This article is based on the latest builds of Windows 2000 Server & Professional RC 1.Four disks and a CD
Installing from a network share
The Remote Installation Service
As an NT user you must have had
to install or repair an NT installation at one time or another. Finding the four start-up
disks (or recreating them), booting off of them, using the CD, performing the entire
configuration only for a user to wreck it all and have to start again. Windows NT had some
technologies to help deployment such as unattended installations and SYSPREP that we will
look at but they were quite primitive. Windows 2000 Professional with Windows 2000 Servers
offer much nicer options.
Four disks and a CD
When you purchase Windows 2000 Professional or Server you are supplied with four disks and
a CD-ROM. To install you insert disk 1, then disk 2, disk 3, disk 4 and finally you insert
The disk-based stages installs a base NT kernel for use by the set-up and the drivers
needed to communicate with the user, computers CD and hard drives, a base VGA, various
keyboard and mouse drivers, FAT and NTFS drivers, ATAPI and SCSI controllers. The user
also has the option of loading additional drivers such as a special SCSI board driver or
Newer versions of NT and all versions of Windows 2000 provide the ability to boot off of
the installation CD-ROM eliminating the need to boot off of the four floppy disks. This is
only possible if the BIOS of your computer supports CD booting and its listed as a
boot option. Alpha machines also support CD booting. Once the CD portion of installation
has commenced a number of questions will be asked including the name of the user,
organisation, network adapters and protocols, video adapters etc. Once installation is
complete you need to add various drivers for your hardware and apply service packs.
Windows 2000 provides full plug and play support along with a very large driver database
that will mean in the majority of cases that you should not need to install any other
drivers to current hardware. In a small environment of a couple of machines, going to each
machine to install is not a problem. If a machine needs to be replaced you have to
reinstall the operating system, reinstall the applications and restore the users
data. This is quite a lot of work (maybe a day), but it is not impossible. Now imagine you
have several buildings full with workstations, unless you have a support team of thousands
a better way is needed.
Installing from a network share
One of the most basic alternatives to a CD based installation is to copy the I386
directory from the Windows 2000 Professional CD (or the Windows 2000 Server CD) to a
directory on a file server and then install over the network. This is normally done by
either installing DOS first and installing the MS network client which allows network
connectivity or using a bootable floppy disk with a network driver for the client machines
NIC. The latter method has the advantage of not requiring an operating system of any kind
on the client machine. Obviously after this you still need to install as normal after this
and answer all questions regarding the user, network, hardware etc. Its still not
automatic; the administrator still needs to answer questions. A method is needed to allow
an administrator to define in advance the answers to the questions so no user input is
required at installation time. The solution is an unattended answer script.
It is possible to specify a text file that can be passed to the Windows NT installation
program that contains answers to the questions the installation procedure asks. This file
is usually called unattend.txt and is passed to the Windows NT
installation program using the /u:unattend.txt qualifier.
The answer file has to adhere to a strict format that can be very complex, however there
is a utility on the NT Server CD called SETUPMGR.EXE (in the Support/Deptools/I386) that
allows the information to be filled into dialog boxes and it will then create the
unattend.txt (or any other name) for you. A new version of SETUPMGR.EXE is supplied with
Windows 2000 which not only allows creates unattended answer files but also files that can
be used with RIS (as we will see) and much more.
The unattended installation file contains details for settings that will apply to all
machines, however there are some settings that you may want to be different from machine
to machine, such as user name, computer name, TCP/IP address etc. This can be accomplished
by producing a text file in a certain format, with different sections for each computer.
The UDF file is used by specifying the /UDF:ID[,<database file name>].
An example UDF file would be:
u1 = UserData,TCPIPParams
u2 = UserData,TCPIPParams
FullName = "John Savill"
ComputerName = SavillTech
ProductID = xxx-xxxxxx
FullName = "Kevin Savill"
ComputerName = KevTech
ProductID = xxx-xxxxxx
IPAddress = 126.96.36.199
The ID specified would be (in the case above) u1 or u2. If the above file is saved as udf.txt
to perform an unattended installation for machine one, you would use:
winnt /b /s:z: /u:unattend.txt /UDF:u1,udf.txt
The above command would set the installation as user Kevin Savill, computer name KevTech
and IP address 188.8.131.52. If a parameter is specified in both the unattend answer file
and the UDF, the value in the UDF will be used. (The /b means its a floppy-less
installation and the /s specifies the source for the installation files and UDF etc. You
would need to have created the connection to z: already (net use z: //savillcomp/dist).
A utility is supplied as part of the Windows 2000 Resource Kit, SYSDIFF.EXE that is used
to create a file containing files and registry changes needed for an application or set of
applications to be installed. This program is basically unchanged from the 4.0 versions.
The basics behind SYSDIFF is it creates a snapshot of the system before the application is
installed, the application is installed and SYSDIFF is run again which compares the
current system to the snapshot taken, and any changes to the registry and files are saved.
If this dump file gets too large, look at the sysdiff /inf option instead which creates a
directory for each application installed and is better for a large number of applications.
