GSS25-A

November 10, 2017 | Author: ji3yrd | Category: Operating System, Backup, Microsoft Windows, Virtual Machine, Computer Security
Share Embed Donate


Short Description

Download GSS25-A...

Description

Symantec Ghost Solution Suite 2.5 Administration (Lessons)

100-002493-A

COURSE DEVELOPERS

Ken Baldwin Tom Salmond

LEAD SUBJECT MATTER EXPERT

Renee McHugh

TECHNICAL CONTRIBUTORS AND REVIEWERS

Renee McHugh Casey Johnson Jim Morrison Hugo Parra Krishantha Jayaratne Greg Haldeman Ray Cotrell

Copyright © 2008 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and VERITAS are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. THIS PUBLICATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS PUBLICATION. THE INFORMATION CONTAINED HEREIN IS SUBJECT TO CHANGE WITHOUT NOTICE. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Symantec Ghost Solution Suite 2.5 Administration Symantec Corporation 20330 Stevens Creek Blvd. Cupertino, CA 95014 http://www.symantec.com

Table of Contents Course Introduction Course Introduction........................................................................................... Intro-3 Course Objectives............................................................................................. Intro-5 Intended Audience ............................................................................................ Intro-7 Course Materials ............................................................................................... Intro-8 VMware Environment........................................................................................ Intro-9 Virtual Machine Configuration ......................................................................... Intro-10 Introduction Lab: The VMware Lab Environment............................................ Intro-11 Lesson 1: Computer Lifecycle Management and Symantec Products Overview of Computer Lifecycle Management ....................................................... 1-3 Symantec Products for Managing the Computer Lifecycle ..................................... 1-6 Lifecycle Stages Addressed by Symantec Products............................................. 1-14 Lesson 2: Ghost Solution Suite Product Overview What Is Ghost Solution Suite? ................................................................................ 2-3 Ghost Solution Suite Components .......................................................................... 2-7 System Requirements........................................................................................... 2-17 Supported File Systems ........................................................................................ 2-25 Ghost Solution Suite Terminology......................................................................... 2-26 Lesson 3: Installing Ghost Solution Suite Installing Ghost ....................................................................................................... 3-3 Installing DeployCenter ........................................................................................... 3-8 Creating an Image Repository ................................................................................ 3-9 Lesson 4: Creating Boot Packages Purpose of Boot Packages...................................................................................... 4-3 Overview of Boot Packages .................................................................................... 4-4 Requirements for Creating a Ghost Solution Suite Boot Package.......................... 4-6 Differences Between the Ghost and DeployCenter Boot Package Builders ........... 4-7 Creating Boot Packages with the Ghost Boot Wizard............................................. 4-9 Creating Boot Packages with the DeployCenter Boot Disk Builder ...................... 4-22 Lesson 5: Using Boot Packages Methods for Using Boot Packages.......................................................................... 5-3 Creating QuickBoot Executables ............................................................................ 5-5 PXE Components in Ghost Solution Suite .............................................................. 5-9 Configuring the 3Com Boot Services PXE Environment....................................... 5-10 Configuring the DeployCenter PXE Environment ................................................. 5-17 Lesson 6: Creating and Restoring Images Methods of Creating Images ................................................................................... 6-3 Determining an Imaging Strategy............................................................................ 6-6 Creating an Image Using the Ghost PreOS GUI..................................................... 6-9 Table of Contents

iii Copyright © 2008 Symantec Corporation. All rights reserved.

Creating an Image Using the ImageCenter PreOS GUI ....................................... 6-12 Restoring an Image Using the Ghost PreOS GUI................................................. 6-17 Restoring an ImageCenter Image Using the ImageCenter PreOS GUI................ 6-19 Lesson 7: Creating and Restoring Master Images Issues Involved in Deploying Images on a Network................................................ 7-3 How Microsoft Sysprep Resolves Image Deployment Issues................................. 7-5 Overview of the Sysprep Process ........................................................................... 7-6 Using Sysprep for Windows 2000/XP ..................................................................... 7-7 Using Sysprep for Windows Vista ......................................................................... 7-15 Building and Optimizing the Reference Computer ................................................ 7-27 Creating a Master Image of the Reference Computer .......................................... 7-30 Restoring Master Images ...................................................................................... 7-32 Lesson 8: Deploying Images Benefits and Challenges of Deploying an Image to Multiple Computers ................ 8-3 Overview of Multicasting ......................................................................................... 8-4 Using GhostCasting to Deploy Images ................................................................... 8-7 Using PowerCasting to Deploy Images................................................................. 8-11 Lesson 9: Automating the Creation and Restoration of Images Automating Symantec Ghost .................................................................................. 9-3 Automating ImageCenter ........................................................................................ 9-5 Additional Automation Tools ................................................................................. 9-12 Lesson 10: Creating AutoInstall Packages to Automate Post-Deployment Customizations How AutoInstall Works .......................................................................................... 10-3 Setting Up the AutoInstall Model Computer .......................................................... 10-7 Generating an AutoInstall Installation Script ......................................................... 10-8 Customizing AutoInstall Packages...................................................................... 10-10 Validating AutoInstall Packages.......................................................................... 10-14 Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console Purpose of the Ghost Console .............................................................................. 11-3 Preparing for Client Integration ............................................................................. 11-6 Installing the Console Client................................................................................ 11-10 Setting Global Properties for Managed Clients ................................................... 11-12 Grouping Clients in the Ghost Console............................................................... 11-16 Creating Tasks in the Ghost Console ................................................................. 11-19 Populating the Ghost Console with Client Information........................................ 11-22 Lesson 12: Using the Ghost Console to Create and Restore Images Overview of Imaging Tasks................................................................................... Configuring the Ghost Console to Use the Image Repository .............................. Building and Running an Image Create Task ....................................................... Building and Running a DeployAnywhere Clone Task.......................................... iv

12-3 12-4 12-6 12-8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 13: Using the Ghost Console to Migrate OS-Based User Profiles Overview of User Migrations ................................................................................. Building User Migration Templates ....................................................................... Capturing User Data ............................................................................................. Restoring User Data..............................................................................................

13-3 13-4 13-6 13-9

Lesson 14: Using the Ghost Console to Perform Post-Deployment Customizations Benefits of Performing Post-Deployment Customizations on Remote Computers 14-3 The Software and File Actions Task ..................................................................... 14-4 Creating an AI Package Definition ........................................................................ 14-7 Building and Running a Software and File Actions Task ...................................... 14-9 Lesson 15: Using Client Inventory Reports in the Ghost Console Overview of Client Inventory ................................................................................. 15-3 Managing Collected Data Sets.............................................................................. 15-7 Viewing Inventory Information............................................................................. 15-14 Using Filters ........................................................................................................ 15-22 Using Reports ..................................................................................................... 15-31 Using Dynamic Machine Groups......................................................................... 15-35 Lesson 16: Preparing to Remove a Computer from Production Importance of Preparing Computers for Retirement ............................................. 16-3 Using GDisk to Securely Retire a Hard Disk......................................................... 16-4

Table of Contents

v Copyright © 2008 Symantec Corporation. All rights reserved.

vi

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Course Introduction

Intro–2

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Course Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Course Introduction The lessons in this course are designed to build your knowledge of Symantec Ghost Solution Suite, enabling you to deploy systems across your network and maintain client computers effectively and efficiently. The following lessons are included in this course: • Lesson 1: Computer Lifecycle Management and Symantec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating a Master Image File • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Automate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Course Introduction

Intro–3 Copyright © 2008 Symantec Corporation. All rights reserved.

Course Introduction (continued) • Lesson 12: Using the Ghost Console to Create and Restore Im ages • Lesson 13: Using the Ghost Console to Migrate OSBased User Profiles • Lesson 14: Using the Ghost Console to Perform Post-Deployment Customizations • Lesson 15: Using Client Inventory Reports in the Ghost Console • Lesson 16: Preparing to Remove a Computer from Production

• • • • •

Intro–4

Lesson 12: Using the Ghost Console to Create and Restore Images Lesson 13: Using the Ghost Console to Migrate OS-Based User Profiles Lesson 14: Using the Ghost Console to Perform Post-Deployment Customizations Lesson 15: Using Client Inventory Reports in the Ghost Console Lesson 16: Preparing to Remove a Computer from Production

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Course Objectives After completing this course, you will be able to: – Discuss the importance of managing the computer lifecycle and how Symantec products can help with this task. – Install the Ghost Solution Suite com ponents. – Use Ghost Solution Suite to create boot packages. – Use boot packages to load a preOS environment and perform imaging tasks. – Manually create and restore images using the preOS graphical user interfaces for both Ghost and DeployCenter. – Create a master image file you can use to deploy systems across a network. – Use the multicasting technologies included in Ghost Solution Suite to deploy im ages to systems across a network. – Use Ghost’s command line interface and DeployCenter’s scripting language to automate the creation and restoration of images.

Course Objectives This course includes practical exercises that enable you to test your new skills and begin to transfer them into your working environment. By the end of this course, you should be able to: • Discuss the importance of managing the computer lifecycle and how Symantec products can help with this task. • Install the Ghost Solution Suite components. • Use Ghost Solution Suite to create boot packages. • Use boot packages to load a preOS environment and perform imaging tasks. • Manually create and restore images using the preOS graphical user interfaces for both Ghost and DeployCenter. • Create a master image file you can use to deploy systems across a network. • Use the multicasting technologies included in Ghost Solution Suite to deploy images to systems across a network. • Use Ghost’s command line interface and DeployCenter’s scripting language to automate the creation and restoration of images.

Course Introduction

Intro–5 Copyright © 2008 Symantec Corporation. All rights reserved.

Course Objectives (continued) After completing this course, you will be able to: – Use Ghost AutoInstall to customize newly-deployed system s. – Bring Windows-based desktop systems under the management of the Ghost Console. – Use tasks in the Ghost Console to create and restore im ages. – Capture a user’s personal files and settings from a computer and restore them to the same computer or to another com puter. – Use the Ghost Console to push out applications and other postdeployment customizations to m anaged systems. – Use the Ghost Console to create software and hardware inventory reports for managed computers. – Use Ghost’s GDisk utility to prepare aging systems for retirement.

• • • • • • •

Intro–6

Use Ghost AutoInstall to customize newly-deployed systems. Bring Windows-based desktop systems under the management of the Ghost Console. Use tasks in the Ghost Console to create and restore images. Capture a user’s personal files and settings from a computer and restore them to the same computer or to another computer. Use the Ghost Console to push out applications and other post-deployment customizations to managed systems. Use the Ghost Console to create software and hardware inventory reports for managed computers. Use Ghost’s GDisk utility to prepare aging systems for retirement.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Intended Audience This course is intended for technical personnel responsible for:

Deploying new computer systems

Managing the software and hardware configurations of production computers

Retiring obsolete computer systems

Intended Audience This course is for network and system administrators, IT managers, IT support personnel, and other network operations staff who are responsible for: • Deploying new computers across their organizations • Managing ongoing software and hardware configuration tasks for computers • Retiring obsolete computers

Course Introduction

Intro–7 Copyright © 2008 Symantec Corporation. All rights reserved.

Course Materials

Each student must have a: • Lesson Guide • Lab Exercise Guide • Preconfigured PC for the lab exercises

on ss Le i de Gu

b La e id Gu

Course Materials At the beginning of the course, your instructor should provide you with the following course materials: • A lesson guide • A lab guide • A computer that has been configured for the lab exercises you will perform in this class.

Intro–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

VMware Environment

To begin VMware labs: 1.

Start a virtual machine.

2.

Mount the ISO image (virtual CD).

3.

Use Ctrl+Alt+Insert to bring up the login prom pt.

VMware Environment You will complete the hands-on lab exercises in this course using VMware Workstation. VMware Workstation is virtual machine software for Intel x86-compatible computers. VMware Workstation allows you to set up multiple x86 virtual computers and to use one or more of these virtual machines simultaneously with the hosting operating system. Each virtual machine instance can execute its own guest operating system, such as Windows and Linux. In simple terms, VMware Workstation allows one physical machine to run two or more operating systems simultaneously. To begin a VMware lab: Start the virtual machine (or machines) you will be using for the lab. If a lab instructs you to start multiple virtual machines, a good practice is to start one virtual machine at a time and wait until the Windows login prompt is displayed before starting up the next virtual machine. Attempting to load multiple virtual machines simultaneously puts a heavy load on system resources and considerably slows the loading process. 2 Mount any ISO images (virtual CDs) associated with the lab. Some labs require you to access a product CD or other CD-based software. In such cases, you will be directed to mount ISO image files to the CD drive of your virtual machines. Once mounted, these files behave exactly as if they were physical CDs, enabling you to browse the virtual CD drive inside the virtual machine, install software, and so on. Instructions for mounting ISOs as virtual CDs in VMware are included in the lab exercises. 3 Use Ctrl+Alt+Insert to bring up the Windows login prompt. 1

Course Introduction

Intro–9 Copyright © 2008 Symantec Corporation. All rights reserved.

Virtual Machine Configuration

Virtual Machine Configuration There are a total of four virtual machines you will use when performing the lab exercises in this course. These virtual machines are configured as follows:

Intro–10

Virtual Machine

Guest Host Name

Purpose

IP Address

1

domcontroller (Windows Server 2003)

Primary Domain Controller (Domain/DHCP/AD)

10.130.6.2

2

GhostServer (Windows Server 2003)

Ghost Server + Image Repository

10.130.6.129

3

ClientSystem01 (Windows XP)

Ghost client

10.130.6.130

4

ClientSystem02 (Windows XP)

Ghost client

10.130.6.131

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Introduction Lab: The VMware Lab Environment In this lab, you familiarize yourself with VMware and the VMware lab environment used with the Ghost Solution Suite course.

Introduction Lab: The VMware Lab Environment In this lab, you familiarize yourself with VMware and the VMware lab environment used with the Ghost Solution Suite course.

Course Introduction

Intro–11 Copyright © 2008 Symantec Corporation. All rights reserved.

Intro–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 1 Computer Lifecycle Management and Symantec Products

Lesson Introduction • Lesson 1: Computer Lifecycle Management and Symantec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives

After completing this lesson, you will

Topic

1–2

be able to:

Overview of Com puter Lifecycle Managem ent

Define the term “computer lifecycle management” and describe the various stages of this lifecycle.

Symantec Products for Managing the Computer Lifecycle

Identify the Sym antec products that address the needs of computer lifecycle management.

Lifecycle Stages Addressed by Sym antec Products

Match the Symantec products discussed in this lesson with the stages of the com puter lifecycle each product addresses.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

1

Overview of Computer Lifecycle Management

Overview of Computer Lifecycle Management The term “computer lifecycle management” refers to the management of computer assets from the time a business receives a new computer and prepares the computer for employee use, until the computer is decommissioned from its original role and either disposed of or repurposed. There are numerous stages in the computer lifecycle, and these stages may vary from company to company, depending on business needs. In most cases, however, these stages can be categorized as follows: • Asset identification: Accounting for and reconciling real IT assets with physical locations, cost centers, and users within an organization • Contract management: Keeping track of which licenses the business owns and when leases and license agreements are set to expire • Deployment and configuration: Creating OS images and deploying these images to new computers or to computers that are being migrated to a new OS • Application distribution: Creating and distributing application installation packages to deliver corporate software or department-specific software to employees • Vulnerability and compliance: Ensuring that computers are protected from system and network threats such as viruses, malware, unauthorized intrusion, and data theft • Patch management: Managing and delivering OS and application fixes and updates across an organization • System continuity: Ensuring system availability by regularly creating backups to quickly recover from data loss or OS failure Lesson 1 Computer Lifecycle Management and Symantec Products Copyright © 2008 Symantec Corporation. All rights reserved.

1–3

• • •

1–4

Monitor and track: Staying informed about the status and health of computers across the organization Problem resolution: Tracking, troubleshooting, and resolving computer issues Transition and migration: Preparing obsolete computers for retirement, or migrating computers to a new OS or hardware

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Procurement

Deployment

Management

Retirement

• Asset identification • Contract management

• Deployment and configuration

• Ongoing distribution of corporate-wide and departmentspecific applications

Transition and migration

• Initial distribution of standard corporate applications

1

Overview of Computer Lifecycle Management

• Vulnerability and com pliance • Patch m anagement • System continuity • Monitor and track • Problem resolution

The Four Main Areas of the Computer Lifecycle To simplify the discussion of the computer lifecycle, these ten stages are often grouped into the following areas: • Procurement (asset identification and contract management) • Deployment (deployment and configuration, as well as initial distribution of standard corporate applications) • Management (ongoing distribution of corporate-wide and department-specific applications, vulnerability and compliance, patch management, system continuity, monitor and track, and problem resolution) • Retirement (transition and migration)

Lesson 1 Computer Lifecycle Management and Symantec Products Copyright © 2008 Symantec Corporation. All rights reserved.

1–5

Symantec Products for Managing the Computer Lifecycle Sym antec Ghost Solution Suite Altiris Client Management Suite Altiris Service and Asset Management Suite Symantec Backup Exec Symantec Backup Exec System Recovery Sym antec Endpoint Protection Symantec Network Access Control

Symantec Products for Managing the Computer Lifecycle Symantec offers a wide range of products for both server and client systems that address the needs of the computer lifecycle. Symantec’s full lifecycle management portfolio is not discussed here; however, this section offers a brief overview of the following products that assist businesses in the lifecycle management process. • Symantec Ghost Solution Suite • Altiris Client Management Suite • Altiris Service and Asset Management Suite • Symantec Backup Exec • Symantec Backup Exec System Recovery • Symantec Endpoint Protection • Symantec Network Access Control

1–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

1

Symantec Ghost Solution Suite

Symantec Ghost Solution Suite provides small businesses with:

• File-based and sector-based imaging for Windows and Linux deployment and m igration • Software distribution • PC “personality” migration (user data, settings, and profiles) • Hardware and software inventory • Secure system retirement

Symantec Ghost Solution Suite Symantec Ghost Solution Suite is a proven, trusted, and affordable solution for imaging, deploying, and configuring systems in the small business sector. Ghost Solution Suite helps reduce information technology costs and assists with maintaining a consistent and compliant desktop environment by streamlining and automating IT tasks from procurement to retirement. Ghost includes the following features: • File-based and sector-based imaging for Windows and Linux deployment and migration • Software distribution • PC “personality” migration (user data, settings, and profiles) • Basic hardware and software inventory • Secure system retirement Note: Symantec Ghost Solution Suite should not be confused with Norton Ghost, another Symantec imaging product. Norton Ghost is a consumer product designed primarily for backing up home or small office computers, while Symantec Ghost Solution Suite is a system deployment solution for business, with capabilities for centralized management and unattended deployment of images across a network.

Lesson 1 Computer Lifecycle Management and Symantec Products Copyright © 2008 Symantec Corporation. All rights reserved.

1–7

Altiris Client Management Suite

Altiris Client Management Suite provides medium to large businesses with:

• Imaging, deploym ent, and configuration of multiple OS types (Windows, Linux, and Solaris) • Policy-based software distribution • PC personality and OS migration • Centralized management of mixed hardware, OS, and device types from a single console • Com prehensive hardware and software inventory • Usage tracking and reporting for hardware, software, and applications • Patch m anagement • Help desk problem assessment • Secure system retirement

Altiris Client Management Suite Altiris Client Management Suite provides medium to large businesses with a robust endpoint management solution for desktops, notebooks, and handheld devices throughout their lifecycle. Client Management Suite addresses critical IT issues encountered throughout the computer lifecycle in one affordable, easy-touse suite. The suite includes the following features: • Imaging, deployment, and configuration of multiple OS types (Windows, Linux, and Solaris) • Policy-based software distribution • PC personality and OS migration • Centralized management of mixed hardware, OS, and device types from a single console • Comprehensive hardware and software inventory • Usage tracking and reporting for hardware, software, and applications • Patch management • Help desk problem assessment • Secure system retirement

1–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

1

Altiris Service and Asset Management Suite

Altiris Service and Asset Management Suite:

• Provides a centralized, unified configuration management database (CMDB) and asset repository • Integrates help desk management and asset management functions • Em powers the help desk to quickly resolve incidents • Creates a baseline for security audits • Enforces corporate standards • Provides a foundation for configuration management activities (OS and user m igration, deployment and provisioning, software packaging, and so on)

Altiris Service and Asset Management Suite Traditionally, service and asset management processes have been separate. The introduction and growing requirement for a centralized configuration management database (CMDB) and asset repository has led to the integration of service and asset management processes. Although this integration is a trend in the marketplace, few service and asset management tools allow organizations to easily integrate service management and asset management domains. This situation has led to high integration and maintenance costs, inaccuracy of repository data, and process re-engineering. Altiris Asset Management Suite removes the high cost of integration and helps ensure repository data accuracy by leveraging a unified CMDB and asset repository. Altiris Asset Management Suite: • Provides a centralized, unified configuration management database (CMDB) and asset repository • Integrates help desk management and asset management functions • Empowers the help desk to quickly resolve incidents • Creates a baseline for security audits • Enforces corporate standards • Provides a foundation for configuration management activities (OS and user migration, deployment and provisioning, software packaging, and so on)

Lesson 1 Computer Lifecycle Management and Symantec Products Copyright © 2008 Symantec Corporation. All rights reserved.

1–9

Symantec Backup Exec

Symantec Backup Exec:

• Protects and recovers data on file servers, application servers, desktops, and laptops • Provides continuous data protection • Enables recovery of e-mail messages, folders, and documents in seconds • Provides centralized management capabilities to simplify administration

Symantec Backup Exec Symantec Backup Exec addresses data protection requirements by continuously backing up data and making it available for quick and easy retrieval in the event of data loss. Whether data resides on a Windows file server; on a desktop or laptop; or on a critical application server like Exchange, SQL, or SharePoint, Symantec Backup Exec has the capability and compatibility to offer full data protection and recovery. Designed to meet the growing needs of today’s businesses, Symantec Backup Exec delivers complete disk-to-disk-to-tape data protection and recovery for Windows environments. The Backup Exec solution provides traditional tape-based, as well as disk-based, continuous data protection—eliminating backup windows altogether, speeding data recovery, and enabling end users to recover their own files without IT intervention. Backup Exec recovers data in seconds, including business-critical information such as individual email messages, folders, and documents.

1–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

1

Symantec Backup Exec System Recovery

Symantec Backup Exec System Recovery:

• Captures backups of the entire live Windows system • Provides rapid, reliable recovery — even to dissimilar hardware and virtual environments • Provides centralized management capabilities to simplify administration

Symantec Backup Exec System Recovery Symantec Backup Exec System Recovery enables businesses to recover Windows computers from system malfunction or failure in minutes. Helping IT administrators meet recovery time objectives, Backup Exec System Recovery provides fast, easy-to-use system restoration or full bare metal recovery to dissimilar hardware and even virtual environments. Backup Exec System Recovery also provides the ability to recover systems in remote, unattended locations.

Lesson 1 Computer Lifecycle Management and Symantec Products Copyright © 2008 Symantec Corporation. All rights reserved.

1–11

Symantec Endpoint Protection

Symantec Endpoint Protection:

• Protects against viruses, spyware, and proactive threats • Provides device control • Provides a firewall and intrusion prevention capabilities • Sim plifies endpoint security administration through the use of a central management console

Symantec Endpoint Protection Symantec Endpoint Protection addresses data, applications, OS, and network security protection requirements by ensuring system integrity. Symantec Endpoint Protection combines Symantec AntiVirus with advanced threat prevention to deliver an unmatched defense against malware for laptops, desktops, and servers. Symantec Endpoint Protection provides protection against even the most sophisticated attacks that evade traditional security measures, such as rootkits, zero-day attacks, and mutating spyware. Symantec Endpoint Protection also provides advanced threat prevention that protects endpoints from targeted attacks and attacks not seen before. It includes turnkey, proactive technologies that automatically analyze application behaviors and network communications to detect and block suspicious activities, as well as administrative control features that allow you to deny specific device and application activities deemed as high risk for your organization. With Symantec Endpoint Protection, you can even block specific actions based on the location of the user. Symantec Endpoint Protection simplifies endpoint security administration through the use of a central management console that manages the configuration and behavior of the Symantec Endpoint Protection agent on protected systems. The console provides operational efficiencies such as single software updates and policy updates, unified central reporting, and a single licensing and maintenance program. Note: Symantec Antivirus should not be confused with Norton Antivirus. Norton Antivirus is intended for home or small office use, while Symantec Antivirus is designed to protect networked enterprise environments. 1–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

1

Symantec Network Access Control

Symantec Network Ac cess Control:

• Discovers com puters that attem pt to access the network • Determines if computers are compliant with security policies • Quarantines, remediates, or gives limited network access to noncompliant computers • Monitors connected computers to ensure ongoing com pliance

Symantec Network Access Control Symantec Network Access Control addresses network security protection requirements by controlling computers’ access to the network. In today’s computing environments, network administrators are faced with the challenge of providing access to corporate resources for a growing user population. This user population includes both onsite and remote employees, as well as guests, contractors, and other temporary workers. Never before has the burden of maintaining the integrity of network environments been more challenging. It is no longer acceptable to provide unchecked access to the network. With the significant increase in the numbers and types of endpoints accessing their systems, organizations must have the ability to verify the health and posture of endpoints, both prior to connecting to resources and on a continual basis after endpoints connect. Symantec Network Access Control helps ensure that endpoints are in compliance with IT policy before those endpoints are allowed to connect to the corporate network. Regardless of how endpoints connect to the network, Symantec Network Access Control discovers and evaluates endpoint compliance status, provisions the appropriate network access, provides remediation capabilities, if needed, and continually monitors endpoints for changes in compliance status. The result is a network environment where corporations can realize significant reductions in security incidents and increased levels of compliance with corporate IT security policy.

Lesson 1 Computer Lifecycle Management and Symantec Products Copyright © 2008 Symantec Corporation. All rights reserved.

1–13

Lifecycle Stages Addressed by Symantec Products Procurement

Deployment

Management

Retirement

Altiris Client Management Suite

• Ghost Solution Suite • Altiris Client Managem ent Suite

• Ghost Solution Suite • Altiris Client Management Suite • Altiris Service and Asset Management Suite • Backup Exec • Backup Exec System Recovery • Endpoint Protection • Network Access Control

• Ghost Solution Suite • Altiris Client Management Suite

Lifecycle Stages Addressed by Symantec Products The products we have discussed in this lesson address the needs of the different computer lifecycle stages as follows: Procurement • Altiris Client Management Suite (asset identification and contract management) Deployment • Ghost Solution Suite (deployment and configuration for small businesses) • Altiris Client Management Suite (deployment and configuration for medium to large businesses) Management • Ghost Solution Suite (application distribution and monitoring and tracking functionality for small businesses) • Altiris Client Management Suite (application distribution, patch management, and monitoring and tracking functionality for medium to large businesses) • Altiris Service and Asset Management Suite (problem resolution) • Symantec Backup Exec (system continuity) • Symantec Backup Exec System Recovery (system continuity) • Symantec Endpoint Protection (vulnerability and compliance) • Symantec Network Access Control (vulnerability and compliance)

1–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

1

Retirement • Symantec Ghost Solution Suite (transition and migration for small businesses) • Altiris Client Management Suite (transition and migration for medium to large businesses)

Lesson 1 Computer Lifecycle Management and Symantec Products Copyright © 2008 Symantec Corporation. All rights reserved.

1–15

Lesson Summary Key Points In this lesson, you learned about: – The definition of “computer lifecycle management” – The various stages of the computer lifecycle – Symantec products that address the needs of computer lifecycle management – The specific stages of the computer lifecycle that Symantec products address

1–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 2 Ghost Solution Suite Product Overview

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives After completing this lesson, you will be able

Topic

2–2

to:

What Is Ghost Solution Suite?

Describe the purpose and key features of Ghost Solution Suite.

Ghost Solution Suite Components

Identify the individual products and com ponents included in Ghost Solution Suite, and describe how these components are normally distributed across the network.

System Requirements

Describe the system requirements for the different com ponents of Ghost Solution Suite.

Supported File Systems

Identify the file system s that Ghost Solution Suite can image.

Ghost Solution Suite Terminology

Define common Ghost Solution Suite terms (“master image,” multicasting,” “PXE,” and so on).

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

What Is Ghost Solution Suite?

Ghost Solution Suite provides: • File-based and sector-based imaging • OS deployment and migration 2

• PC “personality” migration (user data, settings, and profiles) • Software distribution • Hardware and software inventory • Secure system retirement

What Is Ghost Solution Suite? Ghost Solution Suite is a set of tools for small- to medium-sized businesses for deploying new computer systems and managing these computers throughout their lifecycle. Ghost Solution Suite provides: • File-based and sector-based imaging • OS deployment and migration • PC “personality” migration (user data, settings, and profiles) • Software distribution • Hardware and software inventory • Secure system retirement Ghost Solution Suite helps reduce information technology costs and assists with maintaining a consistent and compliant desktop and server environment by streamlining and automating IT tasks from acquisition to disposal.

