NT kernel for use by the set-up and the drivers needed to communicate with the user, computers CD and hard drives, a base VGA, various keyboard and mouse drivers, FAT and NTFS drivers, ATAPI and SCSI controllers. The user also has the option of loading additional drivers such as a special SCSI board driver or the like.

Newer versions of NT and all versions of Windows 2000 provide the ability to boot off of the installation CD-ROM eliminating the need to boot off of the four floppy disks. This is only possible if the BIOS of your computer supports CD booting and it’s listed as a boot option. Alpha machines also support CD booting. Once the CD portion of installation has commenced a number of questions will be asked including the name of the user, organisation, network adapters and protocols, video adapters etc. Once installation is complete you need to add various drivers for your hardware and apply service packs.

Windows 2000 provides full plug and play support along with a very large driver database that will mean in the majority of cases that you should not need to install any other drivers to current hardware. In a small environment of a couple of machines, going to each machine to install is not a problem. If a machine needs to be replaced you have to reinstall the operating system, reinstall the applications and restore the user’s data. This is quite a lot of work (maybe a day), but it is not impossible. Now imagine you have several buildings full with workstations, unless you have a support team of thousands a better way is needed.

Installing from a network share

One of the most basic alternatives to a CD based installation is to copy the I386 directory from the Windows 2000 Professional CD (or the Windows 2000 Server CD) to a directory on a file server and then install over the network. This is normally done by either installing DOS first and installing the MS network client which allows network connectivity or using a bootable floppy disk with a network driver for the client machines NIC. The latter method has the advantage of not requiring an operating system of any kind on the client machine. Obviously after this you still need to install as normal after this and answer all questions regarding the user, network, hardware etc. It’s still not automatic; the administrator still needs to answer questions. A method is needed to allow an administrator to define in advance the answers to the questions so no user input is required at installation time. The solution is an unattended answer script.

Unattended Installations

It is possible to specify a text file that can be passed to the Windows NT installation program that contains answers to the questions the installation procedure asks. This file is usually called unattend.txt and is passed to the Windows NT installation program using the /u:unattend.txt qualifier.

The answer file has to adhere to a strict format that can be very complex, however there is a utility on the NT Server CD called SETUPMGR.EXE (in the Support/Deptools/I386) that allows the information to be filled into dialog boxes and it will then create the unattend.txt (or any other name) for you. A new version of SETUPMGR.EXE is supplied with Windows 2000 which not only allows creates unattended answer files but also files that can be used with RIS (as we will see) and much more.

The unattended installation file contains details for settings that will apply to all machines, however there are some settings that you may want to be different from machine to machine, such as user name, computer name, TCP/IP address etc. This can be accomplished by producing a text file in a certain format, with different sections for each computer.

The UDF file is used by specifying the /UDF:ID[,<database file name>]. An example UDF file would be:

u1 = UserData,TCPIPParams
u2 = UserData,TCPIPParams
FullName = "John Savill"
ComputerName = SavillTech
ProductID = xxx-xxxxxx
FullName = "Kevin Savill"
ComputerName = KevTech
ProductID = xxx-xxxxxx
IPAddress =

The ID specified would be (in the case above) u1 or u2. If the above file is saved as udf.txt to perform an unattended installation for machine one, you would use:

winnt /b /s:z: /u:unattend.txt /UDF:u1,udf.txt

The above command would set the installation as user Kevin Savill, computer name KevTech and IP address If a parameter is specified in both the unattend answer file and the UDF, the value in the UDF will be used. (The /b means it’s a floppy-less installation and the /s specifies the source for the installation files and UDF etc. You would need to have created the connection to z: already (net use z: //savillcomp/dist).


A utility is supplied as part of the Windows 2000 Resource Kit, SYSDIFF.EXE that is used to create a file containing files and registry changes needed for an application or set of applications to be installed. This program is basically unchanged from the 4.0 versions.

The basics behind SYSDIFF is it creates a snapshot of the system before the application is installed, the application is installed and SYSDIFF is run again which compares the current system to the snapshot taken, and any changes to the registry and files are saved. If this dump file gets too large, look at the sysdiff /inf option instead which creates a directory for each application installed and is better for a large number of applications. See the SYSDIFF.HLP file for more information. Once you have the SYSDIFF package you can then apply to other NT installations installing the applications and their settings.

We now have the ability to install the operating system and its applications. User data recovery can be solved by using roaming profiles and keeping all user data in the My Documents area or on a file server. Roaming profiles work by copying your profile area to a domain controller that allows you to use any machine and always have your specific settings.