See the SYSDIFF.HLP file for more information. Once you have the SYSDIFF package you can
then apply to other NT installations installing the applications and their settings.
We now have the ability to install the operating system and its applications. User data
recovery can be solved by using roaming profiles and keeping all user data in the My
Documents area or on a file server. Roaming profiles work by copying your profile area to
a domain controller that allows you to use any machine and always have your specific
Windows 2000 allows you to redirect items such as My Documents to point to a network
server and using IntelliMirror files are only pulled down from the server as needed and
then synced with the server when available. Its even possible to have a locally
cached copy of the networked My Documents for those on the road.
The Remote Installation Service
Windows 2000 introduces the Remote Installation Service which is a DHCP-based remote boot
technology used to install an OS on a clients local hard disk from a remote source
(CD or Sysprep image on a server share). A network boot can be initiated by either the
system BIOS, a specific function key, or by a special remote boot floppy provided for
existing non-manageable (ROM-less) client computers.
You must have a DNS, a DHCP and a directory services server on the network before
installing. Also RIS does not currently support either the Distributed or Encrypted File
Systems. Once installed the server is ready to provide a network based installation for
Windows 2000 professional using a standard Microsoft provided template file. This can be
changed however. If you right click on the server and select Properties within Active
Directory Users and Computers MMC snap-in you will see a new tab called 'Remote Install'
which is used to manage the service.
The files that reside on the server (stored in the RemoteInstall path) can not be on the
boot or system partition as not only will remote clients access this volume heavily but
also the SIS (Single Instance Store) service runs on this volume.
SIS reduces the amount of disk space required on these volumes by removing duplicate files
and placing the data in a common directory. The duplicate files are then truncated
into Reparse points that refer to the common directory for the file data.
SIF files are created on the RIS server which are the same format as unattended
installation files with a small amount extra information at the start. Its possible
to connect multiple SIF files to a single professional distribution point allowing
different installation options from a single build.
Windows 2000 has powerful group policy options that enable not only basic registry
manipulation but also the allocation of startup/shutdown/login/logoff scripts and most
interestingly application deployment, recovery and updates. Windows 2000 introduces the
concept of publishing applications using the Active Directory and several options are
available when publishing applications:
Advertise to a computer - any user will have the option of
installing and using the application on the machine
Publish to a user - only the users who have the application
deployed may use it
Advertise to a user - only the users who have the application
advertised may use it
- Publish to a computer - any user will have access to the
application who logs on to the machine
This deployment of applications is all done through the group policy
and you can publish applications that support the new Microsoft Installer Package format
(the applications have a new .msi set-up program). These MSI files include information
about registry entries, core files etc. so if when the application starts and it detects
that a registry entry is missing or a core file has gone it can automatically re-download
information from the distribution server and fix itself.
Windows 2000 ships with WinINSTALL LE which can be used in the same way as SYSDIFF. It is
important to run WinINSTALL LE on a clean system, and by this I mean dont run it on
an installation that has applications already installed as when you install an application
it may check if certain runtimes etc. are installed. If this is the case do not bother to
recopy over it, as this would mean your distribution package would be missing vital files.
Once you have your .msi package you can publish via the Group Policy editor to domains,
Organizational Units and Sites. Its also easy to upgrade and retire packages all via
the .msi. Current applications that support Microsoft installer packages are Microsoft
Office 2000 and the Windows 2000 Resource Kit (among others).
In future service packs will be shipped with MSI files allowing you to deploy them via
group policies with very little effort.
This is best paired with the Remote Installation Service allowing
RIS to install the operating system and group policies to install the applications and
settings. Of course, you may still want to use SMS for some features; Windows 2000 has
been designed to work with SMS 2.0 and group policies work with SMS 2.0 and not
against, after all, Microsoft wants you to carry on buying its software.
Disk duplication is very easy. Ideally you just create an NT installation with the entire
configuration completed and applications installed then just duplicate the disk image.
Sadly its not that simple.
It is ok to use disk duplication to install NT, but not a complete NT installation. You
should follow these steps:
- Use the winnt /b installation option on a machine
- Stop the setup at the second reboot, when it has finished the text
portion of the installation, and will be starting the GUI section
- Remove and duplicate the hard disk of the machine
- Install the duplicate hard drive in the new machine
- Start the new machine and the GUI sections will start.
If you want to clone a complete installation and remain
supported by Microsoft use the SYSPREP tool. This is available as part of the resource kit
in Windows 2000.
What SYSPREP does is remove machine specific information such as SID references and user
information. You can then duplicate the installation using a disk clone software package
and then distribute over the network (you can even distribute using RIS in Windows 2000).
Upon first power up you will be asked a couple of questions but all applications etc. will
be kept. The few questions you are asked can be automatically answered using an unattended
answer script, back to basics).
With Windows 2000 we now have a variety of installation methods and if your hardware
supports the automatic network install you only need to power on the computer and do
nothing else, bliss! Of course in the real world this will probably not be the case but
its a step closer to zero admin.