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–3

Key Benefits of Ghost Solution Suite

Ghost Solution Suite offers: • Effective management of Windows environments • Integrated user migration functionality • Rapid deployment of files, applications, and systems • Reliable system refreshes and updates • Secure system retirement and data disposal

Key Benefits of Ghost Solution Suite Ghost Solution Suite offers the following key benefits: • Effective centralized management of Windows environments: Design provisioning tasks based on specific client attributes, providing more effective management of image and software deployments. • Integrated user migration functionality – Configure tasks to create a backup image, capture user data and settings, deploy a new OS, perform post-migration configurations, and restore user data and settings. – Perform peer-to-peer migration. – Utilize other Ghost features such as the client staging area and multicasting to help further streamline the migration operation. • Rapid deployment of files, applications, and systems – Accelerate and automate deployments using powerful Ghost multicasting and new generic task functionality. – Reduce the cost, complexity, and time required to deploy operating systems such as Windows Vista. – Preserve files and folders during an image deployment using the client staging area. – Reduce the overall number of image files needed. – Use a single image file for multiple hardware platforms.

2–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.



Reliable system refreshes and updates – Ensure availability of systems, data, and PC settings following a system refresh. – Reduce help desk costs and end-user frustration following a system refresh. – Simplify and speed image management by easily adding, removing, or modifying files within an existing image. Secure system retirement and data disposal – Reduce the risk and liability associated with system retirement and data disposal. – Comply with the U.S. Department of Defense Standard 5220.22-M (guideline for erasing magnetic media to guarantee all data previously contained is permanently deleted) for hard disk drive wiping. – Implement best practices that meet the highest industry standards.

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–5

2



New Features in Ghost Solution Suite 2.5 Key new features in Ghost Solution Suite 2.5 include: • WinPE and Linux ThinStation PreOS environments • Hardware-independent imaging (DeployAnywhere) • Hot imaging • Erase Machine task • Support for .vmdk images (create and restore), and .v2i/.pqi images (restore only) • Native Linux versions of Ghost, GDisk, GhConfig, GhRegEdit, and OmniFS • Software and File Actions (ability to specify the order of task steps in the Ghost Console) • Improved Sysprep interface

New Features in Ghost Solution Suite 2.5 Key new features in Ghost Solution Suite 2.5 include the following: • New PreOS environments: Both the Ghost Console and the standard tools include support for WinPE 2.0 in addition to PC-DOS, greatly improving hardware compatibility. Additionally, a bundled Linux distribution (ThinStation) has been included for creating Linux PreOS boot packages. • Hardware-independent imaging: The Ghost Console’s new DeployAnywhere feature allows a single image to be deployed to diverse hardware. Necessary drivers are obtained from a centrally managed driver database. • Hot imaging: From both the Ghost Console and the standard tools, you can create images of an OS partition while the operating system is running. • Erase Machine task: The Ghost Console now includes a task to securely erase computers for decommissioning or prior to reimaging. • VMDK/V2i/PQI support: VMDK virtual disks, Symantec Backup Exec System Recovery (V2i) images, and Symantec DeployCenter (PQI) images can be deployed directly from the Ghost Console and the Ghost PreOS executable. Ghost also lets you create images of VMDK virtual disks. • Native Linux tools: Native Linux versions of the Ghost executable and standard tools are provided. • Software and File Actions: You can specify the order in which to perform file transfer, command execute, and AI package deployment task steps in the Ghost Console. You can also transfer folders to clients, retrieve files from clients, and obtain return codes when running command actions. • Improved Sysprep interface: The interface for creating Sysprep unattend files is now much easier to use. 2–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Ghost Solution Suite Components

2

Ghost Solution Suite

Symantec Ghost

DeployCenter

Deploy Toolkit

Ghost Solution Suite Components Ghost Solution Suite is a combination of two separate imaging products: Ghost and DeployCenter. As you work with these two products, you will notice there are numerous overlaps and duplications in their feature sets and functionality. However, there are some distinct differences in the underlying technology and capabilities of each product that make Ghost Solution Suite a highly flexible and powerful imaging and deployment solution for a wide range of businesses. To understand each product’s capabilities, you will begin by exploring the individual components of Ghost and DeployCenter.

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–7

Ghost Components Sym antec Ghost

Ghost Console

Ghost Standard Tools

Ghost AutoInstall Ghost Console Client

Ghost User Migration Wizard

Ghost

GhConfig

GDisk

GhRegEdit

Ghost Walker

OmniFS

Ghost Explor er

User Migration Package Explorer

Ghost Boot Wizard GhostCast Server

User Migration Content IDE

Ghost Components Ghost Console The Ghost Console is a Windows server-based application for remote management of computers. Using the Ghost Console, IT managers can group managed computers and deploy tasks to them. Ghost Console Client The Ghost Console client enables remote control from the Ghost Console. The Console client includes a Windows agent and a Ghost partition. You can install the client on Windows Vista/XP/2000 computers. The Ghost Standard Tools Windows agent lets the computer start from the Ghost partition when necessary, and it coordinates the tasks that you start from the Console. Ghost AutoInstall Ghost AutoInstall has two components, AI Builder and AI Snapshot, that let you create and customize application packages. You can use the Ghost Console to deploy AutoInstall packages to computers. Ghost User Migration Wizard The Ghost User Migration Wizard is an application that lets you migrate the settings and files from one computer to another. The process of upgrading hardware or operating systems can be a time-consuming task. You must transfer files and folders and then reset applications with mandatory settings and custom

2–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

options. The Ghost User Migration Wizard helps facilitate this process by helping you copy files, folders, and settings from a source computer to a destination computer. You can run the wizard in a direct computer-to-computer operation, or you can save the settings and files in a package. Ghost Standard Tools The Ghost executable (Ghost.exe) can create and restore images of computers. Because the executable is small with minimal conventional memory requirements, you can run the executable easily from a DOS boot disk set or hard drive. Ghost for Linux The Ghost executable for Linux (ghost) runs natively in Linux and is identical in appearance and imaging capabilities to the Ghost executable for DOS. Ghost for Windows Ghost32.exe is a 32-bit version of Ghost.exe that runs on 32-bit versions of Microsoft Windows Vista/XP/PE/2000. Ghost64.exe is a 64-bit version of Ghost.exe that runs on 64-bit versions of Microsoft Windows Vista/XP/PE. Using Ghost32.exe or Ghost64.exe, you can create image files on hard drives that are accessible from these operating systems, and communicate with the GhostCast Server. Note: To create an image file of the boot drive using the Ghost Windows executables, you must run Ghost in Windows PE. GDisk GDisk is a complete replacement for the FDISK and FORMAT utilities that enables: • FAT and NTFS file system formatting • Batch mode operation • Hiding and unhiding of partitions • Secure disk wiping to U.S. DoD requirements • Extensive partition reporting Unlike FDISK, which uses interactive menus and prompts, GDisk is commandline driven and offers faster configuration of a disk’s partitions.

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–9

2

Ghost for DOS

The following table lists the available GDisk versions: Version

Description

GDisk.exe

Runs in DOS

GDisk32.exe

Runs from the command line in 32-bit Windows

GDisk64.exe

Runs from the command line in 64-bit Windows

gdisk

Runs in Linux

Ghost Walker Ghost Walker assigns statistically unique security identifiers (SIDs) to restored Microsoft Windows Vista/XP/2000/NT workstations. The SID is an important part of the Windows Vista/XP/2000/NT security architecture because it provides a unique identifier when a computer is networked. The following table lists the Ghost Walker versions that are available: Version

Description

ghstwalk.exe

Runs in DOS

GhWalk32.exe

Runs from the command line in 32-bit Windows

Ghost Explorer Ghost Explorer lists all of the files and directories within image files. On FAT, NTFS, and Linux file systems, you can also use Ghost Explorer to add individual directories and files to image files, as well as recover and delete directories and files from image files. Ghost Boot Wizard The Ghost Boot Wizard enables you to create boot packages. A boot package can be a boot disk, a Ghost image file, an ISO image, or a Preboot eXecution Environment (PXE) image. Boot packages are used for cloning jobs, from creating a simple boot disk for GhostCasting to providing a boot image for use with PXE applications such as DynamicAccess boot services from 3Com or Microsoft Remote Installation Service. The Ghost Boot Wizard guides you to the drivers needed to create a boot package. GhostCast Server The GhostCast Server lets you deliver an image file to multiple computers simultaneously through a single IP multicast transmission. A multicast transmission can minimize the impact on network traffic. The GhostCast Server sends and receives images to or from one or more computers. This method of delivery usually is faster than accessing a mapped network drive.

2–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

GhConfig GhConfig is an executable you can use to quickly apply post-deployment configuration settings to a computer. For example, GhConfig enables you to change a computer’s name immediately after an image is deployed to that computer.

Version

Description

GhConfig.exe

Runs in DOS

GhConfig32.exe

Runs in 32-bit WinPE

GhConfig64.exe

Runs in 64-bit WinPE

ghconfig

Runs in Linux

2

The following table lists the GhConfig versions that are available:

GhRegEdit GhRegEdit is a utility for editing the Windows registry. The following table lists the GhRegEdit versions that are available: Version

Description

GhRegEdt.exe

Runs in DOS

GhRegEdit32.exe

Runs from the command line in 32-bit Windows

GhRegEdit64.exe

Runs from the command line in 64-bit Windows

ghregedit

Runs in Linux

OmniFS OmniFS is a general-purpose utility for manipulating files and directories in a locally attached NTFS or FAT file system (including FAT hidden partitions). The following table lists the OmniFS versions that are available: Version

Description

OmniFS.exe

Runs in DOS

OmniFS32.exe

Runs from the command line in 32-bit Windows

OmniFS64.exe

Runs from the command line in 64-bit Windows

omnifs

Runs in Linux

User Migration Package Explorer The User Migration Package Explorer enables you to explore the settings and files contained in User Migration packages that you create in the Ghost Console to migrate users’ desktop settings and files from one computer to another.

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–11

User Migration Content IDE The User Migration Content IDE enables advanced users to create their own application migration definitions. To run the User Migration Content IDE tool, you must install Microsoft .NET Framework 2.0 or later.

2–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

DeployCenter Components

Symantec DeployCenter

PowerCasting

Boot Disk Builder

Unicasting

PXE Server

VF Editor

Deploy Toolkit

2

ImageCenter

PQAccess ImageExplorer PQIDeploy PQDisk

VBE PQA PQIExtract

PQQuery

DeployCenter Components ImageCenter DOS Executable The ImageCenter DOS executable (Pqimgctr.exe) can create and restore images of computers. Because the executable is small and has minimal conventional memory requirements, you can run the executable easily from a DOS boot disk set or hard drive. Boot Disk Builder Boot Disk Builder is a Windows application that automates and simplifies the creation of five types of DOS boot diskettes: PowerCast, Unicast, Microsoft TCP/ IP network, Novell NetWare Client, and stand-alone boot diskettes for local booting. PowerCasting PowerCasting enables you to deploy an image to multiple computers simultaneously. There are executables for DOS and Windows PowerCast servers and a DOS PowerCast client. Unicasting Similar to PowerCasting, you can use Unicasting to connect workstations to a server to create and deploy images. Unicasting differs from PowerCasting, however, in that Unicasting uses a point-to-point transport connection and a specific IP address on both the server and client sides instead of sending data using a multicast (limited broadcast) IP address. Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–13

PXE Server The PXE Server provides greater flexibility and control when performing remote deployments (for example, you can assign deployment jobs to PXE-booted systems through their MAC addresses). ImageExplorer With ImageExplorer, you can copy image files, copy partitions within image files, compress/uncompress partitions, and restore individual files from images. VF Editor VF Editor is based on WinImage technology. This tool enables you to easily open and edit the contents of existing virtual floppies, create new virtual floppies, and convert existing floppy diskettes into virtual floppies. Virtual floppy technology, a patent-pending technology from Symantec, enables you to boot any computer into DOS mode and execute tasks. Virtual floppy technology is unique because it enables you to create an image of a physical boot floppy and use that image to boot computers remotely. In addition, virtual floppy technology operates independently of physical hard disk partitions and file systems.

2–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Deploy Toolkit

The following utilities are included in the Deploy Toolkit: • PQAccess enables you to perform file-related operations on partitions that the active operating system cannot recognize or access. This is especially useful in DOS environments when NTFS partitions (the primary partition type used by Windows XP and Windows 2000 Server) are not visible and cannot be accessed. • PQIDeploy PQIDeploy.exe is a scripting-based Win32 version of ImageCenter (included in the Deploy Toolkit) that runs on Microsoft Windows Vista/XP/PE/ 2000. Using PQIDeploy.exe, you can create image files on hard drives that are accessible from Windows Vista/XP/PE/2000, as well as perform a wide variety of system management tasks such as partition manipulation, registry access and manipulation, Sysprep and .inf file access and customization, messaging, disk and partition queries, file system access, and so on. • PQDisk is a scriptable version of Norton™ PartitionMagic®. PQDisk is intended for use by PC configuration centers and corporations that need to configure large numbers of PCs. It uses ASCII text script files to specify operations that create and manipulate hard disk partitions. • PQQuery is a DOS command line program that returns disk and partition information in environment variables. PQQuery enables batch files or imaging scripts to test environment variables and perform different actions depending on the returned values. • VBE (Virtual Boot Environment) enables any Windows-based computer to reboot into DOS mode without using a floppy disk, CD-ROM, or any other external or removable boot device. VBE is of great value to manufacturing environments that use the DOS operating system in their PC manufacturing and testing processes. VBE is also valuable to IS technicians that use DOSbased imaging utilities or other DOS-based tools. • PQA is an image addendum system that enables you to modify files or directories on a visible or hidden partition on a hard disk. You can use PQA to replace device driver files, provide patch files, rename files, and add or delete files and directories. You build a package of changes, then apply the package to the computers you want to change. With PQA, you avoid the necessity of making new image files when you want to change a few files. • PQIExtract enables you to restore individual files or directories from within PQI image files. PQIExtract is useful when you want to restore individual files or reinstall the operating system, but you do not want to lose customized settings or applications that were installed after the image file was created.

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–15

2

The Deploy Toolkit is a collection of utilities that perform a variety of tasks that are common and useful for a configuration center or IT department. The utilities are available for multiple operating systems, so they are easy to integrate with your existing procedures. In addition, many of the programs are scriptable, so if you perform some functions repeatedly, you can create script files to automate processes.

Ghost Solution Suite Topography

Ghost Solution Suite Topography The illustration in the slide shows how the main components of Ghost Solution Suite are normally distributed across the network. 1 The following components should be placed on a dedicated server: – Ghost – DeployCenter – Image repository (storage location for all images) – AutoInstall package repository (storage location for all AutoInstall packages) – Ghost Console – PXE service (either the 3Com Boot Services PXE Server or the DeployCenter PXE Server) 2 AutoInstall should be installed on a dedicated computer that is running the same Windows operating system as the computers to which the packages will be deployed. (Note: AutoInstall does not support Windows NT/9x.) To ensure the integrity of packages, this computer should not have any other software installed on it besides AutoInstall. 3 The Ghost Console client is installed on all systems you want to manage. The client can be installed on the following operating systems: – Windows Vista – Windows XP – Windows 2000

2–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Ghost Console and Standard Tools Hardware/Software

Requirement

Processor

Pentium III or later

Monitor

VGA, 1024 x 768 screen resolution

RAM

512 MB

Operating system

• • • • • •

Other

To use the Ghost Boot Wizard to modify the WinPE PreOS environment (for exam ple, to add updated network or storage drivers), you m ust install Microsoft Core XML Services (MSXML) 6.0 or later.

Server 2008 Vista Business/Enterprise/Ultimate Server 2003 Standard/Enterprise SP1 Server 2003 R2 Standard/Enterprise XP SP2 2000 Professional/Server SP4

2

Windows Windows Windows Windows Windows Windows

System Requirements Ghost Console and Standard Tools The minimum requirements for running the Ghost Console are: Hardware/Software

Requirement

Processor

Pentium III or later

Monitor

VGA, 1024 x 768 screen resolution

RAM

512 MB

Operating system

• • • • • •

Other

To use the Ghost Boot Wizard to modify the WinPE PreOS environment (for example, to add updated network or storage drivers), you must install Microsoft Core XML Services (MSXML) 6.0 or later. You can download MSXML 6.0 from:

Windows Server 2008 Windows Vista (Business/Enterprise/Ultimate) Windows Server 2003 Standard/Enterprise SP1 Windows Server 2003 R2 Standard/Enterprise Windows XP Professional SP2 Windows 2000 Professional/Server SP4

http://www.microsoft.com/downloads/details.aspx? FamilyId=993c0bcf-3bcf-4009-be21-27e85e1857b1 &displaylang=en

Note: Ghost has been tested with the service packs listed in the preceding table. Before installing Ghost, make sure you install the latest service packs available from Microsoft. Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–17

Ghost.exe

Hardware/Software Requirement Platform

IBM PC computer or 100% compatible

Processor

Pentium or later

RAM

16 MB

Monitor

VGA

Operating system

• PC-DOS (included with Ghost) • MS-DOS

Pointing device

Microsoft-compatible mouse recommended

Ghost Executable Ghost.exe You can run Ghost.exe on a computer with the following minimum requirements:

2–18

Hardware/Software

Requirement

Platform

IBM PC computer or 100% compatible

Processor

Pentium or later

RAM

16 MB

Monitor

VGA

Operating system

• PC-DOS (included with Ghost) • MS-DOS

Pointing device

Microsoft-compatible mouse recommended

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Ghost (Linux Version) Supported Linux distributions for imaging:

• Red Hat Enterprise Linux ES release 5.1

• Red Hat Enterprise Linux ES (releases 1 to 5.1)

• Fedora Core 8 (Werewolf)

• Fedora Core 8 (Werewolf)

• Ubuntu 7.10 (Gutsy Gibbon)

• Fedora Core 7 (Moonshine)

• SuSE Linux Enterprise Server 10

• Fedora Core 6 (Zod)

2

Supported Linux distributions for running Ghost:

• Fedora Core 5 (Bordeaux) Note: The hardware requirements for the Linux version of the Ghost executable are the same as the requirements for the DOS version of Ghost.

• Red Hat Linux 9 • Ubuntu 7.10 (Gutsy Gibbon) • Ubuntu 7.04 (Feisty Fawn) • Ubuntu 6.10 (Edgy Eft) • Ubuntu 6.06 (Dapper Drake) • SuSE Linux Enterprise Server 10

Ghost (Linux Version) The hardware requirements for the Linux version of the Ghost executable are the same as the requirements for the DOS version of Ghost. Supported Linux distributions for running Ghost: • Red Hat Enterprise Linux ES release 5.1 • Fedora Core 8 (Werewolf) • Ubuntu 7.10 (Gutsy Gibbon) • SuSE Linux Enterprise Server 10 Supported Linux distributions for imaging: • Red Hat Enterprise Linux ES (releases 1 to 5.1) • Fedora Core 8 (Werewolf) • Fedora Core 7 (Moonshine) • Fedora Core 6 (Zod) • Fedora Core 5 (Bordeaux) • Red Hat Linux 9 • Ubuntu 7.10 (Gutsy Gibbon) • Ubuntu 7.04 (Feisty Fawn) • Ubuntu 6.10 (Edgy Eft) • Ubuntu 6.06 (Dapper Drake) • SuSE Linux Enterprise Server 10

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–19

Ghost32.exe You can run Ghost32.exe on the following operating systems: • Windows Vista (Business/Enterprise/Ultimate) • Windows XP • Windows Server 2003 • Windows 2000 • WinPE – Windows Vista: version 2.0 – Windows XP SP2: version 2004 – Windows 2003 SP1: version 2005 Note: Ghost also includes a 64-bit executable (Ghost64.exe) that runs on 64-bit versions of Windows XP/Vista/PE.

Ghost32.exe You can run Ghost32.exe on the following operating systems: • Windows Vista (Business/Enterprise/Ultimate) • Windows XP • Windows Server 2003 • Windows 2000 • WinPE Ghost32.exe is supported on the following WinPE versions: – Windows XP SP2 Version 2004 – Windows 2003 SP1 Version 2005 – Windows Vista Version 2.0 Note: Ghost also includes a 64-bit executable (Ghost64.exe) that runs on 64bit versions of Windows XP/Vista/PE.

2–20

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Hardware/ Software

Requirement

Operating system

Networked computer running one of the following: •Windows Vista (Business/Enterprise/Ultimate) •Windows XP •Windows Server 2003 •Windows 2000

Other

• Single boot system • DOS drivers for network card (when using DOS PreOS) • Clients running WinPE PreOS must have at least 256 MB RAM • Limitations for AutoInstall and incremental backups: On x64 platforms, you can only capture 32-bit applications • Minimum requirements for user migration: Windows Vista (Business/ Enterprise/Ultimate)/XP/2000

2

Ghost Console Client and Configuration Client

Ghost Console Client and Configuration Client The minimum requirements for running the Ghost Console client are as follows: Hardware/Software

Requirement

Operating system

Networked computer running one of the following: • Windows Vista (Business/Enterprise/Ultimate) • Windows XP • Windows Server 2003 • Windows 2000

Other

• Single boot system • DOS drivers for network card (if using a DOS PreOS boot environment) • If you want to run WinPE as the PreOS on client computers, the clients must have at least 256 MB RAM • Limitations for AutoInstall and incremental backups: On x64 platforms, you can only capture 32-bit applications; you cannot capture 64-bit applications • Minimum requirements for the user migration feature: Computer with Windows Vista (Business/Enterprise/ Ultimate)/XP/2000

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–21

Symantec User Migration Wizard

Hardware/Software Requirement Operating system

• Windows Vista (Business/Enterprise/Ultimate) • Windows XP Professional • Windows 2000

Note: Symantec User Migration does not support server platforms.

Symantec User Migration Wizard The minimum requirements for running Symantec User Migration Wizard are as follows: Hardware/Software

Requirement

Operating system

• Windows Vista (Business/Enterprise/Ultimate) • Windows XP • Windows 2000

Note: Symantec User Migration does not support server platforms.

2–22

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Hardware/Software

Requirement

Processor

Pentium or later

RAM

32 MB (working with large hard disks or partitions may require significantly m ore memory)

Diskette drive

None; 3.5-inch diskette drive recom mended

CD drive

Any speed; MMC-2 compliant IDE or SCSI CD-R or CD-R/W required for creating images directly to CD

Hard disk free space

52 MB

Operating system

Windows 98, Windows NT 4.0, Windows 2000, Windows XP, Windows 2003, DOS (only ImageCenter and DOS utilities are supported under DOS)

Monitor

VGA; SVGA recommended

Pointing device

None required; Microsoft mouse recommended

2

DeployCenter

DeployCenter The minimum system requirements for all DeployCenter components are as follows: Hardware/Software

Requirement

Processor

Pentium or later

RAM

32 MB (working with large hard disks or partitions may require significantly more memory)

Diskette drive

None; 3.5-inch diskette drive recommended

CD drive

Any speed; MMC-2 compliant IDE or SCSI CD-R or CD-R/ W required for creating images directly to CD

Hard disk free space

52 MB

Operating system

Windows 98, Windows NT 4.0, Windows 2000, Windows XP, Windows 2003, DOS (only ImageCenter and DOS utilities are supported under DOS)

Monitor

VGA; SVGA recommended

Pointing device

None required; Microsoft mouse recommended

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–23

Deploy Toolkit

Hardware/Software

Requirement

Processor

Pentium or later

RAM

16 MB

Operating system

• • • • •

Monitor

16-color VGA video or better

WinPE 2.0 Windows XP Windows 2000 Windows 98 Windows NT 4

Deploy Toolkit The minimum system requirements for the Deploy Toolkit utilities are as follows:

2–24

Hardware/Software

Requirement

Processor

Pentium or later

RAM

16 MB

Operating system

• • • • •

Monitor

16-color VGA video or better

WinPE 2.0 Windows XP Windows 2000 Windows 98 Windows NT 4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Imaging Engine

File Systems

Ghost (DOS and Windows)

ƒ ƒ ƒ ƒ ƒ

FAT FAT32 NTFS Linux ext2 Linux ext3

ImageCenter

ƒ ƒ ƒ ƒ ƒ ƒ

FAT FAT32 NTFS Linux ext2 Linux ext3 Linux swap

2

Supported File Systems

Supported File Systems File Systems Supported by Ghost The Ghost executable (both the DOS and Windows versions) supports creating images of the following file systems: • FAT • FAT32 • NTFS • Linux ext2 • Linux ext3 File Systems Supported by ImageCenter ImageCenter supports creating images of the following file systems: • FAT • FAT32 • NTFS • Linux ext2 • Linux ext3 • Linux swap

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–25

Ghost Solution Suite Terminology • Image A replica of the contents of an entire hard disk or a partition • Restore (Clone)/Deploy Restore (clone): An image is laid down on a single computer’s hard disk. Deploy: An image is pushed out to one or more computers. • Master Image A hardware-independent image • Multicasting Deployment of a single image simultaneously to multiple computers across a network • PXE Preboot eXecution Environment; a network boot technology that enables computers to boot to a remote server and perform tasks • WinPE Windows Preinstallation Environment; a lightweight version of Windows Vista, Windows XP, or Windows Server 2003 that large corporations use to deploy workstations and servers

Ghost Solution Suite Terminology Throughout this course, some terms will be used frequently in discussing the functionality and usage of Ghost Solution Suite. This topic provides definitions of these terms for those who are new to the field of client management software. Image An image (or disk image) is a replica of the contents of an entire hard disk or a partition. This replica is stored as a file (or, if the image is split, as a series of files) that can be used to quickly place an OS on new systems or recover crashed systems. Restore (Clone)/Deploy When you restore (or clone) an image to a computer, you lay down the image’s data on a system’s hard disk. After the process is complete and the system is rebooted, the restored system is identical to the original system from which the image was created. Although “deploying” a disk image to a system is basically the same as “restoring” the image, the term “deploy” applies more specifically to the process of pushing out an image to one or more new systems that an organization is adding to its network. Master Image A master image is a disk image of a computer that has had hardware-specific information (such as device drivers, security identifier, computer name, and so on) removed from it. The purpose of a master image is to minimize the number of disk images needed to quickly place an OS on new systems that have different 2–26

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

hardware configurations. Without a master image, it would be necessary to create a separate disk image for each possible hardware configuration you want to deploy in your organization.

Multicasting is the generic term for sending individual packets of data to multiple computers at the same time. In the context of Ghost Solution Suite, multicasting refers to deploying a single image simultaneously to multiple systems across a network. Two multicasting engines are included with Ghost Solution Suite; each has its advantages and disadvantages, depending on your needs. Ghost’s multicasting piece is called “Ghostcasting” and DeployCenter’s multicasting piece is called “Powercasting.” The differences between these components are discussed in Lesson 8, “Deploying Images to Systems.” Preboot Execution Environment (PXE) PXE is a network boot technology that enables systems to boot to a remote server and perform tasks. The PXE technology included with Ghost Solution Suite enables you to boot bare metal systems (that is, systems that do not have an OS installed on their hard drives) to a network boot menu from which users can select an OS. PXE then passes control to Ghost or DeployCenter, and the requisite OS image is deployed to the user’s hard drive. Windows Preinstallation Environment (WinPE) Windows Preinstallation Environment (WinPE) is a scaled-down version of Windows Vista, Windows XP, or Windows Server 2003. WinPE is used by large corporations to deploy workstations and servers. OEMs also use WinPE to preinstall Windows client operating systems on computers during manufacturing. Additionally, WinPE can be used as an alternative to MS-DOS to boot computers from a CD or USB flash drive instead of a floppy diskette or hard disk. WinPE provides a complete Win32 environment (which includes support for networking, Plug-and-Play drivers, and FAT/NTFS/CDFS file systems). This enables you to run Ghost32, PQIDeploy, and other tools in an environment that is faster and easier to use than DOS.

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–27

2

Multicasting

Two different WinPE environments are available. Following is a brief overview of each environment’s characteristics: Environment

Characteristics

WinPE

• • • • •

Supported by Microsoft Command-line interface For Windows XP: Only available to Microsoft OEM users For Windows Vista: Available to all licensed owners of Vista Limited plugins

BartPE

• • • •

Not supported by Microsoft Graphical interface Available to all licensed owners of Windows XP or Server 2003 Unlimited custom plugins

2–28

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary Key Points In this lesson, you learned about: – The two separate imaging products that compose Ghost Solution Suite—Ghost and DeployCenter

2

– The functionality, key features, and components included in Ghost Solution Suite, and where the components are installed – The definitions of some imaging-related terms that are frequently used throughout this course

Lab 2: Ghost Solution Suite Product Overview In this lab, you complete a self-assessment that helps you to measure what you have learned about the components and functionality of Ghost Solution Suite.

Lesson 2 Ghost Solution Suite Product Overview Copyright © 2008 Symantec Corporation. All rights reserved.

2–29

2–30

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 3 Installing Ghost Solution Suite

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives

After completing this lesson, you will be able to:

Topic

Installing Symantec Ghost Install Symantec Ghost in a network environment.

3–2

Installing DeployCenter

Install DeployCenter in a network environment.

Creating an Image Repository

Create an image repository for storing item s your managed clients need to access.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Installing the Ghost Console and Standard Tools

1

2

3

Accept the licensing agreements.