Windows 2000 allows you to redirect items such as My Documents to point to a network server and using IntelliMirror files are only pulled down from the server as needed and then synced with the server when available. It’s even possible to have a locally cached copy of the networked My Documents for those on the road.

The Remote Installation Service

Windows 2000 introduces the Remote Installation Service which is a DHCP-based remote boot technology used to install an OS on a client’s local hard disk from a remote source (CD or Sysprep image on a server share). A network boot can be initiated by either the system BIOS, a specific function key, or by a special remote boot floppy provided for existing non-manageable (ROM-less) client computers.

You must have a DNS, a DHCP and a directory services server on the network before installing. Also RIS does not currently support either the Distributed or Encrypted File Systems. Once installed the server is ready to provide a network based installation for Windows 2000 professional using a standard Microsoft provided template file. This can be changed however. If you right click on the server and select Properties within Active Directory Users and Computers MMC snap-in you will see a new tab called 'Remote Install' which is used to manage the service.

The files that reside on the server (stored in the RemoteInstall path) can not be on the boot or system partition as not only will remote clients access this volume heavily but also the SIS (Single Instance Store) service runs on this volume.

SIS reduces the amount of disk space required on these volumes by removing duplicate files and placing the data in a common directory. The duplicate files are then truncated into Reparse points that refer to the common directory for the file data.

SIF files are created on the RIS server which are the same format as unattended installation files with a small amount extra information at the start. It’s possible to connect multiple SIF files to a single professional distribution point allowing different installation options from a single build.

Application Deployment

Windows 2000 has powerful group policy options that enable not only basic registry manipulation but also the allocation of startup/shutdown/login/logoff scripts and most interestingly application deployment, recovery and updates. Windows 2000 introduces the concept of publishing applications using the Active Directory and several options are available when publishing applications:

  • Publish to a computer - any user will have access to the application who logs on to the machine
  • Advertise to a computer - any user will have the option of installing and using the application on the machine
  • Publish to a user - only the users who have the application deployed may use it
  • Advertise to a user - only the users who have the application advertised may use it

This deployment of applications is all done through the group policy and you can publish applications that support the new Microsoft Installer Package format (the applications have a new .msi set-up program). These MSI files include information about registry entries, core files etc. so if when the application starts and it detects that a registry entry is missing or a core file has gone it can automatically re-download information from the distribution server and fix itself.

Windows 2000 ships with WinINSTALL LE which can be used in the same way as SYSDIFF. It is important to run WinINSTALL LE on a clean system, and by this I mean don’t run it on an installation that has applications already installed as when you install an application it may check if certain runtimes etc. are installed. If this is the case do not bother to recopy over it, as this would mean your distribution package would be missing vital files.

Once you have your .msi package you can publish via the Group Policy editor to domains, Organizational Units and Sites. It’s also easy to upgrade and retire packages all via the .msi. Current applications that support Microsoft installer packages are Microsoft Office 2000 and the Windows 2000 Resource Kit (among others).

In future service packs will be shipped with MSI files allowing you to deploy them via group policies with very little effort.

This is best paired with the Remote Installation Service allowing RIS to install the operating system and group policies to install the applications and settings. Of course, you may still want to use SMS for some features; Windows 2000 has been designed to work with SMS 2.0 and group policies work with SMS 2.0 and not against, after all, Microsoft wants you to carry on buying its software.

Other options

Disk duplication is very easy. Ideally you just create an NT installation with the entire configuration completed and applications installed then just duplicate the disk image. Sadly it’s not that simple.

It is ok to use disk duplication to install NT, but not a complete NT installation. You should follow these steps:

  1. Use the winnt /b installation option on a machine
  2. Stop the setup at the second reboot, when it has finished the text portion of the installation, and will be starting the GUI section
  3. Remove and duplicate the hard disk of the machine
  4. Install the duplicate hard drive in the new machine
  5. Start the new machine and the GUI sections will start.

If you want to clone a complete installation and remain supported by Microsoft use the SYSPREP tool. This is available as part of the resource kit in Windows 2000.

What SYSPREP does is remove machine specific information such as SID references and user information. You can then duplicate the installation using a disk clone software package and then distribute over the network (you can even distribute using RIS in Windows 2000). Upon first power up you will be asked a couple of questions but all applications etc. will be kept. The few questions you are asked can be automatically answered using an unattended answer script, back to basics).

With Windows 2000 we now have a variety of installation methods and if your hardware supports the automatic network install you only need to power on the computer and do nothing else, bliss! Of course in the real world this will probably not be the case but it’s a step closer to zero admin.