Specify installation options.

Complete the installation.

3

4

Launch the installation wizard.

Installing Ghost Installing the Ghost Console and Standard Tools To install the Ghost Console on a computer, you must have administrator rights on the computer. When you install the Ghost Console, the Standard Tools are automatically installed. To install the Ghost Console: 1 Launch the installation wizard. a Insert the Ghost Solution Suite CD into the CD-ROM drive, and when the Ghost Solution Suite installation window appears, click Install Symantec Ghost. b Click Install Ghost Console and Ghost Standard Tools. c At the installation wizard’s welcome screen, click Next. 2 Accept the licensing agreements. a Accept the terms of the Symantec Software License Agreement, then click Next. b Accept the terms of the Thinstation License Agreement for Ghost’s Linuxbased PreOS environment, then click Next. c Read and confirm that you understand the additional licensing information, then click Next. 3 Specify installation options. a At the User Information screen, verify that the user and organization names are correct, then click Next.

Lesson 3 Installing Ghost Solution Suite Copyright © 2008 Symantec Corporation. All rights reserved.

3–3

At the Destination Folder screen, confirm the installation location, then click Next. c In the Custom Setup window, make sure the components you want to install are selected, then click Next. 4 Complete the installation. a Click Install. b After the installation is complete, click Next. c Review the instructions for registering Symantec Ghost Server, then click Next. d Click Finish. b

3–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Activating Ghost

Before you can activate Symantec Ghost, you need a: • License certificate (includes the serial number for your license)

3

• License file (includes the license key required to activate the product)

Activating Ghost Ghost is activated by a license. Before you can activate Ghost, you need the following: • A license certificate The license certificate includes the serial number for your license. You must register your serial number online to obtain a license file and to register your maintenance agreement. • A license file The license file includes the license key that is required to activate the product. For more information, see the instructions on your license certificate. To obtain a license file, you must have the serial number that is printed on your license certificate. The format of the serial number is a letter that is followed by 10 digits. For example: F8573329133 Symantec sends you the file by e-mail as a .zip file attachment. You should ensure that your e-mail program is configured to allow incoming .zip file attachments. Note: License files are digitally signed. You should not attempt to modify the license file.

Lesson 3 Installing Ghost Solution Suite Copyright © 2008 Symantec Corporation. All rights reserved.

3–5

Obtaining a License File

1. On the Internet, log in at: https://licensing.symantec.com 2. Follow the on-screen instructions to complete the registration process. 3. When you receive the e-mail message from Symantec containing your license file, save the license file to an easily accessible location.

Obtaining a License File To obtain a license file: 1 On the Internet, log in (or create a new account) at the following URL: https://licensing.symantec.com 2 Follow the on-screen instructions to complete the registration process. 3 When you receive the e-mail message from Symantec that contains the license file, save the license file to a location that is easily accessible. The file is delivered as a .zip file attachment. You must extract the file contents from the .zip file. The license file has an .slf extension.

3–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Adding a License File

1. In the Symantec Ghost Console, select Help Æ Register Console. 2. In the Symantec Ghost Registration window, click Browse.

3

3. In the Open dialog box, browse to and open the license file (.slf) that you want to import, then click OK.

Adding a License File You must add the license file in the Ghost Console to activate Ghost. If you purchase additional licenses, you receive an additional license file. You must add this license file through the Ghost Console. To add a license file: 1 In the Ghost Console, select Help —> Register Console. 2 In the Ghost Registration window, click Browse. 3 In the Open dialog box, browse to and open the license file (.slf) that you want to import, then click OK.

Lesson 3 Installing Ghost Solution Suite Copyright © 2008 Symantec Corporation. All rights reserved.

3–7

Installing DeployCenter

1

2

3

4

5

Launch the installation wizard.

Enter user name and company nam e.

Accept the license agreement.

Select installation options.

Complete the installation.

Installing DeployCenter To install DeployCenter: 1 Launch the installation wizard. a Insert the Ghost Solution Suite CD into the CD-ROM drive, and when the Ghost Solution Suite installation window appears, click Install Tools and Utilities. b Click Install DeployCenter. c At the installation wizard’s welcome screen, click Next. 2 Make sure the User Name and Company Name fields contain the correct information, then click Next. 3 At the License Agreement screen, click Yes. 4 Select installation options. a At the Choose Destination Location screen, click Next to accept the default installation folder. b At the Select Features screen, select the features you want to install and click Next. c At the Select Program Folder screen, click Next. 5 Complete the installation. a When DeployCenter is installed and the completion screen appears, click Finish. b If prompted, restart the system.

3–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Creating an Image Repository GSS 2.5 Dedicated Server

3

Image Repository \\GSS Server\Reposit ory Share

Images

Programs

AutoInstall Packages

Boot Packages

Creating an Image Repository After you have installed the Ghost Solution Suite components you need, you must create an image repository on the Ghost Solution Suite server. The image repository is simply a shared folder where you will store all the items your managed clients need to access. The image repository should contain the following subfolders: • An Images folder for storing the image files you create with the Ghost Solution Suite’s imaging engines • A Boot Packages folder for storing the PreOS boot environments you will use to capture or deploy image files • A Programs folder for storing executables (such as utilities) that you want managed clients to run • An AutoInstall Packages folder for storing AutoInstall software packages you want to deploy to managed clients Make sure to set up sharing and security rights on the image repository so all your managed clients have read/write access to the share.

Lesson 3 Installing Ghost Solution Suite Copyright © 2008 Symantec Corporation. All rights reserved.

3–9

Lesson Summary Key Points In this lesson, you learned how to: – Install the Ghost Console and Standard Tools. – Install DeployCenter – Create an image repository for storing items your managed clients need to access

Lab 3: Installing Ghost Solution Suite In this lab, you: •Install Symantec Ghost. •Modify the Domain Controller to allow Ghost boot environments to access the network. •Install Symantec DeployCenter. •Create an image repository.

3–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 4 Creating Boot Packages

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives After completing this lesson, you will

Topic

4–2

be able to:

P ur pose of Boot Packages

Define what boot packages ar e and explain w hat they do.

Overview of Boot Packages

Describe the different types of boot packages you can cr eate.

Requir ements for Creating a Ghost Solution Suite Boot Package

Describe the pr ocess for building a boot package.

Differences Betw een the G host and DeployCenter Boot Package Builder s

Describe the main differ ences betw een the Ghost Boot Wizard and Boot Disk Builder.

Creating Boot Packages w ith the G host Boot Wizar d

Use the Ghost Boot Wizard to create boot packages.

Creating Boot Packages w ith the DeployCenter Boot Disk Builder

Use the DeployCenter Boot Disk Builder to create boot packages.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Purpose of Boot Packages

• Because Ghost Solution Suite’s imaging tools require full access to hard disks in order to create and deploy hardware-independent images, these tools must operate outside of the normal Windows environment. • Boot packages provide a flexible, convenient method for booting computers to a PreOS environment and running tasks necessary for capturing or restoring hardware-independent hard disk images.

4

Purpose of Boot Packages To understand the need for boot packages in the computer deployment process, it is necessary to first understand a basic fact about how Windows works. When Windows is running, it requires constant access to the system disk to keep critical system files updated. As a result, Windows prevents any application from having full, unrestricted control of the system disk. Although several modern disk imaging tools, including Ghost Solution Suite, include “hot imaging” capabilities that work around Windows’s restrictions and enable you to capture stable backups of live Windows systems, it is still not possible to capture a hardware-independent master image of the system partition while Windows is running. This is because imaging tools require full access to the system disk so they can strip all system-specific information (hardware drivers, security identifiers, and so on) from the operating system before the image is captured. Consequently, a method is needed to boot computers to an operating environment outside of Windows to capture a hardware-independent master image for deployment purposes. This need is met by boot packages. Boot packages are essentially boot images that contain all the individual files and components needed to boot computers to an operating environment outside of Windows (sometimes referred to as a “PreOS” environment) and perform any task necessary for capturing or restoring an image—such as running Ghost or ImageCenter, connecting to a network share where images are stored, and so forth. Boot packages are a flexible, convenient method for providing all the pieces you need to launch the image deployment process on your computers.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–3

Types of Boot Packages

• Network Boots a computer to a PreOS environment, loads drivers for the computer’s network interface card, and maps a network share

• Multicasting Boots a computer to a PreOS environment, loads imaging software, and connects the computer to a multicast server

• Stand-alone Boots the local computer to a PreOS environment, runs imaging software, and restores an image from a local hard drive or CD

Overview of Boot Packages Types of Boot Packages There are three main types of boot packages you can build with the Ghost Solution Suite: • Network: This type of boot package can boot a computer to a PreOS environment, load drivers for the computer’s network interface card, and map a network share where images are stored. Users can then run imaging software and restore an image to their computer from the network share. • Multicasting: This type of boot package can boot a computer to a PreOS environment, load imaging software, and connect the computer to a multicast server which then automatically restores an image to the computer. • Stand-alone: This type of boot package can boot the local computer to a PreOS environment, run imaging software, and restore an image from a secondary partition on the local computer’s hard drive or from a CD.

4–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Methods for Making Boot Packages Available to Users

• Distributed Boot packages are stored in a central location on the network.

• Remote Boot packages are integrated into a PXE server or a client management console.

• Portable Boot packages are placed on a bootable floppy diskette, bootable USB device, or CD.

4

Methods for Making Boot Packages Available to Users You can access and use boot packages in the following ways: • Distributed: Boot packages are stored in a central location on the network where they can be easily accessed and downloaded to create physical boot disks (such as a bootable floppy or CD). • Remote: Boot packages are integrated into a PXE server or a client management console (such as Altiris Client Management Suite or Microsoft SMS). Users either boot their computers to the network and select the boot package from a network boot menu, or the client management console is used to push out the boot package to managed clients. • Portable: Boot packages are placed on a bootable floppy diskette, bootable USB device, or CD. Users must insert the bootable media and manually boot their computer.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–5

Requirements for Creating a Ghost Solution Suite Boot Package

1

2

3

4

Decide which type of boot package you want to create.

Decide how you want users to be able to use the boot package.

Collect all the components needed to build the boot package.

Use a boot package building tool to create the boot package.

Requirements for Creating a Ghost Solution Suite Boot Package Although the detailed steps involved in using the Ghost Solution Suite’s boot package building tools vary depending on which tool you are using, the general process for successfully building a boot package is as follows: 1 Decide which type of boot package you want to create (network, multicasting, or stand-alone). 2 Decide how you want users to be able to use the boot package (make it available on a network share; make it available in a network boot menu or deploy it through a client management console; or put it on bootable physical media, such as a floppy disk, USB drive, or CD). 3 Collect all the components needed to build the boot package (NIC drivers, network credentials, bootable media, and so on). 4 Use a boot package building tool to create the boot package.

4–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Differences Between the Ghost and DeployCenter Boot Package Builders Ghost Boot Wizard (Ghost)

Boot Disk Builder (DeployCenter)

Compatibility: Boot packages compatible with Ghost components (by default) and DeployCenter components (by manually adding components)

Compatibility: Boot packages compatible with DeployCenter components only

Can save boot packages to: •Floppy diskette •VMware virtual floppy •USB flash driv e •ISO image •CD/DVD •One-click virtual partition

Can save boot packages to: •Floppy diskette •Folder on hard drive •Virtual boot disk

PXE support: Includes 3Com PXE Services, which is more complicated to set up and use than DeployCenter PXE Server and is not officially supported by Symantec

PXE support: Includes a PXE Server that is easy to set up and use

PreOS options: PC-DOS, MS-DOS, WinPE, Linux (Thinstation)

PreOS option: Caldera DOS (DR-DOS), MS-DOS

Differences Between the Ghost and DeployCenter Boot Package Builders The Ghost Solution Suite offers two different boot package building utilities— Ghost Boot Wizard and Boot Disk Builder. Both utilities build the same basic types of boot packages (that is, network, multicasting, and stand-alone boot packages). However, there are a number of differences between these utilities to consider when deciding which utility to use to build boot packages, as summarized in the following table. Ghost Boot Wizard (Symantec Ghost)

Boot Disk Builder (DeployCenter)

Compatibility: Boot packages are compatible with Ghost components (by default) and DeployCenter components (by manually adding DeployCenter components to Ghost boot packages).

Compatibility: Boot packages are only compatible with DeployCenter components (ImageCenter, PowerCasting, and so on).

Can save boot packages to: • Floppy diskette • VMware virtual floppy • USB flash drive • ISO image • CD/DVD • One-click virtual partition (consists of a zip file, an executable, and a shortcut that runs the executable with the zip file as a parameter; you can store this package on a network share and run it from the destination machine simply by double-clicking the shortcut)

Can save boot packages to: • Floppy diskette • Folder on hard drive (so the boot package can be copied to floppy diskettes on an “as needed” basis) • Virtual boot disk

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–7

4

Note: For a more extensive list of differences, see the Symantec Ghost Solution Suite Lesson Guide.

Ghost Boot Wizard (Symantec Ghost)

Boot Disk Builder (DeployCenter)

UNDI functionality: Includes a Universal Packet Driver (UNDI) for network boot packages so that you can detect most network cards without having to load a NIC-specific driver.

UNDI functionality: Includes an UNDI driver that is confined to connecting clients to the DeployCenter PXE server.

PXE support: Includes 3Com PXE Services, which is more complicated to set up and use than DeployCenter’s PXE Server and is not officially supported by Symantec.

PXE support: Includes a PXE Server that is easy to set up and use.

Ghost Console support: Enables you to create network boot packages that boot clients from the network and connect to the Ghost Console This feature allows you to manage any client from the Ghost Console even before the client has an operating system.

Ghost Console support: None

Support for Windows Server 2003 shares: Network boot packages support mapping to a share on a Windows 2003 server, but additional configuration of the server is required. (See the section “Configuring Windows 2003 Servers to Support the Ghost Drive Mapping Boot Package” later in this lesson.)

Support for Windows Server 2003 shares: Network boot packages provide built-in support for mapping to a share on a Windows 2003 server.

CD/DVD support: Enables you to build boot packages that include the following CD/DVD support: • Write an image directly to CD/DVD. • Make image CDs/DVDs bootable. (You must select an option in the Ghost Boot Wizard to make bootable CDs/DVDs.) • Access Ghost images and other files stored on CD/DVD.

CD/DVD support: Enables you to build boot packages that include the following CD support: • Write an image directly to CD. • Make image CDs bootable. (CDs are made bootable by default when you write an image directly to CD.) • Access ImageCenter images stored on CD.

Peer-to-peer support: Offers support for peer-topeer connections in PC-DOS and MS-DOS (that is, running Ghost.exe on two computers that are connected by either an LPT or USB cable)

Peer-to-peer support:None

Default PreOS: WinPE 2.0

Default PreOS: Caldera DOS (DR-DOS)

Additional PreOS options: • PC-DOS • MS-DOS • Linux (Thinstation)

Additional PreOS options: MS-DOS

External storage support: Includes built-in support for accessing external storage devices, such as FireWire, USB, or Zip drives

External storage support: None

NetWare support: None

NetWare support: Enables you to build Novell NetWare boot packages to connect clients to Novell servers running IPX

4–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Boot Packages Available in the Ghost Boot Wizard Ghost Boot Wizard enables you to create: • Standard Ghost Boot Package • Network Boot Package • Drive Mapping Boot Package • CD/DVD Startup Boot Package with Ghost • Console Boot Partition • TCP/IP Network Boot Image • TCP/IP Network Ghost Client Boot Image

Note: Detailed procedures for creating each of these boot package types can be found in the Sym antec Ghost Solution Suite Lesson Guide.

4

Creating Boot Packages with the Ghost Boot Wizard The Ghost Boot Wizard enables you to create the following types of boot packages: • Standard Ghost Boot Package • Network Boot Package • Drive Mapping Boot Package • CD/DVD Startup Boot Package with Ghost • Console Boot Partition • TCP/IP Network Boot Image • TCP/IP Network Ghost Client Boot Image Starting the Ghost Boot Wizard To start the Ghost Boot Wizard, select Start—>Programs—>Symantec Ghost —>Ghost Boot Wizard. Note: If Microsoft Core XML Services (MSXML) 6.0 is not already installed on your computer, you will be prompted to install it when you run the Ghost Boot Wizard. MSXML 6.0 is required to edit the WinPE PreOS environment. You can download MSXML 6.0 from http://www.microsoft.com/downloads/ details.aspx?FamilyID=993C0BCF-3BCF-4009-BE21-27E85E1857B1& displaylang=en

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–9

Creating a Standard Ghost Boot Package 1 Select PreOS environment. 2 3

Select Standard Ghost Boot Disk package type. Point to Ghost executable.

4 Specify destination location settings. 5 Specify boot package form at. 6 Specify additional files to include in package. 7 Create boot package.

Creating a Standard Ghost Boot Package The Standard Ghost Boot Package wizard creates a boot package that loads a PreOS environment and runs Ghost. Depending on the PreOS option you select, the boot package can also do the following: • Load network drivers and map a network share (WinPE and Linux PreOS options only) • Save images to a USB device, ISO image, CD/DVD, or One-click Virtual Partition (all PreOS options) • Save images to a floppy disk set or VMware virtual floppy (PC-DOS and MS-DOS PreOS options only) • Run Ghost on two computers that are connected by either an LPT or USB cable (PC-DOS and MS-DOS PreOS options only) To create a standard boot package that uses the WinPE PreOS environment: 1 On the first screen of the Ghost Boot Wizard, verify that Windows PE (Default) is selected, then click Next. Note: We will discuss the DeployAnywhere option later in this course. 2 Select “Standard Ghost Boot Disk,” then click Next. 3 Verify that the path to the Ghost executable is correct, then click Next. 4 Specify destination location settings. a If you want to save the image to a network location, specify the information needed to log in to the location and map the network share to a local drive letter, then click Next. b If you are saving the image to a network location, specify the method for assigning the client an IP address (dynamic or static), then click Next. 4–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Select the format you want to use for the boot package, specify associated settings, then click Next. 6 Specify any additional files you want to include in the boot package, then click Next. 7 Create the boot package. a Review the boot package details and click Next to create the boot package. b After the boot package is complete, click Finish to close the Ghost Boot Wizard, or click Start Again to return to the main Ghost Boot Wizard window. 5

Creating a Network Boot Package

To create a boot package with network support: 1 On the first screen of the Ghost Boot Wizard, select PC-DOS or MS-DOS as the PreOS, then click Next. If you select MS-DOS and you are using the Ghost Boot Wizard for the first time, you are prompted to insert an MS-DOS system disk that was formatted on a Windows 95/98 computer. The Ghost Boot Wizard then copies the MSDOS system files from this disk. 2 Click “Network Boot Package,” then click Next. 3 Select the Universal Packet Driver, then click Next. If your hardware does not support the Universal Packet Driver, select the option “Show all drivers” and select the driver for your NIC model, or click Add and point the Ghost Boot Wizard to the appropriate driver. When you select the Universal Packet Driver, information is displayed about the options that must be enabled in the BIOS in order to use the driver. Review this information and click OK. 4 In the Ghost.exe field, type the correct path if the executable has been moved or you want to use a different version of Symantec Ghost. The default path to ghost.exe appears in the Ghost.exe field. 5 In the Parameters field, type any required command-line parameters. 6 Click Next. 7 If you want to move control of USB devices from the BIOS to Ghost, enable the option “Override BIOS USB control.” This option is unavailable if you have previously included USB support in the boot package. Do not enable this option if you are creating a bootable USB device. 8 If you want to move control of FireWire devices from the BIOS to Ghost, enable the option “Override BIOS FireWire control.” 9 Click Next.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–11

4

The Network Boot Package provides network support for GhostCasting and TCP/IP peer-to-peer connections in the PC-DOS or MS-DOS PreOS.

10 Perform one of the following:



11

12 13 14 15 16

Select “DHCP will assign the IP settings” if your network contains a DHCP server. – Select “The IP settings will be statically defined” and complete the fields below this option if your network does not contain a DHCP server. If you create more than one boot package, the static IP address incrementally increases as each boot package is created. Set the Router Hops option to the desired value. This option specifies how many routers the client searches across when attempting to find the multicast server. The default value of 16 allows Ghost to find the server as long as it is not more than 16 router hops away. This is sufficient for most networks. Click Next. Select a destination for the boot package, then click Next. Specify any additional files you want to include in the boot package, then click Next. Review the boot package details, then click Next to create the boot package. After the boot package is complete, click Finish to close the Ghost Boot Wizard, or click Start Again to return to the main Ghost Boot Wizard window.

Creating a Drive Mapping Boot Package The Drive Mapping Boot Package maps a drive letter to a shared resource on a network server. This drive mapping lets you access a network drive from the DOS version of Ghost. You can choose to include Ghost.exe in the boot package. If you do not include Ghost.exe, you must run Ghost from the network drive. If you include Ghost.exe in the boot package, you cannot create a boot package on a floppy disk set. You can save the package to a USB flash drive or an to an ISO image. Note: A Drive Mapping Boot Package supports NDIS drivers but does not support using packet drivers. If you want to run Ghost.exe with network support and you want to use packet drivers, create a Network Boot Package. Note: If you do not run Ghost.exe from the A: drive, you must reset the environment variable WATTCP to provide the location of the Wattcp.cfg file. To create a boot package that supports mapping network drives: 1 On the first screen of the Ghost Boot Wizard, select PC-DOS or MS-DOS as the PreOS, then click Next. If you select MS-DOS and you are using the Ghost Boot Wizard for the first time, you are prompted to insert an MS-DOS system disk that was formatted on a Windows 95/98 computer. The Ghost Boot Wizard then copies the MSDOS system files from this disk.

4–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

3

4 5

6 7 8

9 10 11

12

13 14

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–13

4

2

Also, if you choose MS-DOS, you must click Get MS Client and point the Ghost Boot Wizard to your MS client files. If MS-DOS client files are not installed on your system, you need to manually create a client disk. For instructions on how to do this, see: http://service1.symantec.com/SUPPORT/ontechnology.nsf/docid/1998081310484225 Select “Drive Mapping Boot Package,” then click Next. In the Network Interface Card window, perform one of the following: – In the driver list, double-click the Universal NDIS Driver, browse to the location of the Universal NDIS Driver files, and then click OK. If you do not have a Universal NDIS Driver, you can download 3Com’s MBA Utility Disk v4.30, which includes a Universal NDIS Driver for DOS, from the following URL: http://support.3com.com/infodeli/tools/nic/mba.htm – In the driver list, select or add a network driver, and then click Next. Click Next. In the Ghost.exe field, type the correct path if the executable has been moved or you want to use a different version of Symantec Ghost. The default path to Ghost.exe appears in the Ghost.exe field. In the Parameters field, type any required command-line parameters. Click Next. If you want to move control of USB devices from the BIOS to Ghost, enable the option “Override BIOS USB control.” This option is unavailable if you have previously included USB support in the boot package. Do not enable this option if you are creating a bootable USB device. If you want to move control of FireWire devices from the BIOS to Ghost, enable the option “Override BIOS FireWire control.” Click Next. In the Client Computer Name field, type the name of the client computer. This specifies the name of the computer after it starts from the package and does not have to be the same name given to the computer in Windows. If you create more than one package, a number is added to the computer name so that the names for subsequent packages are unique. In the User Name field, type the user name that the boot package will use to log on to the network. This user must exist on the network and have sufficient access rights to the mapped network drive, files, and directories that you want to use. In the Domain or Workgroup field, type the domain or workgroup to which the user belongs. From the Drive Letter drop-down list, select a drive letter to access a network share through a mapped drive.

15

16 17

18

19 20 21 22 23

Select a drive letter greater than any existing drive letter. If you want to prevent the boot package from mapping a drive when the computer starts, click None. In the Maps To field, type the complete UNC path to the network share. For example, to access a shared folder named Backups on a computer named Ghostserver, the UNC path is \\Ghostserver\Backups. Click Next. Perform one of the following: – Select “DHCP will assign the IP settings” if your network contains a DHCP server. – Select “The IP settings will be statically defined” and complete the fields below this option if your network does not contain a DHCP server. If you create more than one boot package, the static IP address incrementally increases as each boot package is created. Set the Router Hops value to the desired value. This option specifies how many routers the client searches across when attempting to find the multicast server. The default value of 16 lets Ghost find the server as long as it is not more than 16 router hops away. This is sufficient for most networks. Click Next. Select a destination for the boot package, then click Next. Specify any additional files you want to include in the boot package, then click Next. Review the boot package details, then click Next to create the boot package. After the boot package is complete, click Finish to close the Ghost Boot Wizard, or click Start Again to return to the main Ghost Boot Wizard window.

Configuring Windows 2003 Servers to Support the Ghost Drive Mapping Boot Package If you intend to use a Ghost Drive Mapping Boot Package to map to a share on a Windows 2003 server, you must first configure several settings on the Windows 2003 server. If you do not configure these settings, you will receive the error message, “Access Denied,” when the DOS mapping client attempts to map to the share. The settings you must configure depend on whether or not the Windows 2003 server is a domain controller. To change settings on a Windows 2003 domain controller: 1 On the Windows taskbar, select Start—>Programs—>Administrative Tools —>Domain Controller Security Policy. 2 Select Security Settings—>Local Policies—>Security Options. 3 Navigate to “Network Security: LAN Manager Authentication Level” and change the setting from “Send NTLM response only” to “Send LM & NTLM responses.”

4–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Click OK. 5 Navigate to “Microsoft network server: Digitally sign communications (always)” and change the setting from Enabled to Disabled. 6 Click OK. 7 Reboot the Windows 2003 server. 4

To change settings on a Windows 2003 server that is not a domain controller: 1 On the Windows taskbar, select Start—>Programs—>Administrative Tools —>Local Security Policy. 2 Select Security Settings—>Local Policies—>Security Options. 3 Navigate to “Network Security: LAN Manager Authentication Level” and change the setting from “Send NTLM response only” to “Send LM & NTLM responses.” 4 Click OK. 5 Navigate to “Microsoft network server: Digitally sign communications (always)” and change the setting from Enabled to Disabled. 6 Click OK. 7 Reboot the Windows 2003 server.

The CD/DVD Startup Boot Package lets you access images and other files stored on CD and DVD drives that are not supported by Symantec Ghost. This kind of package also contains the DOS system files and Ghost.exe. To create a boot package with CD-ROM and DVD support: 1 On the first screen of the Ghost Boot Wizard, select PC-DOS or MS-DOS as the PreOS, then click Next. If you select MS-DOS and you are using the Ghost Boot Wizard for the first time, you are prompted to insert an MS-DOS system disk that was formatted on a Windows 95/98 computer. The Ghost Boot Wizard then copies the MSDOS system files from this disk. 2 Select “CD/DVD Startup Boot Package with Ghost,” then click Next. 3 In the Ghost.exe field, type the correct path if the executable has been moved or you want to use a different version of Symantec Ghost. The default path to Ghost.exe appears in the Ghost.exe field. 4 In the Parameters field, type any required command-line parameters. 5 Click Next.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–15

4

Creating a CD/DVD Startup Boot Package that Includes Ghost

6

7 8 9 10 11 12

If you want to move control of USB devices from the BIOS to Ghost, enable the option “Override BIOS USB control.” This option is unavailable if you have previously included USB support in the boot package. Do not enable this option if you are creating a bootable USB device. If you want to move control of FireWire devices from the BIOS to Ghost, enable the option “Override BIOS FireWire control.” Click Next. Select a destination for the boot package, then click Next. Specify any additional files you want to include in the boot package, then click Next. Review the boot package details, then click Next to create the boot package. After the boot package is complete, click Finish to close the Ghost Boot Wizard, or click Start Again to return to the main Ghost Boot Wizard window.

Creating a Console Boot Partition Image The Console Boot Partition Image contains the boot partition. Install this image on client computers to allow remote control by the Ghost Console. To create a boot image that contains a boot partition: 1 On the first screen of the Ghost Boot Wizard, select PC-DOS, MS-DOS, or Windows PE as the PreOS, then click Next. If you select MS-DOS and you are using the Ghost Boot Wizard for the first time, you are prompted to insert an MS-DOS system disk that was formatted on a Windows 95/98 computer. The Ghost Boot Wizard then copies the MSDOS system files from this disk. 2 Select “Console Boot Partition,” then click Next. 3 PC-DOS or MS-DOS: Select the Universal Packet Driver, then click Next. If your hardware does not support the Universal Packet Driver, select the option “Show all drivers” and select the driver for your NIC model, or click Add and point the Ghost Boot Wizard to the appropriate driver. When you select the Universal Packet Driver, information is displayed about the options that must be enabled in the BIOS in order to use the driver. Review this information and click OK. 4 Type the correct path in the Ghost.exe field if the executable has been moved, or you want to use a different version of Ghost.exe. The default path to Ghost.exe appears in the Ghost.exe field. 5 Type the correct path in the Ngctdos.exe field if the executable has been moved, or you want to use a different version. The default path to the Ghost DOS client executable appears in the Ngctdos.exe field.

4–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

7

8 9

10

11 12 13 14 15 16

Type the correct path in the Ghstwalk.exe field if the executable has been moved, or you want to use a different version. The default path to the Ghost Walker executable is entered in the Ghstwalk.exe field. In the Machine Group field, type the computer group folder, if required. When a Client is first discovered on the network, an icon is created for it in the Machine Group section of the Default folder in the Ghost Console. When DOS Console Client computers are discovered, they are identified by Adapter Address only. Specifying a group folder makes identification of the computer easier. Click Next. Perform one of the following: – Select “DHCP will assign the IP settings” if your network contains a DHCP server. – Select “The IP settings will be statically defined” and complete the fields below this option if your network does not contain a DHCP server. If you create more than one boot package, the static IP address incrementally increases as each boot package is created. Set the Router Hops value to the desired value. This option specifies how many routers the client searches across when attempting to find the multicast server. The default value of 16 lets Ghost find the server as long as it is not more than 16 router hops away. This is sufficient for most networks. Click Next. In the Image File field, specify a name for the image file and the location where you want to save the file. In the Description field, type a description for the image file. Click Next. Review the boot package details and click Next to create the boot package. After the boot package is complete, click Finish to close the Ghost Boot Wizard, or click Start Again to return to the main Ghost Boot Wizard window.

Creating a TCP/IP Network Boot Image The TCP/IP Network Boot Image enables you to start client computers in Ghost.exe from the network using 3Com DynamicAccess Boot Services software. To create an image file to start client computers from the network: 1 On the first screen of the Ghost Boot Wizard, select PC-DOS, MS-DOS, Windows PE, or Linux as the PreOS, then click Next. If you select MS-DOS and you are using the Ghost Boot Wizard for the first time, you are prompted to insert an MS-DOS system disk that was formatted on a Windows 95/98 computer. The Ghost Boot Wizard then copies the MSDOS system files from this disk. Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–17

4

6

2 3

4

5 6 7

8

9

4–18

Select “TCP/IP Network Boot Image,” then click Next. PC-DOS or MS-DOS: Select the Universal Packet Driver, then click Next. If your hardware does not support the Universal Packet Driver, select the option “Show all drivers” and select the driver for your NIC model, or click Add and point the Ghost Boot Wizard to the appropriate driver. When you select the Universal Packet Driver, information is displayed about the options that must be enabled in the BIOS in order to use the driver. Review this information and click OK. In the Ghost.exe field, type the correct path if the executable has been moved or you want to use a different version of Symantec Ghost. The default path to Ghost.exe appears in the Ghost.exe field. In the Parameters field, type any required command-line parameters. Click Next. PC-DOS or MS-DOS: On the External Storage Support screen: a If you want to move control of USB devices from the BIOS to Ghost, enable the option “Override BIOS USB control.” This option is unavailable if you have previously included USB support in the boot package. b If you want to move control of FireWire devices from the BIOS to Ghost, enable the option “Override BIOS FireWire control.” c Click Next. WinPE or Linux: On the Network Client Configuration screen: a In the User Name field, type the user name that the boot package will use to log on to the network. This user must exist on the network and have sufficient access rights to the mapped network drive, files, and directories that you want to use. b In the Domain or Workgroup field, type the domain or workgroup to which the user belongs. c From the Drive Letter drop-down list, select a drive letter to access a network share through a mapped drive. Select a drive letter greater than any existing drive letter. If you want to prevent the boot package from mapping a drive when the computer starts, select None. d In the Maps To field, type the complete UNC path to the network share. For example, to access a shared folder named Backups on a computer named Ghostserver, the UNC path is \\Ghostserver\Backups. PC-DOS, MS-DOS, or WinPE: a Perform one of the following: › Select “DHCP will assign the IP settings” if your network contains a DHCP server.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

10 11

12

13 14

Select “The IP settings will be statically defined” and complete the fields below this option if your network does not contain a DHCP server. If you create more than one boot package, the static IP address incrementally increases as each boot package is created. b Set the Router Hops value to the desired value. This option specifies how many routers the client searches across when attempting to find the multicast server. The default value of 16 lets Ghost find the server as long as it is not more than 16 router hops away. This is sufficient for most networks. c Click Next. Specify any additional files you want to include in the boot package, then click Next. PC-DOS or MS-DOS: On the TCP/IP Network Boot Image screen: a In the Image File field, specify a name for the image file and the location where you want to save the file. This image can be used with any BOOTP/ TFTP server. b Click Next. WinPE or Linux: On the TCP/IP Network Boot Image screen: a In the TFTP Root Directory field, specify the path to your TFTP server root directory. b WinPE: In the Name field, specify the name for the WinPE boot image you are creating. c Click Next. Review the boot package details, then click Next to create the boot package. After the boot package is complete, click Finish to close the Ghost Boot Wizard, or click Start Again to return to the main Ghost Boot Wizard window.

Creating a TCP/IP Network Ghost Client Boot Image The TCP/IP Network Ghost Client Boot Image enables you to start client computers from the network and connect to the Symantec Ghost Console, using 3Com DynamicAccess Boot Services software. To create an image file to start client computers from the network: 1 On the first screen of the Ghost Boot Wizard, select PC-DOS, MS-DOS, or Windows PE as the PreOS, then click Next. If you select MS-DOS and you are using the Ghost Boot Wizard for the first time, you are prompted to insert an MS-DOS system disk that was formatted on a Windows 95/98 computer. The Ghost Boot Wizard then copies the MSDOS system files from this disk. 2 Select “TCP/IP Network Ghost Client Boot Image,” then click Next.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–19

4



3

4

5

6

7

8 9

10

4–20

PC-DOS or MS-DOS: Select the Universal Packet Driver, then click Next. If your hardware does not support the Universal Packet Driver, select the option “Show all drivers” and select the driver for your NIC model, or click Add and point the Ghost Boot Wizard to the appropriate driver. When you select the Universal Packet Driver, information is displayed about the options that must be enabled in the BIOS in order to use the driver. Review this information and click OK. Type the correct path in the Ghost.exe field if the executable has been moved, or you want to use a different version of Ghost.exe. The default path to Ghost.exe appears in the Ghost.exe field. Type the correct path in the Ngctdos.exe field if the executable has been moved, or you want to use a different version. The default path to the Ghost DOS client executable appears in the Ngctdos.exe field. Type the correct path in the Ghstwalk.exe field if the executable has been moved, or you want to use a different version. The default path to the Ghost Walker executable is entered in the Ghstwalk.exe field. In the Machine Group field, type the computer group folder, if required. When a client is first discovered on the network, an icon is created for it in the Machine Group section of the Default folder in the Ghost Console. When DOS Console Client computers are discovered, they are identified by Adapter Address only. Specifying a group folder makes identification of the computer easier. Click Next. WinPE: On the Network Client Configuration screen: a In the User Name field, type the user name that the boot package will use to log on to the network. This user must exist on the network and have sufficient access rights to the mapped network drive, files, and directories that you want to use. b In the Domain or Workgroup field, type the domain or workgroup to which the user belongs. c From the Drive Letter drop-down list, select a drive letter to access a network share through a mapped drive. Select a drive letter greater than any existing drive letter. If you want to prevent the boot package from mapping a drive when the computer starts, select None. d In the Maps To field, type the complete UNC path to the network share. For example, to access a shared folder named Backups on a computer named Ghostserver, the UNC path is \\Ghostserver\Backups. Perform one of the following: – Select “DHCP will assign the IP settings” if your network contains a DHCP server. Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

11

12 13 14

15

16 17

Select “The IP settings will be statically defined” and complete the fields below this option if your network does not contain a DHCP server. If you create more than one boot package, the static IP address incrementally increases as each boot package is created. Set the Router Hops value to the desired value. This option specifies how many routers the client searches across when attempting to find the Multicast Server. The default value of 16 lets Ghost find the server as long as it is not more than 16 router hops away. This is sufficient for most networks. Click Next. Specify any additional files you want to include in the boot package, then click Next. PC-DOS or MS-DOS: In the Image File field: a Specify a name for the image file and the location where you want to save the file. This image can be used with any BOOTP/TFTP server. b Click Next. WinPE: On the TCP/IP Network Boot Image screen: a In the TFTP Root Directory field, specify the path to your TFTP server root directory. b In the Name field, specify the name for the WinPE boot image you are creating. c Click Next. Review the boot package details, then click Next to create the boot package. After the boot package is complete, click Finish to close the Ghost Boot Wizard, or click Start Again to return to the main Ghost Boot Wizard window.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–21

4



Boot Packages Available in Boot Disk Builder Boot Disk Builder lets you create: • Microsoft TCP/IP Boot Disks • Novell NetWare IPX Client Boot Disks • PowerCast Boot Disks • Unicast Boot Disks • Standalone Boot Disks

Note: Detailed procedures for creating each of these boot package types can be found in the Sym antec Ghost Solution Suite Lesson Guide.

Creating Boot Packages with the DeployCenter Boot Disk Builder Boot Disk Builder enables you to create the following types of boot packages: • Microsoft TCP/IP Boot Disks • Novell NetWare IPX Client Boot Disks • PowerCast Boot Disks • Unicast Boot Disks • Standalone Boot Disks Installing Microsoft Client Files For the following types of boot disks, Microsoft Client files must be installed on the Boot Disk Builder computer before you create a boot disk: • Unicast Boot Disks with a TCP/IP driver • Microsoft TCP/IP Boot Disks To install Microsoft Client files, you must be logged onto the computer as an Administrator and be connected to the Internet.

4–22

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Installing Microsoft Client Files: Locating GETMSLAN.BAT

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4

To download the Microsoft Client files, run GETMSLAN.BAT from the \BDBUILD folder in the location where DeployCenter is installed.

4–23

Installing Microsoft Client Files: Running GETMSLAN.BAT

GETMSLAN.BAT connects to a Microsoft FTP server and downloads the Microsoft Client files.

4–24

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Run Getmslan.bat a second time to copy the Microsoft Client files to the \BDBUILD\MS folder. After the files are copied locally, you can create TCP/IP boot disks with Boot Disk Builder. Starting Boot Disk Builder To start Boot Disk Builder, select Start—>Programs—>Symantec DeployCenter —>DeployCenter Tools—>Boot Disk Builder.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–25

4

Installing Microsoft Client Files: Files Downloaded by GETMSLAN.BAT

Creating a Microsoft TCP/IP Boot Disk

1 Select boot disk type. 2 Configure Microsoft TCP/IP settings. 3

Specify how ImageCenter should be run.

4 Select network adapters. 5 Add network adapters, if needed. 6 Specify IP address settings. 7 Select destination for boot disk.

Creating Microsoft TCP/IP Boot Disks Note: Before creating Unicast boot disks, you must have the Microsoft Client files installed. See the section “Installing Microsoft Client Files” at the beginning of this topic. To create Microsoft TCP/IP boot disks: From the Boot Disk Builder main menu, select Microsoft TCP/IP Boot Disks, and then click Next. 2 Configure the following Microsoft TCP/IP settings: – Enter the User name that will be used to log in to the network. If this boot disk is part of a task, the designated user must have the necessary rights to perform the network-based tasks. – If the boot disk needs to run “hands-off” (without user input), mark Login automatically and enter the user’s password in the Password and Confirm password fields. Note that you should not have a password on a shared volume if you are going to access it with a boot disk; the password you enter will only allow access to the domain, not the domain and a shared volume. – Select Login to Workgroup to log the user into a workgroup, or select Login to Domain to log the user into a domain. – Designate the network drive letter to be mapped at boot up and the UNC path it is mapped to. 3 Specify the location and parameters (optional) for ImageCenter, and then click Next. 1

4–26

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Select your network adapter and click Next. 5 If your network adapter is not listed: a Click Add. b To manually add driver information in situations when a driver’s .INF file is not available, select the option “Enter driver information manually,” then click Next. c Ensure that the option “Support multi-driver boot disks” is selected. d In the Network adapter ID field, enter the network adapter’s vendor string. A quick way to find the vendor string is to use the Windows Device Manager to view the network adapter’s properties. To start the Device Manager in Windows XP/2003, right-click My Computer and select Properties. Click the Hardware tab, and then click Device Manager. In Device Manager, expand the “Network adapters” item. Right-click the appropriate adapter and select Properties. In the Properties window, click the Details tab, and then select “Device Instance Id” from the Property drop-down list. The vendor string should be displayed in the Value box. Select the vendor string and press Ctrl+C to copy the string. You can then return to the Network Adapter ID field in Boot Disk Builder and press Ctrl+V to paste the vendor string. e In the “Network adapter descriptive name” field, type the name of the network adapter as you want it to appear in Boot Disk Builder’s adapter list, and then click Next. f If you chose to include a NetWare IPX DOS driver, browse to and select the appropriate driver (.COM or .EXE), and then click Next. g Browse to the network adapter’s NDIS2 DOS driver (.DOS or .EXE), select the driver, and then click Finish. The device is added to Boot Disk Builder’s network adapter list. 6 Perform one of the following, then click Next: – Select “Obtain an IP address from a DHCP server” if a DHCP server is used to assign client IP addresses. – Select “Specify an IP address” if there is no DHCP server and you need to use TCP/IP on the network. You must also enter a static IP address and subnet mask. 7 Select a destination for the boot disk, then click Finish to build the boot package. The available destinations are: – To a floppy diskette set (for portability) – To a network location (for distribution) – As a virtual floppy (for remote use, such as PXE booting) Creating PowerCast Boot Disks PowerCast client machines must have the necessary NIC drivers and network configuration files to receive PowerCast sessions. Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–27

4

4

To create PowerCast boot disks: 1 From the Boot Disk Builder main menu, select PowerCast Boot Disks, and then click Next. 2 Select the start-up mode for ImageCenter, and then click Next. Client

The Client is the workstation receiving the PowerCast session. If you click Client, you must indicate the session name and the hard disk number the client will use for PowerCasting. When a client computer is booted from a PowerCast Client boot disk, ImageCenter starts in PowerCast Client mode, connects to the designated PowerCast session, and restores the image to the specified hard disk. Any existing information on the client hard disk is completely erased.

Server

The Server is the computer PowerCasting the image to the client workstations. When a PowerCast Server is booted from a PowerCast Server boot disk, the diskette launches ImageCenter in PowerCast Server mode, displays the server progress screen, waits for the specified number of clients to attach, and PowerCasts the specified image file. When it is finished, the server waits for additional clients to attach until you click Close. You can have the server start automatically by checking this option and specifying a session name, image file path and filename, and autostart client count.

Select your network adapter or multiple adapters and click Next. You can select multiple NICs. All of the files for those NICs will be copied to the boot disk. (There must be enough space on the first disk for all the selected NICs.) At boot time, the list of NICs copied is compared to the NIC in the computer. If one of these NICs matches, that driver is loaded, and the system is configured for it. Selecting multiple NICs for the boot disk enables the disk to be used on computers with different NICs. You cannot use this method to deploy to laptops because there are incompatibilities with the PCBUS or PCMCIA NIC cards. If your network adapter is not listed, click Add and point Boot Disk Builder to the appropriate driver file for your network adapter. 4 Perform one of the following: – Select “Obtain an IP address from a DHCP server” if a DHCP server is used to assign client IP addresses. – Select “Specify an IP address” if there is no DHCP server and you need to use TCP/IP on the network. You must also enter a static IP address and subnet mask. 5 In the PowerCast Maximum TTL field, specify the number of routers a packet can pass through. 6 Click Next. 3

4–28

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Select a destination for the boot package (floppy disk, folder, or virtual boot disk file). 8 Click Finish to build the boot package. 7

Creating Unicast Boot Disks You can create Unicast client boot disks for connecting to a Unicast image server. Unicast boot disks are recommended for PXE applications. When you create the boot disks, you can specify the Unicast server to connect to and the driver to use (UNDI or Microsoft TCP/IP NDIS). Note: Before creating Unicast boot disks, you must have the Microsoft Client files installed. See the section “Installing Microsoft Client Files” at the beginning of this topic. To create Unicast boot disks: From the Boot Disk Builder main menu, click Unicast Boot Disks, and then click Next. 2 Select “By Name” and specify the name of the Unicast Image server, or select “By IP Address” and specify the IP address of the Unicast Image server. 3 Click Next. 4 Perform one of the following: – Select UNDI Driver if you intend to boot the client computer from a PXE server. A virtual floppy disk file (.VFD) is created, which you can then place on the PXE server. Use the Symantec PXE Configuration Utility to add the virtual floppy to the user’s PXE boot menu. – Select Microsoft TCP/IP, click Next, and select the Microsoft NDIS driver you need. 5 Click Next. 6 Specify the location and any optional command-line parameters for ImageCenter. The Microsoft TCP/IP Boot Disk automatically boots a network workstation to ImageCenter. Therefore, you must indicate where the ImageCenter program files can be found. 7 Click Next.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–29

4

1

8

9 10 11

12

Perform one of the following: – Select “Obtain an IP address from a DHCP server” if a DHCP server is used to assign client IP addresses. – Select “Specify an IP address” if there is no DHCP server and you need to use TCP/IP on the network. You must also enter a static IP address and subnet mask. In the PowerCast Maximum TTL field, specify the number of routers a packet can pass through. Click Next. Select a destination for the boot disk (floppy disk, folder, or virtual boot disk file). Note: If you chose the UNDI driver as the network adapter type, you can only save the boot disk as a virtual boot disk file. Click Finish to build the boot package.

Creating Novell NetWare IPX Client Boot Disks To create Novell NetWare IPX client boot disks: 1 From the Boot Disk Builder main menu, select Novell NetWare IPX Client Boot Disks, and then click Next. 2 Configure the following Novell NetWare client settings: – Enter the User name that will be used to log in to the network. If this boot disk is part of a task, the designated user must have the necessary rights to perform the network-based tasks. – If the boot disk needs to run “hands-off,” that is, without user input, mark Login automatically and enter the user’s password in the Password and Confirm password fields. – Indicate the network’s first mapped drive in the First network drive dropdown list. – In the Preferred server field, enter the full NDS context name for the server that the user typically logs in to (the server that has the user’s network files and directories). The preferred server is the same as the NDS tree. – In the Name context field, enter the NDS context for the user’s NDS User object (for example, docs.dev.acmecorp). – If you want to automatically map a network drive at boot up, mark Map a network drive. This requires that you designate the drive letter to be mapped and the UNC path it is mapped to. For example, Q:\ might be mapped to \\SERVER\Volume. 3 Click Next.

4–30

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

5

6

7 8 9 10

Specify the location and parameters for ImageCenter and click Next. The Novell NetWare Client boot disk automatically boots a network workstation to ImageCenter. Therefore, you must indicate where it can find the ImageCenter program files. Parameters for ImageCenter are optional. Select your network adapter or multiple adapters, and then click Next. If your network adapter is not listed, click Add and point Boot Disk Builder to the appropriate driver file for your network adapter. Perform one of the following: – Select “Obtain an IP address from a DHCP server” if a DHCP server is used to assign client IP addresses. – Select “Specify an IP address” if there is no DHCP server and you need to use TCP/IP on the network. You must also enter a static IP address and subnet mask. From the Frame Type drop-down list, select the appropriate communications protocol for your network. Click Next. Select a destination for the boot disk (floppy disk, folder, or virtual boot disk file). Click Finish to build the boot package. 4

4

Creating Standalone Boot Disks To create standalone boot disks: 1 From the Boot Disk Builder main menu, select Standalone Boot Disks, and then click Next. 2 Specify the location and parameters (optional) for ImageCenter, and then click Next. 3 Select a destination for the boot disk (floppy disk, folder, or virtual boot disk file). 4 Click Finish to build the boot package.

Lesson 4 Creating Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

4–31

Lesson Summary Key Points In this lesson, you learned about: – What boot packages are and what you can do with them – The different types of boot packages you can create – The process for building a boot package – The main differences between the Ghost Boot Wizard and Boot Disk Builder – Using the Ghost Boot Wizard to create boot packages – Using the DeployCenter Boot Disk Builder to create boot packages

Lab 4: Creating Boot Packages In this lab, you: •Create a Linux-based Ghost ISO image boot environment. •Create a WinPE-based Ghost Virtual Partition boot environment. •Create a DOS-based Ghost Virtual Partition boot environment. •Create a DOS-based DeployCenter Virtual Floppy Disk boot environment.

4–32

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 5 Using Boot Packages

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives After completing this lesson, you will be able to:

Topic

5–2

Methods for Using Boot Packages

Describe the different w ays you can use the boot packages you create w ith the Ghost Solution Suite.

Creating QuickBoot Executables

Use Boot Disk Builder to build a QuickBoot executable.

PXE Com ponents in Ghost Solution Suite

Identify the different PXE ver sions included w ith Ghost Solution Suite.

Configuring the 3Com Boot Services PXE Environment

Configur e 3Com Boot Services PXE in preparation for performing remote deployments with Ghost.

Configuring the DeployCenter PXE E nvir onm ent

Configur e DeployCenter PXE in pr epar ation for perform ing rem ote deploym ents with DeployCenter.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Methods for Using Boot Packages Launch Method

Advantages

Disadvantages

Physical floppy diskette

Portable; writable

Very small capacity; slow; newer systems may not have a floppy drive

VMware virtual floppy

Can be used to boot VMware virtual machines to Ghost

Very small capacity; cannot be converted to physical boot floppy

USB flash drive

Very compact and portable; fast, durable; large capacity; writable

Older computers may not support bootable USB devices; more expensive per unit than floppy diskettes and CDs

ISO image

Can be used to boot VMware virtual machines to Ghost; fast; large capacity; can be burned to physical CD/DVD media

Cannot be used directly on physical machines (must be burned to CD/DVD fir st)

CD/DVD-ROM

Portable; larger capacity and faster than floppy diskettes

Slower than flash memory or hard drives

Methods for Using Boot Packages

Launch Method

Advantages

Disadvantages

Physical floppy diskette

Portable; writable

Very small capacity; slow; newer systems may not have a floppy drive

VMware virtual floppy

Can be used to boot VMware virtual machines to Ghost

Very small capacity; cannot be converted to physical boot floppy

USB flash drive

Very compact and portable; fast, durable; large capacity; writable

Older computers may not support bootable USB devices; more expensive per unit than floppy diskettes and CDs

ISO image

Can be used to boot VMware virtual machines to Ghost; fast; large capacity; can be burned to physical CD/DVD media

Cannot be used to directly boot physical machines (must be burned to CD/DVD first)

CD/DVD-ROM

Portable; larger capacity and faster than floppy diskettes

Slower than flash memory or hard drives

Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–3

5

There are several ways you can use the boot packages you create with the Ghost Solution Suite. Following is a brief overview of the different ways you can launch boot packages, along with their relative advantages and disadvantages.

Methods for Using Boot Packages (continued) Launch Method

Advantages

Disadvantages

One-click virtual partition

Easy to distribute to users (from a networ k shar e, through e-mail as a zipped file, and so on); customizable and easy to run (launched from an installed OS)

Requires an OS to be installed

QuickBoot executable

Easy to distribute to users (through e-mail, client management console, and so on); customizable and easy to run (launched from an installed OS)

Requires an OS to be installed; requires you to first build a virtual floppy and then convert it to a QuickBoot executable

PXE

Centralized; easy to use and maintain; ideal for remote deployment of bare metal systems

More complicated setup than other methods; requires a system to act as a PXE server; clients must support network booting

Launch Method

Advantages

Disadvantages

One-click virtual partition

Easy to distribute to users (from a network share, through e-mail as a zipped file, and so on); customizable and easy to run (launched from an installed OS)

Requires an OS to be installed

QuickBoot executable

Easy to distribute to users (through e-mail, client management console, and so on); customizable and easy to run (launched from an installed OS)

Requires an OS to be installed; requires you to first build a virtual floppy and then convert it to a QuickBoot executable

PXE

Centralized; easy to use and maintain; ideal for remote deployment of bare metal systems

More complicated setup than other methods; requires a system to act as a PXE server; clients must support network booting

5–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Overview of QuickBoot Executables

QuickBoot executables: • Provide a quick and easy method for making virtual floppies self-launching. • Can be sent to users through e-mail, deployed across the network, or packaged as an .MSI file.

Creating QuickBoot Executables

Once you create a DeployCenter virtual floppy, it is of no practical use until a way is provided to run it. It is not possible to simply double-click the virtual floppy .vfd file to make it run. Symantec has provided a quick and easy method for making DeployCenter virtual floppies self-launching—QuickBoot executables. Using the QuickBoot wizard in Boot Disk Builder, you can easily create an executable file from a virtual floppy. When you double-click the QuickBoot executable, it extracts the virtual floppy to the Windows temporary folder, writes a pointer in the hard disk’s Master Boot Record that indicates where the virtual floppy is stored, reboots the computer, and runs the contents of the virtual floppy. After you create the QuickBoot executable, you can send it to users through e-mail, deploy it across the network, or package it as an .MSI file. Users can then run the QuickBoot executable on their computers just as they would any other executable file. You can even use a management tool such as SMS or LANDesk to push the QuickBoot executable out to remote machines, causing them to automatically reboot and run the virtual floppy. Note: Before you can build a QuickBoot executable, you must have created a virtual boot disk using Boot Disk Builder. You cannot create a QuickBoot executable if a virtual floppy does not exist.

Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–5

5

The methods for using boot packages that we discussed in the previous topic cover all the types of boot packages you can create with Ghost Solution Suite’s tools, with one exception—the virtual floppies you create with DeployCenter’s Boot Disk Builder.

Using VF Editor to Customize Virtual Floppies Select SelectStartÆProgramsÆ StartÆProgramsÆ Symantec SymantecDeployCenterÆ DeployCenterÆ DeployCenter DeployCenterToolsÆ ToolsÆ VF VFEditor. Editor.

Using VF Editor to Customize Virtual Floppies Prior to converting a virtual floppy into a QuickBoot executable, you can use the VF Editor tool included with DeployCenter to edit the contents of a virtual floppy (for example, modify batch files, add drivers, and so on). To run VF Editor, select Start—>Programs—>Symantec DeployCenter—> DeployCenter Tools—>VF Editor. For more information on using VF Editor to edit virtual floppies, refer to the DeployCenter User Guide.

5–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

The pqdotask.bat File

Virtual floppies contain one file in particular that makes it easy to customize the imaging process—pqdotask.bat. This file contains commands that control when and how ImageCenter is run. These commands are placed in the pqdotask.bat file rather than the autoexec.bat to make it easier to customize the imaging process without affecting device driver information. When you choose to run ImageCenter from the boot diskettes, that information is recorded in pqdotask.bat.

Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–7

5

The pqdotask.bat File

Building a QuickBoot Executable

Building a QuickBoot Executable To build a QuickBoot executable: 1 Start Boot Disk Builder (select Start—>Programs—>Symantec DeployCenter —>DeployCenter Tools—>Boot Disk Builder). 2 From the Boot Disk Builder drop-down menu, select Tools—>Build a QuickBoot Executable. 3 Specify the name of an existing virtual boot disk configuration file (*.VFD) in the Virtual Boot Disk file text field. Click the browse button to navigate to the file’s location. 4 Specify the filename of the QuickBoot executable you want to build in the QuickBoot executable to build text field. Click the browse button to navigate to the location where you want to save the executable. 5 (Optional) Type a brief description of the executable and what it does in the QuickBoot description text field. Users will be able to read the description only when they run the executable with the /PROMPT option selected. If you want users to always see the description, select the option “Prompt the user before rebooting” (see the next step). 6 (Optional) If you want to prompt a user before rebooting their computer, select “Prompt the user before rebooting.” 7 Click OK to create the QuickBoot executable. 8 When a dialog box appears informing you that the QuickBoot executable has been successfully created, click OK.

5–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

PXE Components in Ghost Solution Suite Advantages: • Supports WinPE boot images • Supports Linux boot images

3Com Boot Services

DeployCenter PXE Server

Disadvantages: • More difficult to set up than DeployCenter PXE • Not officially supported by Symantec

Advantages: • Very easy to set up • Fully supported by Sym antec Disadvantages: Only supports floppy (DOS) boot images

QuickBoot executables and one-click virtual partitions are excellent for allowing users to load a boot package by running an executable within Windows, but what if the computer does not have an operating system installed? IT professionals need a different method than QuickBoot executables to boot such computers. This need primarily exists when deploying images to new computers or when performing disaster recovery. In these situations, you need a quick way to boot a computer and begin the imaging process. A PXE server is usually the best solution in such cases. The Ghost Solution Suite includes two different versions of PXE server software: 3Com Boot Services and the DeployCenter PXE server. Following are some of the main differences between the two versions. 3Com Boot Services • Advantages: Supports WinPE boot images; supports Linux boot images • Disadvantages: More difficult to set up than DeployCenter PXE; not officially supported by Symantec DeployCenter PXE server • Advantages: Very easy to set up and configure; fully supported by Symantec • Disadvantages: Only supports floppy (DOS) boot images In this lesson, we will discuss how to install and use 3Com Boot Services with Ghost. A later topic in this lesson discusses how to configure and use the DeployCenter PXE server. Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–9

5

PXE Components in Ghost Solution Suite

Configuring the 3Com Boot Services PXE Environment

This topic covers: • Installing the 3Com Boot Services software • Creating a WinPE PXE boot image • Editing the BOOTPTAB • Starting the TFTP Server software • Starting the PXE Server software

Configuring the 3Com Boot Services PXE Environment In this topic, we cover the following procedures for configuring the 3Com Boot Services environment: • Installing the 3Com Boot Services software • Creating a WinPE PXE boot image • Editing the BOOTPTAB • Starting the TFTP Server software • Starting the PXE Server software

5–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Installing the 3Com Boot Services Software

1 Launch 3Com Boot Services installation wizard. 2 Accept licensing agreement. 3 Select installation folders. 4 Select “Server” setup type. 5 Complete installation.

Prerequisite: Before setting up your 3Com PXE server, ensure that a DHCP server is available. 1 Launch the 3Com Boot Services installation wizard. a Insert the Ghost Solution Suite CD into the CD-ROM drive, and when the Ghost Solution Suite installation window is displayed, click “Install Tools and Utilities.” b Click “Install 3Com Boot Services PXE Server.” c When the 3Com Boot Services wizard is displayed, click “Install 3Com Boot Services.” d At the Welcome screen, click Next. 2 To accept the licensing agreement, click Yes. 3 Select installation folders. a To accept the default location for the 3Com Boot Services installation, at the Choose Destination Location screen, click Next. b To accept the default location for the TFTP boot directory (C:\TFTPBOOT), at the Choose TFTP Boot Directory screen, click Next. 4 Select Server as the setup type and click Next. 5 Complete the installation. a At the Select Program Folder screen, click Next. b At the Boot Services Setup Complete screen, click Finish. The C:\TFTPBOOT directory is created and the BOOTPTAB file is copied to this directory. Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–11

5

Installing the 3Com Boot Services Software

Creating a WinPE PXE Boot Image 1

In Ghost Boot Wizard, select WinPE as PreOS.

2 Select TCP/IP Network Boot Image. 3 4

Accept default Ghost settings or add parameters. Specify network settings.

5 Include additional files as needed. 6 Specify TFTP settings. 7 Create boot image.

Creating a WinPE PXE Boot Image To boot client computers from the network using 3Com Boot Services software and run Ghost32.exe, perform the following steps: 1 Run the Ghost Boot Wizard, select WinPE as the PreOS and click Next. 2 Select TCP/IP Network Boot Image and click Next. 3 To accept the default Ghost executable settings, at the Client Type screen, click Next. 4 Specify network settings. a At the Network Client Configuration screen, leave all fields blank and click Next. b At the Network Client Address screen, verify that the option “DHCP will assign the IP settings” is selected and click Next. 5 At the Additional Files screen, click Next. Note: If you are using the DeployAnywhere option with PXE, you need to include both Ghdplyaw32.exe and Ghconfig32.exe in the boot image. Both files can be found in C:\Program Files\Symantec\Ghost on the computer where the Ghost Standard Tools are installed. 6 Specify TFTP settings. a In the TFTP Root Directory field, specify the path to your TFTP server root directory. (C:\TFTPBOOT). b In the Name field, specify the name for the WinPE boot image you are creating.

5–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Create the boot image. a Review the settings you have selected, then click Next to create the boot image. b At the last screen of the wizard, click Finish. c Copy bootmgr.exe from C:\TFTPBOOT\boot to C:\TFTPBOOT. This enables the TFTP server to locate and communicate with the boot manager and load the boot image.

5

7

Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–13

Editing the BOOTPTAB

1 Start BOOTPTAB Editor. 2 Add new host to BOOTPTAB file. 3 Configure new host. 4 Save changes to BOOTPTAB file.

Editing the BOOTPTAB 1 Select Start—>Programs—>3Com Boot Services—>BOOTPTAB Editor. 2 Select Edit—>Add Host to add a new host to the BOOTPTAB file. 3 On the Identification tab, perform the following: a Select the option “Use node for name.” b In the Node field, enter 12 question marks (for example: ????????????). This allows any MAC address to connect to the PXE server. c In the Image field, type: /boot/pxeboot.n12 IMPORTANT: You must type the path to the boot image, not browse to it. If you browse to the image, the PXE boot process will fail. d Click OK. 4 In the main BOOTPTAB Editor window, click File —> Save, then exit the BOOTPTAB Editor.

5–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Starting the 3Com TFTP Server Select SelectStartÆProgramsÆ StartÆProgramsÆ 3Com 3ComBoot BootServicesÆ ServicesÆ TFTP TFTP Server. Server.

Starting the TFTP Server Software

5

To start the 3Com TFTP Server, select Start—>Programs—>3Com Boot Services—>TFTP Server.

Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–15

Starting the 3Com PXE Server Select SelectStartÆProgramsÆ StartÆProgramsÆ 3Com 3ComBoot BootServicesÆ ServicesÆ PXE PXEServer. Server.

Starting the PXE Server Software To start the 3Com PXE Server, select Start—>Programs—>3Com Boot Services—>PXE Server. Note: If you installed 3Com Boot Services on a computer that does not provide DHCP services, click “Yes” when prompted to enable Proxy DHCP. This is required for the 3Com PXE Server to work correctly when it is installed on a computer that is not running the DHCP service.

5–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Configuring the DeployCenter PXE Environment 1 2 3

Launch PXE Configuration Utility. Add virtual floppy to PXE system. Assign PXE client menu item to virtual floppy.

4 Reorder PXE client menu items as desired. 5 Configure PXE client menu. 6 Assign MAC address to virtual floppy. 7 Reorder MAC addresses.

The DeployCenter PXE server software included in the Ghost Solution Suite is fully supported by Symantec and is easy to set up and use. DeployCenter’s PXE server runs as a service, allowing PXE clients to boot to the network and choose from a menu of virtual floppies. By making a selection from the menu, the virtual floppy is immediately loaded and the PXE client boots to the selected environment. You can add any virtual floppy to this menu. DeployCenter includes a PXE Configuration Utility that simplifies the setup and use of the DeployCenter PXE service. To use this utility to configure the DeployCenter PXE environment: 1 Launch the DeployCenter PXE Configuration Utility (Start—>Programs— >Symantec DeployCenter—>DeployCenter Tools—>PXE Configuration Utility). 2 Add a virtual floppy to the PXE system. Note: Before you can add a virtual floppy to the PXE menu, you must have created a virtual floppy using Boot Disk Builder. You cannot add a virtual floppy if one does not exist. a Click the PXE Virtual Floppies tab, then click Add. b Specify the full path to the virtual floppy, including the filename, then click OK. The virtual floppy is now available to the PXE system. The location of each virtual floppy you add is also specified in the list box.

Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–17

5

Configuring the DeployCenter PXE Environment

Assign a PXE client menu item to a virtual floppy. a Click the PXE Client Menu tab, then click Add. b Type the text you want to assign to the virtual floppy’s boot option as it will appear on the PXE client menu. Make sure this text is descriptive of what the virtual floppy will do. c Select a virtual floppy from the drop-down list to associate with the text you typed in the previous step, then click OK. The menu text and associated virtual floppy appear in the list box. 4 Reorder PXE client menu items as desired. a On the PXE Client Menu tab, select a menu item name. b Click Up or Down to move the menu item where you want it to appear on the PXE client menu. 5 Configure the PXE client menu. a On the PXE Client Menu tab, click Configure. b In the “PXE client menu prompt” field, type the text that you want to display at the top of the PXE client menu. c (Optional) To allow the PXE client menu to time out, select the option “If no keys hit, time out and do local boot,” then specify the number of seconds you want the menu to remain visible before the computer automatically boots from the local hard drive. d Click OK. 6 Assign a MAC address to the virtual floppy. a Click the MAC Assignment tab, then click Add. b Enter the MAC address you want to assign. To assign an entire group of contiguous MAC addresses, use a ** or .. in place of a two-digit text field. c From the Assignment drop-down list, select the virtual floppy that you want to associate with the MAC address. If there is no virtual floppy task that the assigned computer needs to run, select Boot to local hard disk to force PXE to boot the computer as normal. d (Optional) If you want the client computer to boot the assigned virtual floppy only one time, select the option “Run once and then change to Local Boot.” After the client computer has booted the assigned virtual floppy, it will revert to the local hard disk boot for all subsequent PXE boots. e Click OK. The MAC address and associated virtual floppy task appear in the list box. 3

5–18

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Reorder MAC addresses. The order of MAC addresses is important. When searching for a matching MAC address, the PXE server uses the first address it finds in the list. Therefore, addresses with wildcards (such as ** or ..) in the MAC address field should be placed at the bottom of the list, and specific, non-wildcard MAC addresses should be moved to the top of the list. To reorder MAC addresses: a On the MAC Assignment tab, select a MAC address. b Click Up or Down to move the address to the desired position.

5

7

Lesson 5 Using Boot Packages Copyright © 2008 Symantec Corporation. All rights reserved.

5–19

Lesson Summary Key Points In this lesson, you learned about: – The different ways you can use the boot packages you create with the Ghost Solution Suite – Using Boot Disk Builder to build a QuickBoot executable – The different PXE versions included with Ghost Solution Suite – Configuring 3Com Boot Services PXE in preparation for performing remote deployments with Ghost – Configuring DeployCenter PXE in preparation for performing remote deployments with DeployCenter

Lab 5: Using Boot Packages In this lab, you: •Use a Linux-based Ghost ISO image •Use a WinPE-based Ghost Virtual Partition •Use a DOS-based Ghost Virtual Partition •Use a DeployCenter Virtual Floppy / QuickBoot Executable •Use PXE with Ghost •Use PXE with DeployCenter

5–20

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 6 Creating and Restoring Images

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives After completing this lesson, you will be able to:

Topic

6–2

Methods of Creating Images

Describe the different types of im ages you can create with Ghost Solution Suite.

Determ ining an Imaging Str ategy

Plan an effective imaging str ategy in preparation for cr eating im ages for deployment.

Creating an Image Using the Ghost PreOS G UI

Cr eate an image using the Ghost PreOS GUI.

Creating an Image Using the Im ageCenter PreOS GUI

Cr eate an image using the ImageCenter Pr eOS GUI.

Restor ing an Im age Using the G host Pr eOS GUI

Restore an image using the G host Pr eOS GUI.

Restor ing an Im age Using the Im ageCenter PreOS GUI

Restore an image using the ImageCenter PreOS GUI.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Methods of Creating Images

You can create the following image types with the Ghost Solution Suite:

Sector-based images File-based images SmartSector-based images

Methods of Creating Images

6

The Ghost Solution Suite offers a variety of methods for creating images. The method you choose depends on your needs. Following is a summary of the Ghost Solution Suite’s available image types.

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–3

Advantages and Disadvantages of Image Creation Methods Imaging Method

Advantages

Disadvantages

Sector-based

Exact copy of hard drive (all optimizations/customizations are preserved)

• Large image file sizes • Longest imaging times • No image editing

File-based

• Generally takes less time than sector-based method to create images • Smaller image file sizes • Images can be easily edited

• Disk optimizations and custom izations based on file fragment location are lost • Slow image creation speed if drive is heavily fragmented

SmartSectorbased

• Disk optimizations and customizations based on file fragment location are preserved • Fastest imaging times • Smallest image file sizes

No image editing

Sector-Based Images Both Ghost and ImageCenter can create sector-based images. With this image type, the hard disk is copied sector by sector, sequentially. The main advantage of this image type is that sector-based images capture a precise copy of a hard drive. When the image is restored, all data is restored exactly as it existed on the original drive, thus preserving all optimizations and customizations from the original drive. Disadvantages of this image type are: • Since every hard drive sector is included in the image, image file sizes are large. • Since data is copied sequentially one sector at a time, sector-based images take the longest to create. • It is not possible to edit sector-based images. File-Based Images Ghost creates file-based images by default. With this image type, files are copied one at a time from the hard drive to the image. The advantages of this image type are: • Provided that files are not heavily fragmented on the hard drive, file-based images can be created faster than sector-based images. • File-based images are smaller than sector-based images. • It is easy to edit images (that is, add files to or remove files from images).

6–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Disadvantages of this image type are: • Disk optimizations and customizations based on the location of file fragments on a disk are lost (such as optimal file fragmentation for increased disk performance). • Image creation speed can be slow if a drive is heavily fragmented (since Ghost must search for file fragments across a hard drive and copy them before it can begin copying the next file). SmartSector-Based Images ImageCenter’s default imaging mode is called “SmartSector” imaging. SmartSector technology is a variation of sector-based imaging. It also performs a sequential sector-by-sector copy of all data on a hard drive, but unlike normal sector-based imaging, it skips sectors that do not contain data. The main advantages of this image type are: • Disk optimizations and customizations based on the location of file fragments on a disk are preserved. • SmartSector-based images can usually be created more quickly than either filebased or normal sector-based images, since only used sectors are copied. • SmartSector-based images are often much smaller than either file-based or normal sector-based images.

6

Like sector-based images, the main disadvantage of this image type is that it is not possible to edit images.

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–5

Determining an Imaging Strategy

When preparing to create images for deployment, consider:

Im age storage locations Image file-naming standard

Determining an Imaging Strategy In preparation for creating base images for deployment, there are a number of things you should consider to ensure that everything goes smoothly both during and after the deployment effort.

6–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Determining an Imaging Strategy

Image Storage Locations • The folder where you store your deployment images should be in a central location on your corporate network. • All the computers to which you want to deploy an image must be able to access this network share. (This requirement does not apply if you are using GhostCast Server, PowerCasting, or the Ghost Console to deploy images.)

Image Storage Locations Ideally, the folder where you store your deployment images (which we will refer to throughout the rest of this course as the “image repository”) should be in a central location on your corporate network. All the systems to which you want to deploy an image must be able to access this network share.

A centrally located image repository has several advantages. By keeping your images in a central network location, not only is it easier to find your images and deploy them to machines across the network, but it is also easier to back up your images.

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–7

6

Note: The requirement for all systems to be able to access the image repository does not apply if you intend to use GhostCast Server, PowerCasting, or the Ghost Console to deploy images.

Determining an Imaging Strategy

Image File-Naming Standard 1. Come up with a standard that makes sense and is consistent for all the computers within your company. For example: WXP0408.gho = Windows XP Ghost image created in April 2008 WXPSP3.pqi = Windows XP Service Pack 3 ImageCenter image 2. Stick to your standard.

Image File-Naming Standard The most important considerations when deciding on a naming standard for your base images are:

6–8

1

Come up with a standard that makes sense and is consistent for all the systems within your company. For Ghost and ImageCenter images that must be restored in DOS, image names should conform to the DOS 8.3 file-naming convention (that is, eight or fewer characters for the main filename and three characters for the filename extension). For example, you might name images based on operating system and the date the image was created: WXP0408.gho = Windows XP Ghost image created in April 2008 You might also name images based on operating system and service pack: WXPSP3.pqi = Windows XP with Service Pack 3 ImageCenter image

2

Stick to your standard.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Valid Destinations for Ghost Image Files

Ghost images can be saved to the following locations: • Secondary hard disk • Secondary partition on hard disk (partition backup only) • CD-R/RW or DVD-R/RW/+R/+RW • FireWire hard disk • USB hard disk • Tape • Locally mapped network file server • Another computer using a peer-to-peer connection

Creating an Image Using the Ghost PreOS GUI

Compression may affect the speed of your operation. When you select a compression level, Ghost estimates the amount of space available for the destination image file. If there is insufficient space, Ghost prompts you to enable spanning of image files.

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–9

6

Ghost images can be stored on the following media: • Secondary hard disk • Secondary partition on hard disk (partition image only) • CD-R/RW or DVD-R/RW/+R/+RW • FireWire hard disk • USB hard disk • Tape • Locally mapped network file server • Another computer using a peer-to-peer connection

Creating an Image Using the Ghost PreOS GUI

1 2 3 4

Boot to Ghost PreOS environment. Specify source drive or partition to image. Specify image file destination and name. Select compression level.

5 Create image. 6 Verify integrity of image file.

To create a Ghost image: 1 From a Ghost boot package you have created, boot to the Ghost PreOS environment. 2 Specify the source drive or partition you want to image. a On the Ghost main menu, select Local—>Partition—>To Image (or to create an image of the entire disk, select Local—>Disk—>To Image). b In the Source Drive dialog box, select the source drive and click OK. The Source Drive dialog box contains the details of every disk that Ghost finds on the local computer. c If you are creating an image of individual partitions, select the source partitions to include in the destination image file and click OK. The Source Partition dialog box contains the details of all the partitions on the selected source disk. You can select multiple partitions. 3 In the File Name field, specify the image file destination and name and click Save. 4 In the Compress Image dialog box, select a compression level. If Ghost detects that there is not enough space for the image file, you are prompted to enable spanning.

6–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

CAUTION

Ensure that you store spanned Ghost images in separate folders. This is important because Ghost uses the same filenames for all image file segments, regardless of the image to which the file segments belong. Therefore, if you save a new spanned image in the same folder as a spanned image you created previously, Ghost will overwrite the segments of the older image file.

In the Proceed with partition image creation? dialog box, to proceed with the image file creation, click Yes. The system performs a quick integrity check of the file structure on the source partitions, and then copies the source partitions to the destination image file. If you need to abort the process, press Ctrl+C, but be aware that this action leaves the destination image file in an unknown state. If spanning is required, insert new media as prompted during the image creation process. 6 After the image has been successfully created, verify the integrity of the image file by selecting Local—>Check—>Image File, browsing to and selecting the image, and clicking Yes when asked to proceed with the integrity check.

6

5

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–11

Valid Destinations for ImageCenter Image Files

Destinations with a drive letter: • Floppy drives • Secondary hard drives • Network drives • Removable media storage devices

Destinations without a drive letter: • Hidden NTFS, FAT, and FAT32 partitions • Standard MMC2-compliant IDE or SCSI CD-R or CD-RW

Creating an Image Using the ImageCenter PreOS GUI ImageCenter, DeployCenter’s PreOS interface, enables you to create image files on any physical or logical drive that has been assigned a drive letter, including the following: • Secondary hard drives • Network drives • Removable media storage devices You can also create image files on hidden NTFS, FAT, and FAT32 partitions and standard MMC2-compliant IDE or SCSI CD-R or CD-RW drives that have not been assigned drive letters. If you are unsure whether a drive is available to save an image file, click Browse and all of the available drives will display.

6–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Preparing to Create an ImageCenter Image File

1. Run a disk utility program to identify and repair any errors on your hard disk. 2. Run a disk defragmenting utility to further optimize your hard drive. 3. In the BIOS, disable virus detection.

Preparing to Create an ImageCenter Image File 1 Before creating an image with ImageCenter, use a disk utility program to identify and repair any errors on your hard disk. Under Windows XP or Vista, run CHKDSK /F. 2 You may also choose to run a disk defragmenting utility to further optimize your hard drive. 3 Disable virus detection in the BIOS before creating an image file. If virus protection is enabled, ImageCenter may hang after you click Finish or incorrectly report a virus when you reboot. 4 Check to ensure that the drive where you want to create an image is available in the PreOS environment. You can see the available drives by clicking Browse at the Name Image File screen. You may need to set up removable media or create boot disks to access network drives before you can create an image.

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–13

6

4. In the PreOS environment, verify the availability of the destination drive where you want to save the image.

Creating an Image Using the ImageCenter PreOS GUI

1 2 3

Boot to ImageCenter PreOS environment. Specify source to image. Enter desired path and image filename.

4 Specify imaging options. 5 Create image.

Creating an ImageCenter Image 1 Boot to the ImageCenter PreOS environment from a DeployCenter boot package you have created, and at the ImageCenter main screen, click Create Image. If you have more than one hard drive in your computer, the Select Source Drive screen is displayed. 2 Select the disk you want to create an image of. 3 Browse to the image file you want to restore and click Next. You must save your image file to a partition that you are not including in your image file. You can click Browse to find the directory where you want to save the image file. Click Browse to select a CD-R or CD-RW drive because you cannot just type the CD-R drive letter to save an image to CD. CD drives are displayed in the list as \\.\pqcdx\name of drive, where x is the number of the CD drive. If you are planning to restore the image by running ImageCenter from the rescue diskettes, you must save the image to a FAT, FAT32, or NTFS partition. To save an image to a hidden FAT partition or to an NTFS or FAT32 partition that has not been assigned a drive letter, click Browse to display the New Image File dialog box. From the New Image File dialog box, select the image. A hidden FAT partition or an NTFS or FAT32 partition is displayed in the Drives list as \\.\Diskn.Partm, where n is the number of the disk and m is the number of the partition on that disk. For example, if an NTFS partition is the third partition on the first disk, the partition is displayed as \\.\Disk1.Part3. To further identify the partition, the volume label, if available, is displayed. 6–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–15

6

Important Notes: – If you include spaces or extended characters in the filename, you may not be able to access the image file from ImageCenter, the DOS PreOS environment, or ImageExplorer. – If you are creating an image on CD-RW media, the media must be empty but not formatted. You cannot save more than one image file to a single CD or create images on CDs that already contain other data. You cannot save images to local Linux partitions. Ensure that there is no existing file with the same name, unless you want the existing file to be overwritten. ImageCenter uses .PQI as the default image filename extension. If an image is split because it exceeds 2 GB in size or to span media, the first segment of the image file has the name you specify. Subsequent segments have the extensions .002, .003, and so on. 4 Specify imaging options. a Select the desired compression level and click Next. Be aware that if you create an image file that is larger than 2 GB, the file is automatically split into multiple files (segments). › No Compression is usually the fastest method for creating an image file and is useful if storage space is not an issue. However, if you are saving your image file to a busy network drive or to a relatively slow removable media device, high compression may be faster than no compression because there is less data to write to the file. ImageCenter selects No Compression by default. › Low compression offers a 40 percent average compression ratio. › High compression offers a 50 percent average compression ratio. You cannot read compressed ImageCenter images with Symantec Drive Image or Drive Image Pro. b (Optional) To split an image file into multiple files (for removable media), disable file system error-checking or SmartSector copying, password protect your image file, verify the integrity of the image file after it is created, or verify disk writes, click Advanced Options. 5 To create the image file, click Finish. If you entered a name of a current file, ImageCenter displays a message that path and filename already exists. You can replace the existing file or choose a new filename. If you click Replace, the existing image file is immediately deleted. If ImageCenter detects that you are saving your image file to a floppy drive or removable media, it enables a media-spanning feature that spreads the image file over a series of disks. You must have at least 128K of available space on each disk in the series. If you use the media-spanning feature, ensure that you number the disks in order because you must insert them in the correct sequence when restoring the image file. The Creating the Image dialog box is displayed.

Upon completion, the following message is displayed: Image was copied successfully to file: image filename If you created the image on CD media, the CD is bootable. If you experience a system crash that renders your computer unbootable, you can boot from the image CD and restore the image file to fix your system. IMPORTANT: Because operating system conflicts can result from different hardware configurations, you should not restore your image to a system that has different hardware.

6–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Restoring an Image Using the Ghost PreOS GUI

1 2 3

Boot to Ghost PreOS environment. Select image to restore. Specify destination for image restore.

4 Restore image.

To restore a disk from a Ghost image: 1 From a Ghost boot package you have created, boot to the Ghost PreOS environment. 2 Select the image you want to restore. a On the Ghost main menu, select Local—>Disk—>From Image. b Browse to and click the image file you want to restore. The image file may reside on a local drive or on a locally mapped network file server. When using a peer-to-peer connection, the image file is located on the slave computer. 3 Specify the location to which you want to restore the image. a In the Destination Drive dialog box, select the destination disk and then click OK. Choose carefully because this is the disk that will be overwritten. The Destination Drive dialog box shows the details of every drive that Ghost finds on the local computer. b In the Destination Drive Details dialog box, confirm or change the destination disk partition layout and click OK. The Destination Drive Details dialog box shows a suggested partition layout for the destination disk. By default, Ghost tries to maintain the same size ratio between new disk partitions. You can change the size of any target FAT, NTFS, or Linux Ext2/3 partition by entering the new size in megabytes.

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–17

6

Restoring an Image Using the Ghost PreOS GUI

You cannot enter a value that exceeds the available space, is beyond the file system’s limitations, or is not large enough to contain the data held in the source image. CAUTION

4

The Destination Drive Details dialog box shows a suggested partition layout for the destination drive after the cloning process is completed. This partition layout may mirror the source drive layout. Therefore, the destination drive details appear similar to the source drive.

To begin restoring the image, click Yes. If you are restoring a spanned image, you are prompted to specify the location of each image segment as it is needed.

When the restore process is complete, restart the computer. Symantec recommends that you also verify the integrity of the destination disk by running Symantec Disk Doctor, Chkdsk, ScanDisk, or a similar utility.

6–18

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Restoring an Image Using the ImageCenter PreOS GUI

1 2 3

Boot to ImageCenter PreOS environment. Enter path and filename of image file to restore. Specify destination options.

4 Set advanced restore options as desired. 5 Restore image.

Important: If the BIOS of the computer you are restoring the image to includes a virus detection feature, disable it. If virus protection is enabled, ImageCenter may hang after you click Finish or incorrectly report a virus when you reboot. 1 Boot into the ImageCenter PreOS environment from a DeployCenter boot package you have created, and at the ImageCenter main screen, click Restore Image. 2 In the Image File field, enter the path and filename of the image file you want to restore, or click Browse to select the path and image file, then click Next. If you assigned a password to the image file when you created it, the Get Image File Password dialog box appears. You must enter the password to restore the image file. Symantec does not maintain image file passwords or have a workaround for restoring password-protected images without the password. You can restore an image from a hidden NTFS, FAT, or FAT32 partition by choosing it from the Open Image File dialog box that appears when you click Browse. A hidden NTFS partition will appear in the Drives list as \\.\Diskn.Partm, where n is the number of the disk and m is the number of the partition on that disk. To further identify the hidden partition, the volume label will display, if available. If you click Browse and select an image file, you will have an option to verify the integrity of an image file before you attempt to restore it. Click Verify, and ImageCenter will check to see that all of the files in the image are available for you to open, the internal data structures in the image file match the data that is

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–19

6

Restoring an ImageCenter Image Using the ImageCenter PreOS GUI

available, and the image file can be uncompressed and create the expected amount of data. ImageCenter reports whether the image file passes or fails the integrity check. If you are running ImageCenter from rescue diskettes, you can restore image files from FAT, FAT32, or NTFS partitions. 3 Specify destination options. a Select the drive to which you want to restore the image, then click Next. b Select an unallocated space or existing partition to which you want to restore the image. When you restore an image to unallocated space, ImageCenter creates a new partition for the image. The unallocated space where you restore an image must be at least as large as the used space required by the image. For example, if you created an image of a 20 GB partition that included 5 GB of data, the unallocated space where you restore the image must be at least 5 GB. In addition, if you are restoring an NTFS partition, it cannot be resized below the master file table (MFT), regardless of how much data is included in the partition. The MFT is generally near the midpoint of the partition. If you select an existing partition as the destination, ImageCenter displays a dialog box telling you that the existing partition will be deleted before your image file is restored. ImageCenter does not delete the partition until you click Finish on the Ready to Restore Image File screen. If the unallocated space on the destination drive is greater than the space required to restore the selected partitions, the Resize Options dialog box appears. Choose to automatically resize partitions proportionally to fit, leave remaining unused space, or resize partitions manually to fit. 4 (Optional) If you want to enable bad-sector checking, enable disk-write verification, check for file system errors, or hide partitions after they are restored, click Advanced Options. Important Notes: – Restoring partitions can cause the drive letters of subsequent partitions to change. This may make the computer unbootable or cause applications to fail. – If you are restoring a primary partition that contains an operating system, and the partition will not replace your existing primary partition, you must click Advanced Options and choose to hide the partition after restoring it. Otherwise, data corruption could occur. 5 Click Finish to begin restoring the image file. If ImageCenter detects that you are restoring your image file from removable media, it enables a media-spanning feature that is capable of reading the image file from a series of disks. As ImageCenter prompts you for each media, be careful to insert them sequentially. The Restoring the Image dialog box appears, tracking the progress of the image restore. Upon completion, the following message appears: Image was restored successfully. 6–20

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary Key Points In this lesson, you learned about: – The different types of images you can create with Ghost Solution Suite – Planning an effective imaging strategy in preparation for creating images for deployment – Creating an image using the Ghost PreOS GUI – Creating an image using the ImageCenter PreOS GUI – Restoring an image using the Ghost PreOS GUI – Restoring an image using the ImageCenter PreOS GUI

Lab 6: Creating and Restoring Images In this lab, you: •Create an image using the WinPE-based Ghost boot environment. •Create an image using the DOS-based DeployCenter QuickBoot executable boot environment. 6

•Restore an image using a PXE-based Ghost boot environment. •Restore an image using a PXE-based DeployCenter boot environment.

Lesson 6 Creating and Restoring Images Copyright © 2008 Symantec Corporation. All rights reserved.

6–21

6–22

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 7 Creating and Restoring Master Images

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives After completing this lesson, you will be

Topic

7–2

able to:

Issues Involved in Deploying Images on a Network

Identify the issues involved in deploying images on a network.

How Microsoft Sysprep Resolves Image Deployment Issues

Explain how Microsoft Sysprep solves image deployment issues.

Using Sysprep for Windows 2000/XP

Use Sysprep for Windows XP/2000 to prepare a reference system for imaging.

Using Sysprep for Windows Vista

Use Sysprep for Windows Vista to prepare a reference system for imaging.

Building and Optimizing the Reference Computer

Prepare a r eference computer for imaging.

Creating a Master Image of the Reference Computer

Create a master image of the reference computer and validate the image.

Restor ing Master Images

Use G host and ImageCenter to restore a master image, and use Ghost’s DeployAnywhere feature to install drivers on the target computer.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Issues Involved in Deploying Images on a Network

When creating an image to deploy an OS to multiple computers, you m ust address the issues of:

SID duplication Computer name duplication Hardware differences

When creating an image to deploy an operating system to multiple computers on a network, there are several important issues that must be addressed: • SID duplication A computer’s SID (Security Identifier) uniquely identifies a user or group to a Windows server. When you log on to your computer, your computer name, user account, and SID are verified to ensure you have valid access to the network. To ensure security, only a single instance of the SID is able to access the network at any given time. This creates a problem when restoring an image to a new system since by restoring your image, you are creating a system with a duplicate SID. If this issue is not addressed, the machine will not be able to log on to the network. • Computer name duplication Similar to the SID, the computer name is used to uniquely identify a computer to a Windows server. When you log on to your computer, your computer name is verified to ensure you have valid access to the network. To ensure security, only a single instance of the computer name is able to access the network at any given time. This creates a problem when restoring an image to a new system since by restoring your image, you are creating a system with a duplicate computer name. If this issue is not addressed, the duplicated machine will not be able to log on to the network. • Hardware differences When Windows is installed, it detects the devices in your system and loads drivers for them. When you create an image of a machine, all this device configuration information is included in the image. This becomes a concern Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–3

7

Issues Involved in Deploying Images on a Network

when restoring the image to systems that do not have the same hardware. The result is hardware conflicts, incorrect device drivers, and misconfigured devices. If this issue is not addressed, you may have serious problems with hardware and may need to spend a large amount of time resolving hardware conflicts and adding new device drivers.

7–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

How Microsoft Sysprep Resolves Image Deployment Issues

• Sysprep strips the SID, computer name, and hardware/driver information from the OS prior to imaging. • When the image is restored to a computer, needed system and hardware information is supplied in one of the following ways: − The computer runs through a setup wizard, allowing the user to manually specify needed computer settings. − Sysprep uses an “answer file” to automatically create all needed computer settings.

How Microsoft Sysprep Resolves Image Deployment Issues Microsoft developed Sysprep to overcome the major issues of deploying Windows computers in network environments. Sysprep resolves these issues by stripping the SID, the computer name, and all hardware and driver information from the operating system just prior to imaging.

7

When the image is restored to other computers, the computers act as though they are in the initial setup mode of Windows, allowing the user to manually specify all needed computer settings. Alternately, Sysprep can automate the creation of a new computer name and SID, configure network settings and domain membership, and detect all new hardware using Plug and Play technology, thus providing a truly automated solution that generates a unique network identity for each computer.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–5

Overview of the Sysprep Process

Overview of the Sysprep Process There are eight main steps involved in using Sysprep to create hardwareindependent, or master, images. The main steps in the Sysprep process are as follows: 1

Obtain the appropriate Sysprep files for the Windows operating system and service pack you want to deploy.

2

Create a Sysprep answer file. This file is used to automate Windows setup on the computers you deploy the master image to.

3

Test the Sysprep answer file to verify that it works properly before you use it in your production environment.

4

Optimize the system you want to use to create the master image.

5

Run Sysprep with the required switches to strip the optimized system of hardware-specific information and to shut the system down in preparation for imaging.

6

Use a PreOS boot package that includes an imaging tool (Ghost or ImageCenter) and capture an image of the Sysprepped system.

7

Test the master image by restoring it to a variety of computers with different hardware configurations.

8

Once you have verified that the master image will work successfully in your environment, deploy it to computers as needed.

This lesson covers each of the preceding steps in detail, first for Windows 2000/ XP, and then for Windows Vista. 7–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Using Sysprep for Windows 2000/XP

Using Sysprep for Windows 2000/XP Where to Obtain Sysprep You can download the appropriate version of Sysprep from Microsoft’s Web site, or you can search your OS installation CD for the file deploy.cab. This is a compressed file that contains all the Sysprep files. IMPORTANT: Only use the version of Sysprep designed for your specific operating system and service pack. For example, do not use the Windows XP version of Sysprep on a Windows 2000 system. Doing so could result in serious errors and possible data loss. Also, if you have downloaded and installed a Service Pack for Windows XP, do NOT use the version of Sysprep that comes on the Windows XP installation CD. Doing so could result in serious operating system errors. Instead, download the Windows XP Corporate Deployment Tools (deploy.cab) for your specific Windows XP Service Pack from Microsoft’s website.

For Windows XP, detailed information about how to use Sysprep is contained in the various .chm files in the deploy.cab file. Make sure to also refer to the readme file for documentation updates and corrections. Windows 2000 users should refer to the unattend.doc file for information about using Sysprep. This document is contained in the deploy.cab file.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–7

7

Sysprep Documentation

Additional Information For additional information on Sysprep, refer to the following Microsoft documents, which have been compiled based on frequently-asked questions and best practices: • “Computer May Hang After Using Sysprep on ACPI-Enabled Computer” (Microsoft Knowledge Base Article 259144) • “HOW TO: Add Customized User Settings When You Run Sysprep in Windows Server 2003” (Microsoft Knowledge Base Article 325858) • “How to Add OEM Plug and Play Drivers to Windows XP” (Microsoft Knowledge Base Article 314479) • “HOW TO: Clear the Paging File When You Use the Sysprep Tool Before Imaging Windows 2000” (Microsoft Knowledge Base Article 295919) • “Event ID 7011 Messages and Computer Stops Responding After You Install Windows XP by Using the Sysprep Utility” (Microsoft Knowledge Base Article 811428) • “Using SysPrep in Factory Mode” (SysPrep 1.1 Help File) • “Microsoft Windows 2000 SysPrep Update – Image Maintenance: Reducing the Number of Master Images Required” (filename: NewSysprep.doc; available in the Docs folder of the Sysprep 1.1 update) Note: The Sysprep 1.1 update for Windows 2000 can be downloaded at: http://www.microsoft.com/windows2000/downloads/ tools/sysprep/default.asp Notes on Using Sysprep with Windows 2000 There are two limitations you should be aware of when using the Sysprep Setup Manager for Windows 2000: • Computer names: Unlike the Windows XP Sysprep Setup Manager, Setup Manager for Windows 2000 does not offer an option to create unique computer names on the target systems. To work around this limitation, simply enter a temporary computer name in Setup Manager when prompted, and once the Sysprep answer file (Sysprep.inf) has been created, open it and change the computer name to an asterisk (*). This causes Sysprep to generate random computer names. • Product key: The Sysprep Setup Manager for Windows 2000 does not allow you to specify a product ID; thus, the CD key must be entered on each target machine the master image is restored to. To work around this limitation, simply add the following entry on a separate line directly after the Computer Name entry in the USERID section of the Sysprep.inf file . . . ProductID=#####-#####-#####-#####-##### . . . replacing the # characters with the valid product ID key. This will automatically populate the product ID field on the target computers when the Sysprep answer file is applied after the master image is restored to them.

7–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Building a Sysprep Answer File (2000/XP)

Building a Sysprep Answer File After a hardware-independent image has been deployed to a computer and the computer is booted into the operating system for the first time, initial configuration information must be provided before the computer can be used. This information includes such things as the product key, the domain the computer should be joined to, the correct time zone, desktop settings, and so on. To automate the process of supplying initial configuration information, you must build a Sysprep answer file. Sysprep uses the information in this file to complete the setup wizard it runs when a newly deployed system is booted for the first time. For the purposes of this topic, we will focus on building a Sysprep answer file for Windows XP. To build a Windows XP Sysprep answer file: Create a folder named Sysprep on the root of the system partition (which is usually C:\) and extract the contents of the deploy.cab file into the Sysprep folder. 7

9

CAUTION

If the Sysprep files are not placed in a folder on the root of the system partition, the Sysprep answer file will not work correctly.

10 Open the Sysprep folder and double-click the file setupmgr.exe.

The setupmgr.exe program is a wizard that helps you create a Sysprep answer file. Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–9

11 At the Setup Manager wizard welcome screen, click Next. 12 Choose to create a new answer file. 13 When asked which type of setup Sysprep is being used for, select Sysprep

setup. 14 Select the appropriate operating system (in this case, Windows XP

Professional). 15 Choose to fully automate the installation so that users do not have to accept

Microsoft’s End User License Agreement when the master image is restored to their computers. 16 Specify a name and organization.

This can simply be the location of your users and your company name (for example, Name: Lindon, UT; Organization: Symantec). 17 Assign the desired display settings.

If you already specified these settings when you configured the operating system, you can choose to use the defaults. 18 Choose the correct time zone for your area. 19 Enter the CD key for the operating system you have installed. 20 Choose to automatically generate a computer name.

This causes Sysprep to create a unique computer name for each system the master image is restored to. The computer names will be based on your organization name. 21 Leave the administrative password fields blank and do not choose to

automatically log on. 22 Choose the appropriate network settings for the system.

In most cases, you should choose the typical settings. 23 Specify that computers will participate in a domain.

Select Domain and specify the required domain name. b Select “Create a computer account in the domain” and specify an admin name and password that has rights to add users’ computers to the domain. a

7–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

24 Edit any of the following advanced settings as desired:

– Telephony – Regional Settings – Languages – Install Printers 25 If desired, use the Run Once setting to specify a command that should be

executed the first time (and only the first time) the operating system boots. Note: The Run Once setting is usually used to start an application installation or to run an application that is already installed. An example would be starting a migration utility to migrate previous user settings to the new operating system. 26 If desired, use the Additional Commands setting to specify a command that

should execute upon the completion of Sysprep but before the system boots for the first time. Note: This setting is ordinarily used to display notifications to the end user. 27 In most cases, you can ignore the Identification String, since it is rarely used in

today’s computing environments, and click Finish to close the Setup Manager wizard. 28 Save the Sysprep answer file (Sysprep.inf) to the same folder (that is, the

Sysprep folder) from which you executed the setupmgr.exe file 29 Click Cancel to close Setup Manager. 30 Use Notepad to open the Sysprep.inf file that you created in

C:\Sysprep and type the following heading at the end of the file: [SysprepMassStorage] 31 Save the Sysprep.inf file. 32 Select Start—>Run, and then run the following command:

7

C:\Sysprep\Sysprep -bmsd This automatically populates the [SysprepMassStorage] section of the Sysprep.inf file with driver information for many common mass storage devices. 33 If you want to add OEM drivers to the Sysprep setup, perform the following

steps (as prescribed in Microsoft Knowledge Base article 314479): a On the root of the volume where the %WinDir% folder is located, create a folder structure to hold the drivers, then copy the drivers to their appropriate subfolders. For example, on the root of C:, create a Drivers folder. Within the Drivers folder, create separate subfolders to hold the drivers for each hardware type (NIC, Video, etc.). Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–11

b

Add the entry OemPnPDriversPath = path to drivers in the [Unattended] section of the Sysprep.inf file. You can list multiple paths in this key by separating them with a semicolon (;), as shown in the following example: [Unattended] OemPnPDriversPath = Drivers\NIC;Drivers\Video

34 Create a backup copy of the Sysprep folder on the root of the system drive.

The reason for doing this is that you should always test your Sysprep answer file before you create a master image to make sure the Sysprep process runs successfully. However, once Sysprep runs and applies the answer file, it automatically deletes the Sysprep folder and all its contents. Without a backup copy, you would have to retrieve all the Sysprep files again and create a new Sysprep answer file from scratch before creating the master image. 35 Close all windows that are currently open.

Note: If you do not close all open windows, these windows will attempt to reopen on the users’ computers after the master image is restored and they boot for the first time. Not only is this an annoyance to users, but it can also cause errors if the windows were associated with folders that no longer exist (such as the Sysprep folder, which is automatically deleted after Sysprep has been run). 36 Select Start—>Run, and enter the command line and switches needed to run Sysprep.

For example: C:\Sysprep\Sysprep.exe -mini -reseal -quiet -reboot

The switches provide the following functionality: -mini Tells Sysprep to use the answer file you created -reseal Removes system-specific information from the Windows installation -quiet Tells Sysprep to run without displaying user prompts -reboot Tells Sysprep to reboot the system upon completion In addition to the preceding switches, you can also use the -pnp switch to perform an in-depth search of hardware and devices. This helps ensure that all devices will work correctly once the image is restored. Be aware, however, that this switch causes machines to run slowly for about 45 minutes to 2 hours while the detection process is being performed. There should be a slight delay while Sysprep strips information from the system, and then the machine should automatically reboot. If an error occurs during the Sysprep testing process, re-create and re-test the answer file until the test is successful. 37 Rename the backup copy of the Sysprep folder to C:\Sysprep\. 38 Copy the Sysprep folder to a centrally accessible location (for example, a network

drive) for future deployment projects.

7–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Example of a Modified Sysprep.inf File [Unattended] InstallFilesPath="%systemdrive%\WINNT\I386" OemPreinstall=Yes OemSkipEula=Yes OEMPnPDriversPath=drivers\audio;drivers\net\3com;drivers\net\i ntel DriverSigningPolicy=ignore UnattendedMode=FullUnattended InstallFilesPath=C:\sysprep\i386 TargetPath=\WINNT [GuiUnattended] AdminPassword=mechanics AutoLogon=Yes AutoLogonCount=1 OEMSkipRegional=1 TimeZone=35 OemSkipWelcome=1 [UserData] FullName="IT Infrastructure" OrgName="Company Name" ComputerName=* ProductID = AAAAA-BBBBB-CCCCC-DDDDD-EEEEE [SetupMgr] DistFolder=C:\sysprep\i386 DistShare=win2000dist [Identification] JoinWorkgroup=WORKGROUP [Networking] 7

InstallDefaultComponents=No ;GuiRunOnce] ;"C:\SYSPREP\SYSPREP.EXE -clean" [NetClients] MS_MSClient=params.MS_MSClient [data] UseBIOSToBoot=1

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–13

UnattendedInstall=Yes [SysPrepMassStorage] ;usage format for 3rd party mass storage device drivers ;=,,, ;Other IDE Devices PCI\CC_0101=%systemroot%\inf\mshdc.inf PCI\VEN_0E11&DEV_AE33=%systemroot%\inf\mshdc.inf PCI\VEN_1039&DEV_0601=%systemroot%\inf\mshdc.inf PCI\VEN_1039&DEV_5513=%systemroot%\inf\mshdc.inf PCI\VEN_1042&DEV_1000=%systemroot%\inf\mshdc.inf PCI\VEN_105A&DEV_4D33=%systemroot%\inf\mshdc.inf PCI\VEN_1095&DEV_0640=%systemroot%\inf\mshdc.inf PCI\VEN_1095&DEV_0646=%systemroot%\inf\mshdc.inf PCI\VEN_1097&DEV_0038=%systemroot%\inf\mshdc.inf PCI\VEN_10AD&DEV_0001=%systemroot%\inf\mshdc.inf

7–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Using Sysprep for Windows Vista

Using Sysprep for Windows Vista Where to Obtain Sysprep When you install Vista, Sysprep is installed in the \Windows\system32\sysprep directory. Sysprep is only supported in Windows Vista Business, Enterprise, and Ultimate.

1

Go to Microsoft’s Web site (www.microsoft.com/downloads).

2

Search for WAIK.

3

Download the Windows AIK disk image for the version of Vista you are deploying.

4

Burn the image to DVD and install Windows AIK on the computer where you want to create the Sysprep answer file.

Note: As of July 2008, the developers of the Ghost Solution Suite 2.5 course were unable to get Vista SP1 to successfully process a Sysprep answer file created with the Windows AIK for Vista SP1. Consequently, Symantec recommends that you use a pre-SP1 installation of Vista to create your answer file and your master image, and then deploy SP1 as a software package to users’ computers.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–15

7

To create the Sysprep answer file (sysprep.xml), use the Windows System Image Manager tool, which is included in the Windows Automated Installation Kit (Windows AIK). To install this kit:

System Requirements If you are using a Windows 2000/XP system to create the Vista Sysprep answer file, you must install the following software in order to use the Windows Automated Installation Kit: • MSXML 6 • .NET 2.0 Note: MSXML 6 and .NET 2.0 are installed by default in Windows Vista. Sysprep Documentation You can find detailed information about how to use the Windows AIK in the various .chm files in the \docs\chms folder on the Windows AIK DVD. You can find Sysprep documentation in the waik.chm file under the topic “Deployment Tools Technical Reference.” Also, refer to the readme.htm file for documentation updates and corrections. Additional Information Following are some additional sources of information related to Vista deployment: •

Windows Vista Deployment Step by Step Guide http://technet2.microsoft.com/WindowsVista/en/library/ 88f80cb7-d44f-47f7-a10d-e23dd53bc3fa1033.mspx



How Configuration Passes Work http://technet2.microsoft.com/WindowsVista/en/library/ 791eb40e-6624-4217-b913-82a02e07465d1033.mspx



Comparing Windows XP and Windows Vista Deployment Technologies http://technet2.microsoft.com/WindowsVista/en/library/ 2957d7c4-02c7-4205-afb5-f03434d8f37d1033.mspx



Deploying Vista with Sysprep and ImageX http://www.svrops.com/svrops/articles/sysprepvista.htm

7–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Building a Sysprep Answer File (Vista)

Building a Sysprep Answer File After a hardware-independent image has been deployed to a computer and the computer is booted into the operating system for the first time, initial configuration information must be provided before the computer can be used. This information includes such things as the product key, the domain the computer should be joined to, the correct time zone, desktop settings, and so on. To automate the process of supplying initial configuration information, you must build a Sysprep answer file. Sysprep uses the information in this file to complete the setup wizard that runs when a newly deployed system is booted for the first time. In this topic, we will create a basic answer file that meets some common deployment needs. Our example is not intended to be an ideal answer file; rather, it is intended to give you a brief introduction to the wide range of Sysprep configuration options available in the Windows System Image Manager tool.

1

Insert the Windows Vista installation DVD, open the sources folder on the DVD, and copy the file install.wim to a folder on your hard disk (for example, C:\vista_install\install.wim). The install.wim file is the Vista installation image. It will be used to create a local catalog of Vista components that can be configured in the Sysprep answer file.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–17

7

To build a Vista answer file:

7–18

2

Launch Windows System Image Manager (Start—>Programs—> Microsoft Windows AIK—>Windows System Image Manager).

3

In Windows System Image Manager, select File—>Select Windows Image, then browse to and open the install.wim file you copied to the hard drive.

4

Select the version of Windows Vista you are deploying, then click OK.

5

When prompted to create a catalog, click Yes. The catalog is a binary file that lists all the settings in the Vista installation image. You will select components from the catalog file to add as configuration entries in the Sysprep answer file.

6

After the catalog file has been created, select File—>New Answer File. An untitled answer file is added in the Answer File pane.

7

In the Windows Image pane, expand the Components item. Note: To view context-sensitive help on components and settings in the Windows AIK, select the component or setting you want to learn about and press the F1 key.

8

In the Components list, perform the following: a Right-click “x86_Microsoft-Windows-Security-Licensing-SLC” and select “Add Setting to Pass 3 generalize.” What this component does: Controls what happens to licensing values set during system installation and testing. Our purpose for using it: To prevent Sysprep from resetting Vista activation-related licensing and registry data during the “generalize” pass when it strips out system-specific information. b Right-click “x86_Microsoft-Windows-Deployment” and select “Add Setting to Pass 4 specialize.” What this component does: Enables you to specify settings related to auditing a computer. Our purpose for using it: To run a command that enables Vista’s built-in administrator account. c Right-click “x86_Microsoft-Windows-Shell-Setup” and select “Add Setting to Pass 4 specialize.” What this component does: Enables you to control how the Windows shell is installed on destination computers. Our purpose for using it: To configure various settings for the Windows environment, including product key, time zone, default look and feel of the desktop, and so on. d Right-click “x86_Microsoft-Windows-UnattendedJoin” and select “Add Setting to Pass 4 specialize.” What this component does: Enables you to join computers to a domain during the “specialize” pass. Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Our purpose for using it: To specify settings needed to join deployed computers to a domain. e Right-click “x86_Microsoft-Windows-International-Core” and select “Add Setting to Pass 7 oobeSystem.” What this component does: Enables you to specify language and input locale settings for the system and user. Our purpose for using it: To set system locale and language. f Right-click “x86_Microsoft-Windows-Shell-Setup” and select “Add Setting to Pass 7 oobeSystem.” What this component does: Enables you to control how the Windows shell is installed on destination computers. Our purpose for using it: To specify organization and owner information, and to configure various other settings for the Windows environment, including user accounts and passwords. Note: If you experience problems with Plug and Play detecting incorrect drivers on newly deployed computers (which sometimes happens when deploying virtual machines in VMware), consider adding the “x86_Microsoft-WindowsPnpSysprep” component to the generalize pass and setting “PersistAllDeviceInstalls” to “True.” This prevents Sysprep from stripping out device drivers during the generalize pass. Although this can resolve the issue of incorrectly detected drivers, generally you should not make this configuration when creating a master image file because it prevents Plug and Play from detecting new devices on deployed systems. 9

Configure the “Security-Licensing-SLC” component for the “generalize” configuration pass. a In the Answer File pane, expand the “3 generalize” item and select the “x86_Microsoft-Windows-Security-Licensing-SLC” component. b In the SkipRearm field, type the number 1. This setting ensures that all activation-related licensing and registry data remains and is not reset by Sysprep. pass. a In the Answer File pane, expand the “4 specialize” item, expand the “x86_Microsoft-Windows-Deployment” component, then right-click the “RunSynchronous” item and select “Insert New RunSynchronousCommand.” b Configure the RunSynchronousCommand settings as follows: › In the Order field, type the number 1. This ensures that the command is run before any other commands. › In the Path field, type: net user administrator /active:yes This enables Vista’s built-in administrator account.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–19

7

10 Configure the “Deployment” component for the “specialize” configuration

11 Configure the “Shell-Setup” component for the “specialize” configuration

pass. a In the Answer File pane, under the “4 specialize” item, select the “x86_Microsoft-Windows-Shell-Setup” component and configure settings as follows: › ComputerName: Type an asterisk: * This causes a random computer name to be generated for each computer. › CopyProfile: true This enables you to overwrite the default user profile (C:\Users\Default) with the current user profile. The advantage of this is that you can configure the current user profile to comply with corporate standards, and then replace the default user profile with these customizations. As a result, corporate standards will be automatically applied to each new user profile that is added to the computer. › DisableAutoDaylightTimeSet: false This resets the time on the computer to daylight savings time. › DoNotCleanTaskBar: true This specifies that icons on toolbars (for example, the QuickLaunch toolbar) should not be cleared out. › ProductKey: Type a valid volume activation license for Vista. › ShowWindowsLive: false This specifies that a link to Windows Live is not displayed on the Start menu. › StartPanelOff: false This specifies that the new Vista Start Panel is displayed when the Start button is clicked. › TimeZone: Type the correct time zone for your location. b Expand the “x86_Microsoft-Windows-Shell-Setup” component, select the Display item, and configure settings as follows: › ColorDepth: 32 Sets the display color depth to the “Highest” setting (32-bit color) › DPI: 120 Sets the resolution of graphics, such as icons and screen fonts, to 120 dpi (dots per inch) › HorizontalResolution: 1024 Sets the monitor’s horizontal resolution to 1024 pixels › RefreshRate: 60 Sets the monitor’s refresh rate to 60 Hertz › VerticalResolution: 768 Sets the monitor’s vertical resolution to 768 pixels

7–20

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

c

Select the Themes item and configure settings as follows: › CustomDefaultThemeFile: Type the path to a custom Vista display theme you have developed for your organization. › DefaultThemesOff: false This specifies that the default Vista visual style should be used.

12 Configure the “UnattendedJoin” component for the “specialize” configuration

pass. a In the Answer File pane, under the “4 specialize” item, expand the “x86_Microsoft-Windows-UnattendedJoin” component, select Identification, and in the JoinDomain field, type the name of the domain you want computers to join. b Expand the Identification item, select Credentials, and configure settings as follows: › Domain: Specify the name of the domain to use for account authentication. › Password: Specify the password for an account that has rights to join computers to the domain. › Username: Specify the name of the user account whose password you entered in the previous setting. 13 Configure the “International-Core” component for the “oobeSystem”

configuration pass. a In the Answer File pane, expand the “7 oobeSystem” item and select the “x86_Microsoft-Windows-International-Core” component. b Enter the correct localization code for your location in the InputLocale, SystemLocale, UILanguage, and UserLocale fields. Note: For a list of localization codes, refer to the topic “Supported Language Packs” in the Unattended Windows Setup Reference help file (Help—>Unattended Reference). pass. a In the Answer File pane, under the “7 oobeSystem” item, select the “x86_Microsoft-Windows-Shell-Setup” component and configure settings as follows: › RegisteredOrganization: Type the name of your company. › RegisteredOwner: Type the name of the department or group that owns the computer. b Expand the “x86_Microsoft-Windows-Shell-Setup” component, select OOBE, and configure settings as follows: › HideEULAPage: true Specifies that the Microsoft End User License Agreement page of Windows Welcome is hidden when the user logs in to Windows. Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–21

7

14 Configure the “Shell-Setup” component for the “oobeSystem” configuration

(Note: For system builders in OEM environments, Microsoft requires this setting to be “false” so end users can view and accept the Windows license agreement when they use their system for the first time.) › NetworkLocation: Work Informs Windows that the computer is connected to a private office network. › ProtectYourPC: Type the number 1. Sets the option “Help protect your computer automatically” to the most appropriate level for the user’s situation, as determined by Windows. › SkipMachineOOBE: true Hides the Windows Welcome screen that appears when the user logs in for the first time. Note: In the Unattended Windows Setup help, Microsoft cautions against setting this option to “true” in a production environment because “the user will not be prompted for values that are necessary to successfully complete Windows Setup.” This could result in the computer being “left in an unusable state.” If you set this option to true in a production environment, Microsoft advises you to “add values for the Windows Welcome screens in your answer file.” c Expand the UserAccounts item, select AdministratorPassword, and enter the password for the Administrator account in the Value field. d Right-click LocalAccounts and select Insert New LocalAccount. e Verify that the newly added LocalAccount item is selected, then configure its settings as follows: › Description: Enter a short description for the new local account › DisplayName: Enter the account’s display name (the name that is displayed for the account on the Windows login screen and on the Start menu). › Group: Administrators › Name: Enter the user name for the account. f Expand the LocalAccount item, select Password, and enter the password for the local account in the Value field. This completes the configuration of our sample Sysprep answer file. 15 Select Tools—>Validate Answer File.

If any errors are displayed in the Messages pane, double-click each message to navigate to the affected setting and correct any issues. You can ignore warning messages that state “the setting has not been modified; it will not be saved to the answer file.” These simply indicate that empty configuration settings (in other words, settings you did not configure) will not be saved to the Sysprep answer file.

7–22

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

16 Select File—>Save Answer File As, then save the answer file to the

C:\Windows\system32\sysprep folder. Note: The exact name of the answer file does not matter, as long as you save it as an XML file. In this course, we are naming the file sysprep.xml. 17 Open a command prompt and enter the command line and switches needed to

perform a test run of the Sysprep answer file. For example: C:\Windows\system32\sysprep\sysprep.exe /oobe /generalize /reboot /quiet /unattend:C:\Windows\System32\sysprep\sysprep.xml

The switches provide the following functionality: /oobe Tells Sysprep to use the answer file you created /generalize Removes system-specific information from the Windows installation /reboot Tells Sysprep to reboot the system upon completion /quiet Tells Sysprep to run without displaying user prompts /unattend: Points Sysprep to the location of the answer file After you run Sysprep, there is a slight delay while Sysprep strips information from the system, and then the machine automatically reboots. If errors occur during the Sysprep testing process, correct the problems and retest the answer file until the test is successful. 18 Copy the Sysprep folder to a centrally accessible location (for example, a

7

network drive) for future deployment projects.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–23

Example of a Sysprep.xml Answer File 1 1 net user administrator /active:yes 32 120 1024 768 60 C:\Windows\Resources\Themes\symantec.theme false * true

7–24

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

false true 12345-12345-12345-12345-12345 false false Mountain Standard Time symantec Passw0rd DomainAdmin symantec en-us en-us en-us en-us

7

true Work 1 true

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–25

UABhAHMAcwB3ADAAcgBkAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAUABhAHMAc wB3AG8AcgBkAA== false UABhAHMAcwB3ADAAcgBkAFAAYQBzAHMAdwBvAHIAZAA= false Required local account Local User Administrators localuser Symantec Symantec Education Services

7–26

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Building and Optimizing the Reference Computer 1 2 3 4 5 6 7 8

Wipe disk if not em pty

9

Clean up unwanted/temp files

Perform clean OS install 10 Clear out Web browser cache Install OS service packs, updates Remove problematic drivers Remove null drivers Configure Default User (XP) Install standard corporate apps

11 Defrag drive 12

Set paging file to zero

13 Run CHKDSK /F 14 15

Rebuild pagefile Change Guest account usage (XP)

Uninstall hardware-related apps

Building and Optimizing the Reference Computer In this course, we refer to the computer you use to create the master image as the reference computer. Before you create the master image, there is a series of tasks you need to perform to prepare and optimize the reference computer:

1

If the reference computer already has an OS and applications installed on it (as may be the case when receiving a new computer directly from the manufacturer), use a tool such as GDisk to wipe the hard disk’s MBR or to perform a full disk wipe.

2

Perform a clean installation of Windows on the reference computer using a volume license. Do not add the reference computer to a domain.

CAUTION

If the machine is a member of a domain when Sysprep runs, then when you deploy the master image to the users’ computers, Sysprep will not be able to automatically add the users’ computers to a domain. Therefore, always make sure the machine you are using to create the master image is not a member of a domain when you run Sysprep.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–27

7

Note: Unless otherwise noted, the tasks in this section apply to Windows 2000/XP as well as Windows Vista.

7–28

3

Install Windows service packs, patches, and updates as needed.

4

The drivers for the following devices often prevent the reinstallation of Plug and Play devices, so you must remove them from Device Manager: – Network cards – Modems – USB hubs – Audio – Keyboard and mouse (Important: Do not reboot after uninstalling these drivers, even if you are prompted to do so.) – Video (Important: Uninstall this driver last. Also, do not reboot after uninstalling the video driver, even if you are prompted to do so.)

5

If any null drivers are present in Device Manager, remove them. Null drivers prevent Windows from reinstalling their related devices during the next reboot. These drivers appear as yellow icons in Device Manager. To remove a null driver, right-click the device and select Uninstall.

6

Windows XP: Configure the Default User profile to comply with corporate standards (for example, set wallpaper and screensavers to the corporate standards, add corporate documents to the Documents folder, and so on). By doing this, any user profile that is added to the computer in the future will be automatically configured to comply with corporate standards. To configure the Default User profile in Windows XP: a Create a temporary administrative user. b Log in as the temporary user and configure system settings as needed. c Log off the temporary user and log in as Administrator. d Run the User Profiles management tool (Control Panel —> System —> Advanced tab —> User Profiles group box —> Settings) and copy the temporary user’s profile settings to the Default User profile. Note: In some cases, you may need to reboot the computer before you can perform the copy operation. e Delete the temporary user profile.

7

Install any additional applications that you want to include in your base image. Include an application if at least 80 percent of your users need it. Also, install important application patches. Do not install applications that are hardwarerelated (Control Panel items, hardware utilities, and so on).

8

Often, hardware-related applications are installed by default during an operating system installation to provide extra functionality for such devices as video, network, mouse/touchpad, and so on. Open the Control Panel, doubleclick Add/Remove Programs, and uninstall any applications that are hardwarerelated.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

9

Remove any unwanted or unneeded files from the C: drive, including files in temporary directories.

10 Clear out cached Internet Explorer documents, including Files, History, and

Cookies. 11 Run a defrag utility. 12 Set the system paging file to zero, as follows: a b c d e f

g h

Right-click on My Computer and select Properties. Windows XP: Click the Advanced tab. Windows Vista: Click “Advanced system settings.” In the Performance group box, click Settings. Click the Advanced tab. In the Virtual memory group box, click Change. Select the option “No paging file” and click Set. Note: In Windows Vista, you must remove the check mark from the “Automatically manage paging file size for all drives” option before you can select the “No paging file” option. In each of the open dialog boxes, click OK until you are back at the desktop. Reboot the computer.

13 From a command prompt, run CHKDSK /F C:

CHKDSK searches for and fixes any disk-related errors that could affect the integrity of your image file. To run CHKDSK on the system drive, you must reboot your computer after running the CHKDSK /F C: command. 14 Configure Windows to rebuild the pagefile based on the destination

workstations’ total memory. a Run REGEDIT.EXE. b Delete the existing multi-string entry for: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ Session Manager\Memory Management\PagingFiles

c

Create a new string value for: 7

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ Session Manager\Memory Management\PagingFiles=C:\pagefile.sys 0 0

15 Windows XP: You may want to change how the Guest login account is used.

By default, Windows XP forces anyone attempting to connect to a remote system to log in as “Guest.” To allow the connecting user to enter a name and password instead of having to log in as “Guest,” perform the following: a Run REGEDIT.EXE. b Locate the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Forceguest

c

Change the “Forceguest” value to 0.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–29

Creating a Master Image of the Reference Computer 1 2 3

Create PreOS boot package on physical media. Copy Sysprep folder to reference computer. Run Sysprep.

4 Boot reference computer from boot package. 5 Load appropriate imaging engine. 6 Create image of reference computer. 7 Test master image.

Creating a Master Image of the Reference Computer After Sysprep finishes running and the computer shuts down, you are ready to create a master image. To create the master image: 1

Because Sysprep powers off the system after it has run, you must create a PreOS boot package that is capable of booting a powered-down system (in other words, the boot package must be created on physical media, such as a floppy disk, CD, PXE, or a USB bootable device). For Ghost, the boot package should be created using the WinPE PreOS environment, and you should choose to include the DeployAnywhere driver database to ensure that all drivers that may be needed in your environment are available in the boot package.

2

Copy the Sysprep information to the reference computer. Windows XP: Copy the previously created Sysprep folder to the root of the system drive (for example, C:\Sysprep). Windows Vista: Copy the previously created syprep.xml file to C:\Windows\System32\sysprep

3

Run Sysprep. Windows XP: C:\Sysprep\Sysprep.exe -mini -reseal -quiet

7–30

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Windows Vista: C:\Windows\system32\sysprep\sysprep.exe /oobe /generalize /shutdown /quiet /unattend:C:\Windows\system32\sysprep\sysprep.xml

After Sysprep finishes running, it shuts down the system. Boot the reference computer from your PreOS boot package.

5

Load the imaging engine that is compatible with the PreOS you are using (for example, Ghost32 or PQIDeploy if you are imaging under WinPE).

6

Use the imaging engine to create an image of the reference computer.

7

After the master image has been created, be sure to test it. You test the master image by restoring it to other computers with different hardware configurations. Boot each computer you restored the image to, and verify that each computer runs through the Setup Manager wizard properly. If the test is successful, you should be able to use the image on all the other computers in your organization.

7

4

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–31

Restoring Master Images

For detailed instructions on using Ghost or ImageCenter to restore an image, review the “Creating and Restoring Images” lesson.

Restoring Master Images To restore a master image, boot the target computer from a boot package created with either the Ghost Boot Wizard or Boot Disk Builder. When Ghost or ImageCenter launches, use it to manually restore the master image to the target computer. For detailed instructions on using Ghost or ImageCenter to restore an image, review the “Creating and Restoring Images” lesson in this student guide.

7–32

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Using DeployAnywhere to Detect and Install Needed Drivers The DeployAnywhere executable can be found in the following location on the system where Ghost Solution Suite is installed: C:\Program Files\Symantec\Ghost\GhDplyAw32.exe 1. Evaluating the Target Computer GhDplyAw32.exe /target=[Windows disk] /eval /ddb=[location of DeployAnywhere driver database] Example: GhDplyAw32.exe /target=1.1:\Windows /eval /ddb=E:\Windrivers 2. Installing Drivers from the DeployAnywhere Database GhDplyAw32.exe /target=[Windows disk] /ddb=[location of DeployAnywhere driver database] Example: GhDplyAw32.exe /target=1.1:\Windows /ddb=E:\Windrivers

Using DeployAnywhere to Detect and Install Needed Drivers After restoring a master image, you must provide a way to install needed drivers on deployed systems. An easy way to do this is to use Ghost’s DeployAnywhere feature. If you created a WinPE-based boot package and made the DeployAnywhere driver database available in the boot package or from a centrally accessible location (such as a network share), you can install missing drivers on target machines by running DeployAnywhere after the master image is restored. The DeployAnywhere executable can be found in the following location on the system where Ghost Solution Suite is installed: C:\Program Files\Symantec\Ghost\GhDplyAw32.exe

1

Evaluate the target computer. Before attempting to use DeployAnywhere to install drivers on a target computer, you should perform a hardware evaluation of the computer to determine which drivers are needed and to see if all required drivers are included in the DeployAnywhere driver database. If required drivers are not available, a list of missing drivers is returned. You can also review the list of missing drivers in the ghDplyAw.txt file. To perform the driver evaluation, use the following command line: ghDplyAw32.exe /target=[Windows disk] /eval /ddb=[location of DeployAnywhere driver database]

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–33

7

There are two main steps involved in the DeployAnywhere process:

For example: ghDplyAw32.exe /target=1.1:\Windows /eval /ddb=E:\Windrivers In this example, the /target parameter points to the Windows directory on the first partition of the computer’s first hard drive (1.1), and the /ddb parameter specifies that the DeployAnywhere driver database is located on drive E: (the CD-ROM drive, in our case) in the Windrivers directory. If all of the required drivers are available, the message “Success” is returned. If DeployAnywhere detects that required drivers are missing from the driver database, add the drivers. Install drivers from the DeployAnywhere database. When all necessary drivers are available, you can run DeployAnywhere to install drivers and perform other necessary configuration tasks. To install drivers, use the following command line: ghDplyAw32.exe /target=[Windows disk] /ddb=[location of DeployAnywhere driver database] For example: ghDplyAw32.exe /target=1.1:\Windows /ddb=E:\Windrivers 2

Troubleshooting DeployAnywhere • Issue: Error: “A test that safeguards the integrity of the program failed unexpectedly. CHECK failed, Argument::GetInt323: .\ CommonArgumentTypes.cpp(156): false. Solution: This error is reported if DeployAnywhere fails to find all the files it needs to perform the retargeting process. One instance in which this error has been encountered is when a system optimization tool removed the sp2.cab and drivers.cab files from the C:\Windows\Driver Cache\i386 directory. In this case, the error was corrected by copying the missing sp2.cab and drivers.cab files from a different system into the affected system’s C:\Windows\Driver Cache\i386 directory.

7–34

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary Key Points In this lesson, you learned about: – The issues involved in deploying images on a network – How Microsoft Sysprep solves image deployment issues – Creating a Sysprep answer file in preparation for performing an unattended deployment of Windows XP/2000 – Creating a Sysprep answer file in preparation for performing an unattended deployment of Windows Vista – Preparing a reference computer for imaging – Creating a master image of the reference computer and validating the image – Using Ghost and ImageCenter to restore a master image, and using Ghost’s DeployAnywhere feature to install drivers on the target computer

Lab 7: Creating a Master Image File In this lab, you: •Prepare to run Sysprep. •Optimize the reference system. •Create a WinPE-based Ghost ISO boot environment with the DeployAnywhere driver database. •Use Ghost to create a master image file. •Use DeployCenter to create a master image file.

7

•Restore a master image file using Ghost and DeployAnywhere.

Lesson 7 Creating and Restoring Master Images Copyright © 2008 Symantec Corporation. All rights reserved.

7–35

7–36

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 8 Deploying Images

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives

After completing this lesson, you will

Topic

8–2

be able to:

Benefits and Challenges of Deploying an Im age to Multiple Com puters

Describe the benefits of deploying a single image to multiple com puters at the same tim e.

Overview of Multicasting

Explain the basics of multicasting and discuss how m ulticasting is im plemented in Ghost Solution Suite.

Using G hostCasting to Deploy Im ages

Deploy an im age to m ultiple computers using GhostCasting.

Using P owerCasting to Deploy Im ages

Deploy an im age to m ultiple computers using Pow erCasting.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Benefits and Challenges of Deploying an Image to Multiple Computers Benefits: • Simplifies the deployment process (especially if a hardwareindependent image is used). • Dramatically reduces time required to deploy computers (compared to manually installing an operating system on each computer). Challenges: • Early image deployment methods required the administrator to download a separate copy of the image from a network volume to each machine. • Copying a full image repeatedly across the network puts a heavy burden on network bandwidth, leading to network slowdowns and even instability.

Benefits and Challenges of Deploying an Image to Multiple Computers Before disk imaging technology became available, IT professionals deployed computers by manually installing an operating system on each new computer their company purchased. This process could take from hours to a whole day, depending on how many applications needed to be installed and how much configuration needed to be performed for each computer. Imaging gave IT professionals a better way to deploy computers. Rather than installing each operating system manually, they could now create a hardwareindependent image of a reference computer and then send out the image to each new computer across the network. This method dramatically reduced the amount of time needed to deploy new computers in a business.

8

However, there were still some drawbacks. Early image deployment processes used a “pull” method. This method required the administrator to boot each computer individually, run imaging software, and then download an image from a network volume to each computer (that is, each computer received a separate copy of the original image file). Since image files can be very large, sending an image file multiple times to computers across the network puts a heavy burden on network bandwidth, leading to network slowdowns and even network instability. To overcome the drawbacks of the “pull” deployment method, multicasting technology was developed.

Lesson 8 Deploying Images

8–3 Copyright © 2008 Symantec Corporation. All rights reserved.

Facts About Multicasting

• Multicasting is a “push” method of deployment. • To participate in a multicasting session, client computers must: − Have network hardware and drivers that support multicasting. − Boot to the network and be assigned a unique IP address. − Run imaging software and join a m ulticast session.

• During multicasting, an image file is pushed out as data packets from a central computer simultaneously to all clients logged on to the multicast session.

Overview of Multicasting Multicasting technology uses a “push” method of deployment. Each computer that needs to receive the image must still be booted to the network and have imaging software run on it. Each computer must also be joined to a multicast session. Once these things are done, however, the image file is pushed out as packets of data from a central computer simultaneously to all computers logged in to the multicast session. In other words, the image file is sent out only once across the network, not multiple times. This significantly reduces the impact on network performance and stability. Prerequisites for Multicasting To perform multicasting, you must meet the following requirements: • All network hardware (routers, NICs, etc.) must support multicasting. • You must have the appropriate network drivers for all the computers that will be part of the multicast session. • You must assign a unique IP address to each computer that will be part of the multicast session. This can be accomplished either automatically (for example, with a DHCP server) or manually (with a WATTCP.CFG file).

8–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Multicasting in the Ghost Solution Suite

The Ghost Solution Suite includes two different multicasting engines:

GhostCasting (Symantec Ghost) PowerCasting (Sym antec DeployCenter)

Multicasting in the Ghost Solution Suite

8

The Ghost Solution Suite includes two different multicasting engines— GhostCasting and PowerCasting. Each of these engines has its own multicasting server and client software. The next topic discusses the main differences between GhostCasting and PowerCasting.

Lesson 8 Deploying Images

8–5 Copyright © 2008 Symantec Corporation. All rights reserved.

Differences Between Ghost and DeployCenter Multicasting

GhostCasting

PowerCasting

Can create and restore images

Can restore images

Works with .gho, .v2i, .pqi, and.vmdk file formats

Only works with .pqi image file format

Is integrated into the Ghost Console Is not integrated into the Ghost Console

Differences Between Ghost and DeployCenter Multicasting GhostCasting and PowerCasting are for the most part very similar. There are only three significant points on which they differ. The following table summarizes these differences. GhostCasting (Symantec Ghost)

PowerCasting (DeployCenter)

Can create and restore images

Can restore images

Works with .gho, .v2i, .pqi, .vmdk file formats

Only works with .pqi image file format

Is integrated into the Ghost Console

Is not integrated into the Ghost Console

8–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Starting a GhostCast Session in Windows Select StartÆ ProgramsÆ Symantec GhostÆ GhostCast Server.

Using GhostCasting to Deploy Images Starting a GhostCast Session in Windows The GhostCast Server creates or distributes a copy of an image file to Symantec Ghost clients in a session consisting of one server, a single image file, and one or more similar clients. The session name acts as a key. The session name identifies the session and is used by clients to indicate the session that they are to join. To start a GhostCast session to deploy an image to multiple computers: 1 On the computer where the GhostCast Server is installed, select Start—>Programs—>Symantec Ghost—>GhostCast Server. In the GhostCast Server window, in the Session Name box, type a session name. A GhostCast session name can be any alphanumeric sequence of characters and must be unique on your network. You can use spaces on the GUI but not with command-line switches. Session names are not case-sensitive. 3 Click Restore Image to send an image file to all connecting clients. 4 In the Image File field, specify the name and full path of the image file containing the image, or click Browse to find the location of the image file. 5 Perform one of the following: – Click Disk to restore an image of an entire disk. – Click Partition to restore an image of a partition and select the partition from the image file.

Lesson 8 Deploying Images

8–7 Copyright © 2008 Symantec Corporation. All rights reserved.

8

2

Click Accept Clients to accept the client computer into the session. The Accept Clients button becomes active when all required boxes are filled out. 7 Join the client computers to the GhostCast session. 6

8–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Joining Clients to the GhostCast Session

Joining Clients to the GhostCast Session

8

To join clients to the GhostCast session: 1 Boot each client computer from a Ghost boot package that includes network support. For PC-DOS or MS-DOS PreOS environments, use a Network Boot Package created with the Ghost Boot Wizard. For WinPE or Linux PreOS environments, use a Standard Ghost Boot Package created with the Ghost Boot Wizard. 2 On the main Ghost menu, select GhostCast—>MultiCast. 3 In the GhostCast Session Name to Join dialog box, type the session name and click OK. 4 Select the client disk to which you want to restore the image, and then click OK. 5 If you want the restored partition to be a different size than the original partition in the image file, specify a new size for the partition in the New Size field; otherwise, leave the default values. Click OK to continue. 6 Click Yes to indicate that the computer is ready to receive the image. The IP and MAC addresses of the client computers that are connected and waiting for the GhostCast session to start appear in the Connected Clients list on the GhostCast server, along with the clients’ status.

Lesson 8 Deploying Images

8–9 Copyright © 2008 Symantec Corporation. All rights reserved.

7

Once all of the required clients have joined the GhostCast session, go to the computer that is running the GhostCast Server and click Send to start the image restore process.

The progress indicator shows the status of the GhostCast session as it proceeds, along with other image file and transfer details. The statistics shown are based on the image file size and reflect the sizes after compression. The speed shows the actual amount of data being sent over the network in megabytes-per-minute from the image file. The client status changes to In Progress.

8–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Starting a PowerCast Session in Windows Select StartÆProgramsÆ Symantec DeployCenterÆ DeployCenter ToolsÆ PowerCast Server.

Using PowerCasting to Deploy Images Starting a PowerCast Session in Windows Note: While it is not mandatory, you will have better performance with a PowerCast session if you run the PowerCast server before the PowerCast clients. Also, you must run the Windows PowerCast Server on a network with a DHCP server. The Windows PowerCast Server does not support the PowerCast BOOTP server.

8

To start a PowerCast session to deploy an image to multiple computers: 1 Select Start—>Programs—>Symantec DeployCenter—> DeployCenter Tools—>PowerCast Server. 2 Type the name you have chosen for the PowerCast session in the Session Name text box. The session name will be used by the clients to select a session to join. 3 Specify the full path and image filename to be PowerCast during this session. If necessary, click the browse button to locate the image file you want. Note: You cannot PowerCast images spanned across multiple removable media. If the image file contains more than one partition, each partition is displayed in the list box.

Lesson 8 Deploying Images

8–11 Copyright © 2008 Symantec Corporation. All rights reserved.

Use one of the following methods to select the part of the image file you want to PowerCast: – In the partitions list box, select the partitions you want to include. – Click Select All to include all partitions in the image file. – Click Select None to clear the selections. 5 In the Resize Options group box, specify how you want to configure the remaining free space on the client computers. 4

6

If you want the image file to:

Select:

Fill all available space

Automatically resize partitions proportionally to fit

Occupy equal space and leave the remaining space free

Leave remaining free space

Select the Client Mode option you want. Express

Eliminate a decision step on the client side and have the image file replace the entire contents of the hard disk chosen by the client. The client does not have to choose a destination partition or free space. Do not choose this option unless you are confident you can replace the entire contents of the hard disk.

Custom

Let the client choose the destination (partition or free space) and partition resize values.

If you are finished setting PowerCast Server options, you can either set advanced options before launching the PowerCast session, or you can launch the PowerCast session by clicking Start.

8–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Starting a PowerCast Session in Windows To begin sending the image, wait for the specified number of clients to join (Autostart client count), or click Go.

8

The selected image will be PowerCast to connected clients once the Autostart client count is reached or you click Go.

Lesson 8 Deploying Images

8–13 Copyright © 2008 Symantec Corporation. All rights reserved.

Joining Clients to the PowerCast Session To automatically join a PowerCast session, boot clients from a PowerCast boot disk created with Boot Disk Builder.

Joining Clients to the PowerCast Session To join clients to the PowerCast session, boot the clients from a PowerCast boot disk you created with Boot Disk Builder. As soon as the Autostart client count is reached or Go is clicked in the PowerCast Server, the image is automatically sent to all connected clients.

8–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary Key Points In this lesson, you learned about: – The benefits of deploying a single image to multiple computers at the same time – The basics of multicasting and how multicasting is implemented in Ghost Solution Suite – Deploying an image to multiple computers using GhostCasting – Deploying an image to multiple computers using PowerCasting

Lab 8: Deploying Images In this lab, you: •Use GhostCasting to deploy a master image to a client system.

8

•Use PowerCasting to deploy a master image to a client system.

Lesson 8 Deploying Images

8–15 Copyright © 2008 Symantec Corporation. All rights reserved.

8–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 9 Automating the Creation and Restoration of Images

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives

After completing this lesson, you will be able to:

Topic

9–2

Autom ating Sy mantec G host

Use Ghost comm and-line switches in batch files to autom ate the image create and r estore pr ocesses.

Autom ating Im ageCenter

Use Im ageCenter scripting to autom ate the im age create and restor e processes.

Additional Autom ation Tools

Descr ibe additional autom ation tools included in G host Solution Suite.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

9

Format of Ghost Batch Files

1. The Ghost executable is called and Ghost command-line switches are specified. 2. Error trapping and other commands are specified as needed.

Note: For a com plete listing of Ghost command-line switches and their usage, see Appendix C in the Symantec Ghost Solution Suite Lab Guide.

Automating Symantec Ghost You can automate image creation and restoration tasks in Ghost by using command-line switches in conjunction with batch files. Ghost can be automated using the DOS (Ghost.exe) or Windows (Ghost32.exe) executable. For most automated solutions, using Ghost32.exe with WinPE is recommended since it enables faster imaging speeds, improved network support, and can be used to create much more robust solutions. The suggested format of Ghost batch files is as follows: The Ghost executable is called, and command-line switches are specified. 2 Error trapping and other commands are specified as needed. 1

The following are examples of batch files for automating the creation and restoration of Ghost images. Sample Image Creation Batch File @ECHO OFF ghost32.exe -batch -clone,mode=create,src=1,dst=2:1\image.gho IF ERRORLEVEL 1 GOTO PROBLEM ECHO Symantec Ghost exited with value 0 indicating success. REM ** Add any commands required to run if Symantec Ghost REM succeeds here** GOTO FINISH :PROBLEM ECHO Symantec Ghost returned with an Error value 1 or higher ECHO Symantec Ghost operation was not completed successfully

Lesson 9 Automating the Creation and Restoration of Images Copyright © 2008 Symantec Corporation. All rights reserved.

9–3

REM **Add any commands required to run if Symantec Ghost REM fails here ** :FINISH ECHO Batch File Finished

Sample Image Restoration Batch File @ECHO OFF ghost32.exe -batch -clone,mode=restore,src=2:1\image.gho,dst=1,szeL IF ERRORLEVEL 1 GOTO PROBLEM ECHO Symantec Ghost exited with value 0 indicating success. REM ** Here you can add other commands that need to be run REM if Ghost succeeds. For example, to run DeployAnywhere REM after the image is restored, add the following REM command, using parameters that fit your situation ** ghDplyAw32.exe /target=1.1:\Windows /ddb=E:\Windrivers GOTO FINISH :PROBLEM ECHO Symantec Ghost returned with an Error value 1 or higher ECHO Symantec Ghost operation was not completed successfully REM **Add any commands required to run if Symantec Ghost REM fails here ** :FINISH ECHO Batch File Finished

For a complete listing of Ghost command-line switches and their usage, please see Appendix C in the Symantec Ghost Solution Suite Lab Guide.

9–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

9

Functions that Can Be Performed with ImageCenter Scripting • Image Creation • Image Restoration • Partition Manipulation • Registry Access • Access to Files on Visible and Hidden Partitions • SYSPREP.INF Access and Manipulation • .INI File Access and Manipulation • Messaging • Math Operations • Disk and Partition Queries • Scripting Logic

Automating ImageCenter ImageCenter scripting provides a way to automate ImageCenter’s functions. ImageCenter can be automated using the DOS (Pqimgctr.exe) or Windows (PQIDeploy.exe) executable. For most automated solutions, WinPE is recommended since it enables faster imaging speeds, improved network support, and can be used to create much more robust solutions. Using scripting requires forethought and preparation since you must manually write script files that instruct ImageCenter what to do. However, when the scripts run, no user interaction is required. Through scripting, the following functions can be performed: • Image Creation • Image Restoration • Partition Manipulation • Registry Access • Access to Files on Visible and Hidden Partitions • Sysprep.Inf Access and Manipulation • .INI File Access and Manipulation • Messaging • Math Operations • Disk and Partition Queries • Scripting Logic To use ImageCenter scripting, you must first understand its three components— program parameters, script files, and scripting commands. Lesson 9 Automating the Creation and Restoration of Images Copyright © 2008 Symantec Corporation. All rights reserved.

9–5

ImageCenter Program Parameters

Required Parameters

Optional Parameters

ImageCenter executable Usage: PQIMGCTR Example: A:\PQIMGCTR

Error reporting parameter and path to error report file Usage: /ERR= Example: /ERR=A:\err.txt

Scripting parameter and path to script file Usage: /CMD= Example: /CMD=A:\Script.txt Image file parameter and path to image file Usage: /IMG= Example: /IMG=E:\Image.pqi

Log file parameter and path to log file Usage: /LOG= Example: /LOG=A:\Image.log

ImageCenter Program Parameters Program parameters not only enable ImageCenter scripting, but they also alter the way that ImageCenter behaves while executing scripts. Program parameters (often called switches) allow the user to simultaneously launch the ImageCenter program and specify program startup options from a single command-line prompt. Symantec products all have specific program parameters, which are entered on the command line directly after the name of the program executable. Each program parameter is preceded by a forward slash and should be separated from other commands by a space. To activate scripting in the ImageCenter engine, certain program parameters must first be specified at the command line, as shown in the following example: Program Executable

Program Parameters

A:\>PQIMGCTR /cmd=a:\script.txt /img=\\.\disk1.part2\image.pqi /err=a:\err.txt

9–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

As the example shows, there are several parts to this command line: ImageCenter executable Usage: PQIMGCTR 9

Example: A:\PQIMGCTR Scripting parameter and path to script file Usage: /CMD= Example: /CMD=A:\Script.txt Image file parameter and path to image file Usage: /IMG= Example: /IMG=E:\Image.pqi In addition to the preceding parameters, you may also choose to include either of the following two optional (but recommended) parameters. It is suggested that you only use one of these parameters at a time, since using both returns redundant information. Error reporting parameter and path to error report file This parameter creates an output file of errors encountered during the scripting process. Usage: /ERR= Example: /ERR=A:\err.txt Log file parameter and path to log file This parameter creates an output file of all scripting instructions executed and all errors encountered during the scripting process. Usage: /LOG= Example: /LOG=A:\Image.log While the parameters discussed thus far are required in order to activate ImageCenter scripting, there are a number of additional parameters that can be used to modify how ImageCenter functions. Remember that once a script is running, no user interaction is involved. Any advanced options or other program features that are available in the ImageCenter GUI can only be accessed in scripting mode through the use of program parameters. To view the additional program parameters available with ImageCenter, see Appendix D in the Symantec Ghost Solution Suite Lab Guide.

Lesson 9 Automating the Creation and Restoration of Images Copyright © 2008 Symantec Corporation. All rights reserved.

9–7

Facts About ImageCenter Script Files

• A script file is simply a list of commands saved in a text file and executed through the use of program parameters. • You can create a script file using any text editor program. • Use the standard 8.3 DOS naming convention to name ImageCenter script files.

The ImageCenter Script File A script file is simply a list of commands saved in a text file and executed through the use of program parameters. The program uses the commands, or instructions, within the script file to completely automate the program’s functions, eliminating the need for user intervention. You can create a script file using any text editor program (Notepad, Omnipad, etc.) and can save the file with any name or extension. Keep in mind that since the file will be accessed in DOS, you should use the standard 8.3 DOS naming convention (eight characters for the main file name and three characters for the file extension; for example, myscript.txt) when naming your ImageCenter script files. Once you have created your script file, you can use it by specifying the /CMD= parameter in the ImageCenter command line. CAUTION

9–8

Because the script file executes without user intervention, use extra care when developing the script file. For example, if the DELETE ALL command is encountered, all the partitions on the currently selected drive will be deleted without any warning or confirmation message which would normally allow the user to cancel the operation. Enter only one command per line; otherwise, only the first command (if any) will successfully execute.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

ImageCenter Scripting Commands

For example, a very simple script that creates an image file might consist of the following scripting commands: Select Drive 1 Select Partition All Store With Compression High

These three commands tell ImageCenter to create an image file of all partitions on the first drive and to compress the image file as much as possible. A script to restore the partitions in the image file to two different hard drives might consist of the following scripting commands: Select Drive 1 Delete All Select Drive 2 Delete All Select Drive 1 Select Freespace Largest Select Image 1 Resize Image Max Restore Select Drive 2 Select Freespace First Select Image 2 Resize Image 850 Restore Select Freespace Next Select Image 3 Resize Image Max Restore

Lesson 9 Automating the Creation and Restoration of Images Copyright © 2008 Symantec Corporation. All rights reserved.

9–9

9

Scripting commands are the instructions within the script file that tell the program how to function.

Following are some of the most commonly-used scripting commands: Imaging

Partitioning

File Access

Multipurpose

SET DESCRIPTION

CREATE

APPEND

SELECT DISK/DRIVE

SET IMAGE FILENAME

DELETE

COPY

SELECT PARTITION

SET PASSWORD

PROTECT PARTITION

MERGE INI

SELECT FREESPACE

STORE

HIDE

USE REGISTRY

SET VAR

VERIFY IMAGE

UNHIDE

USE INI

MESSAGE

SELECT IMAGE

RESIZE PARTITION

USE Sysprep

REBOOT

RESIZE IMAGE

RESIZE EXTENDED

GET REG

EXPIRES

RESTORE

SECTOR CHECK

GET INI

SET ACTIVE

SET INI SET REG USE NONE

Following are some of the most commonly-used query commands (which are used to determine the number of disks in the system, disk sizes, partition sizes, used and unused space within partitions, file systems of partitions, etc.): Multiple Disks (No Disks Selected)

Selected Disk

Selected Partition

Selected Free Space

GetTotalDisks

GetCurrentDiskNum

GetCurrentPartNum

GetCurrentFreeSpaceNum

QueryLargestUnusedSize

GetDiskSize

GetSelectedPartitionSize

QueryFreeSize(Num)

QueryLargestUnusedDisk

GetTotalPartitions

GetUsedAmount

QueryLargestUnallocatedSize

GetAllocatedSize

GetUsedPercent

QueryLargestUnallocatedDisk

GetAllocatedPercent

GetUnusedAmount

GetTotalUnallocatedSpaces

GetUnusedPercent

GetUnallocatedSize

GetPartitionLabel

GetUnallocatedPercent

IsFAT IsFAT32 IsNTFS IsHPFS IsLinuxEXT2 IsLinuxEXT3 IsLinuxSWAP IsActive IsHidden IsPrimary IsLogical

9–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

For a complete listing of ImageCenter scripting commands and their usage, see Appendix D in the Symantec Ghost Solution Suite Lab Guide.

9

For a discussion of best practices for ImageCenter scripting, see Appendix E in the Symantec Ghost Solution Suite Lab Guide.

Lesson 9 Automating the Creation and Restoration of Images Copyright © 2008 Symantec Corporation. All rights reserved.

9–11

Ghost Automation Utilities

• GDisk Offers such features as FAT and NTFS file system formatting, batch mode operation, hiding and unhiding of partitions, secure disk wiping to U.S. DoD requirements, and extensive partition reporting. • GhConfig Enables you to quickly apply post-deployment configuration settings to a computer (such as changing a computer’s name immediately after an image is deployed to the computer). • GhRegedit Enables you to edit Windows registry keys and values. • Om niFS Enables you to manipulate files and directories in a locally attached NTFS, FAT, or EXT3 file system (including hidden partitions).

Additional Automation Tools In addition to the built-in automation capabilities of Ghost and DeployCenter, the Ghost Solution Suite also includes a variety of Ghost and DeployCenter automation tools. Ghost Automation Utilities The Ghost Standard Tools include the following utilities that can be used to automate imaging and system deployment tasks: • GDisk is a complete replacement for the FDISK and FORMAT utilities that enables FAT and NTFS file system formatting, batch mode operation, hiding and unhiding of partitions, secure disk wiping to U.S. DoD requirements, and extensive partition reporting. Unlike FDISK, which uses interactive menus and prompts, GDisk is command-line driven and offers faster configuration of a disk’s partitions. • GhConfig is an executable you can use to quickly apply post-deployment configuration settings to a computer. For example, GhConfig enables you to change a computer’s name immediately after an image is deployed to that computer. • GhRegEdit is a utility for editing the Windows registry. • OmniFS is a general-purpose utility for manipulating files and directories in a locally attached NTFS or FAT file system (including FAT hidden partitions). For details on how to use the automation utilities included with Ghost, refer to the Symantec Ghost Implementation Guide.

9–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

The Deploy Toolkit 9

• PQAccess Enables you to perform file-related operations on partitions that the active operating system cannot recogniz e or acc ess. • PQIDeploy Creates and restores image files, and performs bas ic hard drive partitioning operations. Has no GUI and can only be c ontrolled through scripting. • PQDisk Scriptable version of Norton PartitionMagic. • PQQuery DOS command-line program that returns disk and partition information in environment variables. • VBE Enables Windows-based computers to reboot into DOS without using physical media (floppy disk, CD-ROM, etc.) • PQA An image addendum utility that enables you to modif y files or directories on a visible or hidden hard disk partition. • PQIExtract Enables you to restore individual files or directories from within PQI image files.

Deploy Toolkit The Deploy Toolkit is a set of automation tools specifically designed to meet the system configuration and deployment needs of equipment manufacturers, configuration centers, and enterprise IT professionals. The Deploy Toolkit reduces the time required to set up and configure new workstations, deploy software applications across an entire network, and upgrade systems to new operating systems and larger hard drives. The following utilities are included in the Deploy Toolkit: • PQAccess enables you to perform file-related operations on partitions that the active operating system cannot recognize or access. This is especially useful in DOS environments when NTFS partitions (the primary partition type used by Windows XP and Windows 2000 Server) are not visible and cannot be accessed. • PQIDeploy is based on ImageCenter, the imaging component of DeployCenter. PQIDeploy can create and restore image files, as well as perform basic hard drive partitioning operations. Unlike ImageCenter, however, PQIDeploy does not have a graphical user interface and can only be controlled through scripting. • PQDisk is a scriptable version of Norton™ PartitionMagic®. PQDisk is intended for use by PC configuration centers and corporations that need to configure large numbers of PCs. It uses ASCII text script files to specify operations that create and manipulate hard disk partitions. • PQQuery is a DOS command line program that returns disk and partition information in environment variables. PQQuery enables batch files or imaging Lesson 9 Automating the Creation and Restoration of Images Copyright © 2008 Symantec Corporation. All rights reserved.

9–13







scripts to test environment variables and perform different actions depending on the returned values. VBE (Virtual Boot Environment) enables any Windows-based computer to reboot into DOS mode without using a floppy disk, CD-ROM, or any other external or removable boot device. VBE is of great value to manufacturing environments that use the DOS operating system in their PC manufacturing and testing processes. VBE is also valuable to IS technicians that use DOSbased imaging utilities or other DOS-based tools. PQA is an image addendum system that enables you to modify files or directories on a visible or hidden partition on a hard disk. You can use PQA to replace device driver files, provide patch files, rename files, and add or delete files and directories. You build a package of changes, then apply the package to the computers you want to change. With PQA, you avoid the necessity of making new image files when you want to change a few files. PQIExtract enables you to restore individual files or directories from within PQI image files. PQIExtract is useful when you want to restore individual files or reinstall the operating system, but you do not want to lose customized settings or applications that were installed after the image file was created.

For details on how to use each of the tools in the Deploy Toolkit, refer to the Deploy Toolkit User’s Guide.

9–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary 9

Key Points In this lesson, you learned about: – Using Ghost command-line switches in batch files to automate the image create and restore processes – Using ImageCenter scripting to automate the image create and restore processes – Additional automation tools included in Ghost Solution Suite

Lab 9: Automating the Creation and Restoration of Images In this lab, you: •Automate the creation of images using Ghost. •Automate the restoration of images using Ghost. •Automate the creation of images using DeployCenter. •Automate the restoration of images using DeployCenter. •Automate the configuration of a new system. •Automate the creation of local backup partitions.

Lesson 9 Automating the Creation and Restoration of Images Copyright © 2008 Symantec Corporation. All rights reserved.

9–15

9–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 10 Creating AutoInstall Packages to Automate Post-Deployment Customizations

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Automate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Topics and Objectives

After completing this lesson, you will be able to:

Topic

10–2

How AutoInstall Works

Explain how AutoInstall w orks.

Setting Up the AutoInstall Model Com puter

Set up a model computer and install AI Snapshot and AI Builder on the computer.

Generating an AutoInstall Installation Script

Use AI Snapshot to generate an AutoInstall installation script.

Custom iz ing AutoInstall P ackages

Edit the installation script created by AI Snapshot.

Validating AutoInstall Packages

Explain the importance of validating AutoInstall packages and describe the validation pr ocess.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

How AutoInstall Works

10

AutoInstall captures the changes made to a system when you install software. These changes are placed in a single package that can be executed manually or deployed across the network using login scripts or a management console.

Files

AutoInstall can capture changes to:

Registry entries Entire application suites

How AutoInstall Works Symantec Ghost AutoInstall (AI) reduces the time and cost of managing software distribution across a network by providing an efficient means of installing application packages and updates. Once installed, these packages can be removed quickly using the AutoInstall applications. AutoInstall captures changes to files, registry entries, or entire application suites on a single Windows computer and stores these changes as an executable file. This file can either be emailed to employees (so users can manually execute the package themselves), or deployed across a network using login scripts or a management console.

Lesson 10 Creating AutoInstall Packages to Automate Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

10–3

AutoInstall Components

• AI Snapshot: Creates an installation script that records the changes to a model computer when software is installed. • AI Builder: Uses the installation script to create a package that duplicates the changes made by the software installation; AI Builder also lets you customize the package to meet your needs.

AutoInstall Components Symantec Ghost AutoInstall has the following components to help you create and customize AI packages: • AI Snapshot creates an installation script that records the changes to a model computer when software is installed. • AI Builder uses the installation script to create a package that duplicates the changes made by the software installation. AI Builder also lets you customize the package to meet your needs.

10–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Using AutoInstall

To use AutoInstall: 1. Install AI Builder and AI Snapshot on the model computer. 10

2. Scan the model computer to capture existing system information. 3. On the model computer, install the software that you want to deploy. 4. Scan the model computer a second time to capture the changes to the system.

Using AutoInstall To use AutoInstall, ensure that AI Builder is installed on the computer where the Ghost Console is installed (AI Builder is included in the Console installation), and then perform the following procedures: 1 Install AI Builder and AI Snapshot on the model computer. 2 Scan the model computer to capture existing system information. 3 On the model computer, install the software that you want to deploy. 4 Scan the model computer a second time to capture the changes to the system. AI Builder automatically builds and saves the file created by AI Snapshot as an executable AI package. You can use AI Builder to customize the installation script, prior to building, or after building the executable, if necessary. Hardware and Software Restrictions AutoInstall is designed to install packages to computers with the same hardware and same operating system as the model computer. On 64-bit Windows platforms, you can only capture 32-bit applications. AutoInstall does not support 64-bit applications.

Lesson 10 Creating AutoInstall Packages to Automate Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

10–5

Using the Ghost Console to Deploy AutoInstall Packages

Model Computer

Creat e, cus tomize, and build the applic ation package on the model comput er .

Ghost Console

The Ghost Console deploys t he Aut oIns tall pac kage to the c lient w orks tations as a tas k.

The c lient w orks tations listen for ins tallation task s from the Ghost Console.

Using the Ghost Console to Deploy AutoInstall Packages AutoInstall, in conjunction with the Symantec Ghost Console, simplifies and streamlines the process of implementing workstation updates. AutoInstall lets you create a comprehensive software install AI package that you can deploy to workstations via the Symantec Ghost Console.

10–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Setting Up the AutoInstall Model Computer

The model computer should: 10

• Have the same operating system and service packs as the computers that will receive the finished package. • Not have any other software besides the operating system installed on it.

Setting Up the AutoInstall Model Computer Before you can create an AI package, you must set up a model computer with AI Builder and AI Snapshot installed. Choose a computer that has the same operating system and service packs as the computers that will receive the finished AI package. Ideally, this computer should have only the operating system installed and have network support to connect to the Console. If Microsoft Installer is not installed on the computer, then you are asked if you want to install it. If you want to include the installation of Microsoft Installer in the AI package, do not install it now. To install AI Snapshot and AI Builder on the model computer: 1 Insert the Symantec Ghost Solution Suite CD into the CD-ROM drive, and when the Symantec Ghost Solution Suite installation window appears, click Install Tools and Utilities. 2 Click Install AutoInstall. 3 At the installation wizard’s Welcome screen, click Next. 4 Accept the terms of the license agreement, then click Next. 5 On the Destination Folder screen, click Next. 6 On the Custom Setup screen, verify that both AI Builder and AI Snapshot are selected for installation, then click Next. 7 Click Install. 8 When the installation has completed, click Finish.

Lesson 10 Creating AutoInstall Packages to Automate Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

10–7

Generating an AutoInstall Installation Script

1 2 3

Capture pre-installation state of computer. Monitor software installation. Capture post-installation state of computer.

4 Build AutoInstall package.

Generating an AutoInstall Installation Script Creating the installation script involves a number of steps. First, AI Snapshot captures computer information before the software is installed. Then, you install the software and AI Snapshot captures the computer information again. Finally, AI Snapshot creates the installation script file that contains the differences. The default name for the installation script is Install.aic. To generate an AutoInstall installation script: Capture computer information before the software installation. Note: If you monitor only the disks affected by the installation, the monitor process goes faster. For example, if the installation affects drive C, you don't need to monitor drive D. a Disable any programs that are running in the background. b If the installation process includes restarting the computer, disable any programs that execute during the restarting process. c On the Windows taskbar, select Start—>Programs—>Symantec Ghost —>AI Snapshot. d If you want to change the locations on the model computer that AI Snapshot monitors, or if you want to change AI Snapshot’s working directory, then click Options, make the appropriate changes, and click OK. e Click Next. When AI Snapshot finishes analyzing your system, the Start Your Installation screen appears.

1

10–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

2

Monitor the software installation.

CAUTION

For a Microsoft installation, it is important that you allow AI Snapshot to perform a complete scan of the computer by cancelling all restarts until the package is built.

In the Start Your Installation screen, perform one of the following: › Type the path to the software's installation program, usually named Setup.exe. › Click Browse, and then navigate to the file. b Click Monitor. c During the installation, select the options in the application being installed that you want to install on the target computers. d Perform one of the following: Microsoft installation

Cancel any restart by clicking No or pressing Ctrl+Esc to continue creating the AI package.

All other installations

Restart the computer if the installation requires it.

Type a name for the installation package when the software installation is complete. The default name is INSTALL. 3 Capture computer information after the software installation. a In the Is Software Installation Complete window, click Compare to check the new configuration against the original configuration. b Click OK when the installation script file name appears. 4 Build the AutoInstall package. a At the Ready to Build screen, click Build. Note: If you would like to customize the installation script or add an uninstall command before building the package, click Modify. The script opens in AI Builder, allowing you to make needed modifications. Once you have modified the installation script, you should build the package before any further changes are made to the model computer. This prevents the changes from being included in the package. b Click Finish. e

Lesson 10 Creating AutoInstall Packages to Automate Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

10–9

10

a

Customizing AutoInstall Packages

You can edit the installation script text file in AI Builder to build customized packages to: •Add a specialized splash screen to the package. •Customize an installation process to run automatically without user interaction. •Check for and removing obviously unnecessary files or registry keys to help make packages more stable. •Replace specific user profile names or directories with system variables (such as $AllUsersDir$ or $WINDIR$) to make it possible to deploy a package to multiple computers.

Customizing AutoInstall Packages AI Builder uses the installation script created by AI Snapshot to build an AI package. You can edit the installation script in AI Builder to build customized packages to meet your needs. For example, you can: • Add a specialized splash screen to the package. • Customize a lengthy installation process to run automatically without user interaction. • Check for and remove obviously unnecessary files or registry keys to help make packages more stable. • Replace specific user profile names or directories with system variables (such as $AllUsersDir$ or $WINDIR$) to make it possible to deploy a package to multiple computers. The installation script is an ASCII text file containing commands that dictate how the software package is installed. AI Builder integrates graphics, sound, and animation. It includes messages and questions and allows .ini file and registry editing. The checklist interface guides you through the required steps. Installations can test for CPU, RAM, and video configurations. You can use If statements to adapt to individual configurations. AI Builder creates a wizard interface for AI packages that can be run on the client. Note: If the customized installation requires user interaction, it cannot be deployed by the console.

10–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Command Type

Description

Base Installation

Defines how the installation begins. Example: Select WindowsItem to add, remove, or r eplace items within a program group.

Appearance

Defines how the installation appears to the user. Example: Select IntroScreen to display a graphic when the installation begins.

Messages & Input

Adds messages that require user input. Example: Select Prompts to change the messages displayed during the installation.

System Changes

Makes changes to Windows during the installation. Example: Select Registry to insert or delete items in the Windows registry.

If Conditions

Lets you include If statements for unattended installations. Example: Select IfMemory() to check a memory value during the installation.

Defaults & Calls

Sets up defaults and includes calls to external programs. Example: Select RunAtExit to run an external program at the end of the installation.

10

Customizing AutoInstall Packages

The following table outlines the command types that are available in AI Builder. Command Type

Description

Base Installation

Defines how the installation begins. For example, select WindowsItem to add, remove, or replace items within a program group.

Appearance

Defines how the installation appears to the user. For example, select IntroScreen to display a graphic when the installation begins.

Messages & Input

Adds messages that require user input. For example, select Prompts to change the messages that display during the installation.

System Changes

Makes changes to Windows during the installation. For example, select Registry to insert or delete items in the Windows registry.

If Conditions

Lets you include If statements for unattended installations. For example, select IfMemory() to check a memory value during the installation.

Defaults & Calls

Set up defaults and include calls to external programs. For example, select RunAtExit to run an external program at the end of the installation.

Lesson 10 Creating AutoInstall Packages to Automate Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

10–11

Customizing AutoInstall Packages

1 2

Edit installation script text file in AI Builder. Build customized AI package.

To customize an AutoInstall Package: 1 Edit the installation script. a Start AI Builder (Start—>Programs—>Symantec Ghost —>AI Builder). b Open the installation script that you want to modify. The default location for script files is: C:\Documents and Settings\\Application Data\Symantec\Ghost\Working\Configs\

In the AI Builder window, in the left pane, expand a command type. For attended installations, you can add custom screens and messages, as well as graphics and sound files. For unattended installations, you can add If conditions to check client compatibility before the installation proceeds. d Select a command. e In the AI Builder window, in the right pane, type the parameters for the selected command. f Perform one of the following: c

To add a command

Click Add.

To modify a command

Select the command and click Modify.

To remove a command

Click Remove.

Continue adding, modifying, or removing commands as needed until the installation script is complete. 10–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Build the customized AI package. a From the Build menu, select Build. b When asked if you want to save changes to the existing script file, click Yes. c In the Build Install dialog box, specify the build directory, if needed, then click Build. d When prompted to overwrite the existing output file (that is, the AI package), click Yes. e When the build process is complete, click OK and close AI Builder. 10

2

Adding an Uninstall Command to the Installation Script AI Builder places an uninstall program in the AI Builder working directory and creates a hidden file, Uninstall.aic, that captures the changes made during the installation. Successive installations modify the Uninstall.aic file so that the uninstall program returns the system to the state before the first installation. The uninstall program places an option on the Control Panel Add or Remove Programs dialog box from which the user can uninstall the application. To include an uninstall command in an AI package: 1 In the left pane of the builder options, select BASE INSTALLATION, and then click UnInstall to include an uninstall package. 2 Check Remove Groups During Uninstall to remove any program groups that were created during the installation. Use this option cautiously, because some users may select an existing group for the installation or add files to the group after installation. 3 Type the name for the uninstallation in the space provided. This name appears on-screen when the uninstallation runs. 4 Click Add to record the options that you have chosen.

Lesson 10 Creating AutoInstall Packages to Automate Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

10–13

Validating AutoInstall Packages

To ensure that AutoInstall packages work correctly, perform the following before deploying the packages to users: 1.Run the package on a clean test computer to make sure that the package installs correctly in the most basic environment. 2.Run the package on a test computer that accurately reflects the average computing environment of your users. 3.If you are planning to deploy the package to multiple operating systems, test the package separately on each operating system.

Validating AutoInstall Packages Once you have created a package, it is important that you test it thoroughly before you start deploying it to users’ computers. Adequate testing helps you avoid software compatibility issues and other problems related to deploying new software. First, run the package on a clean test computer to make sure the package installs correctly in the most basic environment. If you added an uninstall command to the installation script, make sure you also test uninstalling the package. Next, run the package on a test computer that accurately reflects the average computing environment of your users. This test helps ensure that the package will not conflict with other software your company uses on a regular basis. Finally, if you are planning to deploy the package to multiple operating systems, test the package on each operating system. As stated earlier, however, AutoInstall is designed to install packages to computers with the same hardware and operating system as the model computer. If your organization runs multiple Windows operating systems, the best practice is to set up a different AutoInstall model computer for each operating system and build a separate package version for each OS.

10–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary Key Points In this lesson, you learned about: – How AutoInstall works – Setting up a model computer and installing AI Snapshot and AI Builder on the computer 10

– Using AI Snapshot to generate an AutoInstall installation script – Editing the installation script created by AI Snapshot – The importance of validating AutoInstall packages and how the validation process works

Lab 10: Creating AutoInstall Packages In this lab, you create a PE Builder AutoInstall package.

Lesson 10 Creating AutoInstall Packages to Automate Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

10–15

10–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console

Lesson Introduction • Lesson 1: Computer Lifecycle Managem ent and Sym antec Products • Lesson 2: Ghost Solution Suite Product Overview • Lesson 3: Installing Ghost Solution Suite • Lesson 4: Creating Boot Packages • Lesson 5: Using Boot Packages • Lesson 6: Creating and Restoring Images • Lesson 7: Creating and Restoring Master Images • Lesson 8: Deploying Images • Lesson 9: Automating the Creation and Restoration of Images • Lesson 10: Creating AutoInstall Packages to Autom ate Post-Deployment Customizations • Lesson 11: Integrating and Configuring Windows Desktop Com puters in the Ghost Console

Lesson Topics and Objectives After completing this lesson, you will be able to:

Topic

11–2

P ur pose of the Ghost Console

Describe the purpose of the Ghost Console.

Preparing for Client Integr ation

Prepare the Ghost environment for client integration.

Installing the Console Client

Install the Console Client.

Setting Global Pr operties for Managed Clients

Configur e settings that apply automatically to all client com puters detected by the Ghost Console.

Gr ouping Clients in the G host Console

Explain the benefits of using gr oups in the Ghost Console and create a new group.

Creating Tasks in the Ghost Console

Cr eate a basic task in the G host Console.

Populating the G host Console with Client Infor mation

Populate the Ghost Console database w ith client inventory and configuration inform ation.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Purpose of the Ghost Console The Ghost Console lets you organize client computers and perform a wide variety of client management tasks, such as: •Creating and restoring images •Deploying AutoInstall (AI) packages to clients •Migrating user data •Transferring files to clients •Executing commands on clients •Altering the configuration settings on individual clients or groups of clients

•Running the Microsoft Sysprep application •Organizing and managing client computers, image files, configuration sets, and other resources

Purpose of the Ghost Console The Ghost Console lets you organize client computers and perform a wide variety of client management tasks from a centralized location. These tasks include: • Creating and restoring images • Deploying AutoInstall (AI) packages to clients • Migrating user data • Transferring files to clients • Executing commands on clients • Altering the configuration settings on individual clients or groups of clients • Gathering hardware and software inventory data for clients, and creating reports from this data • Running the Microsoft Sysprep application • Organizing and managing client computers, image files, configuration sets, and other resources required to complete these tasks

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–3 Copyright © 2008 Symantec Corporation. All rights reserved.

11

•Gathering hardware and software inventory data for clients, and creating reports from this data

Overview of Ghost Console Tasks Ghost Console tasks: •Are sets of instructions carried out by the Ghost Console •May contain one or more steps •Enable the Ghost Console to perform its various functions

Overview of Ghost Console Tasks A Ghost Console task is a set of instructions carried out by the Ghost Console. The task may contain one or more steps. If multiple steps are included in a single task, the Ghost Console decides the order in which the steps must be performed. The administrator has no control over this order.

11–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Prerequisites for Running Tasks on Clients Before you can assign tasks to clients, you need to: 1.Install the Ghost Client Agent on all client computers. 2.Group the client computers in the Ghost Console to create a specific set of target computers to receive the task.

11

3.Create the task and set up the appropriate task steps.

Prerequisites for Running Tasks on Clients There are a number of procedures you need to perform before you can assign tasks to clients. These procedures are as follows: 1 Install the Ghost Client Agent on all client computers. 2 Group the client computers in the Ghost Console to create a specific set of target computers to receive the task. 3 Create the task and set up the appropriate task steps. The preparation and procedure for remotely installing the Ghost Client Agent was covered in the “Installing the Ghost Solution Suite” lesson. The procedures for grouping computers and creating tasks are covered later in this lesson.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–5 Copyright © 2008 Symantec Corporation. All rights reserved.

Preparing for Client Integration Before you can integrate clients into the Ghost Console, you must: •Prepare the Ghost Console •Prepare Windows desktop clients

Preparing for Client Integration Prior to installing the Ghost client on computers you want to manage across a domain, you need to create a Console Service account on the domain and configure security settings on Windows Vista/XP computers. Preparing the Ghost Console During installation, a service is installed called the Configuration Server. This service is responsible for task execution and client communication. One of its roles is to create and remove computer accounts in Windows domains if computers are added to domains during the execution of a task. The Configuration Server is also required when you are changing a computer name or taking an image of a computer that belongs to a domain. To perform this role, a Console Service user account must be created in the domain. The Configuration Server logs on as this user. The user does not have interactive logon rights and does have the rights to create computer accounts in the domain. When a Console Service account is created on the domain, the domain is now supported for Configuration Server operations. You can either create a Console Service account from the Symantec Ghost Console or create a Console Service account manually. Note: You must set some rights for the account. The user of the Console Service account must have the authority to create an account in the domain. To create Console Service accounts from the Symantec Ghost Console:

11–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

1 2 3 4 5

6

On the Console server, on the Windows taskbar, select Start—>Programs—> Symantec Ghost—>Ghost Console. From the Tools menu, select Supported Domains List. Click Add. Click Browse to select a domain. Verify that the option “Create Console Service Account in the domain” is selected, type a user name and password that has domain administrator rights to create a Console Service account on the domain, then click OK. In the Domain Administration screen, click Close.

To increase security, you may want to use the Windows administration tools on the domain server to change the password for the Console Service user account. You must then edit the Console Service account password through the Ghost Console. If you change the Console Service account’s user name, you must remove from the supported domains list any domains that have previously been added with this user. You then must add the domains to the new Console Service account. To edit the Console Service account: 1 On the Console server, on the Windows taskbar, select Start—>Programs—> Symantec Ghost—>Ghost Console. 2 On the Tools menu, click Supported Domains List. 3 In the Domain Administration dialog box, click Edit. 4 In the User Name field, type the Console Service account name. 5 In the Password field, type the Console Service password. 6 Click OK. 7 Click Close. Preparing Windows Vista Clients for Remote Installation Before you remotely install the Console client on Windows Vista computers you must verify that the following conditions are met: • If the Windows Firewall is turned on, you must verify that File and Printer Sharing is added to the Firewall Exceptions list. • If a firewall other than Windows Firewall is turned on, you may need to allow the following ports: For UDP: 137 and 138 For TCP: 139 and 445 • The administrator user account on the client computer must have a password. • If the client computer belongs to a workgroup, you must either turn on the built-in Administrator account, or turn off the User Account Control. To add File and Printer Sharing to the Exceptions List on a Windows Vista computer: 1 On the client computer, click Start. Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–7 Copyright © 2008 Symantec Corporation. All rights reserved.

11

Editing the Console Service Account

In the Start Search field, type Firewall.cpl. 3 On the Windows Firewall dialog box, click Change Settings. 4 Under the Exceptions tab, verify that File and Printer Sharing is checked. 5 Click OK. 2

To turn on the built-in Administrator account for Windows Vista: 1 On the client computer, log on as a user that has administrator rights. 2 On the Control Panel, click Classic View. 3 Click Administrative Tools. 4 Click Computer Management. 5 Select System Tools—>Local Users and Groups—>Users. 6 Double-click the Administrator user. 7 Uncheck Account is disabled. 8 Click OK. 9 Right-click Administrator and click Set Password. 10 Set a password for the Administrator account and click OK. To disable the User Account Control in Windows Vista: 1 On the client computer, log on as a user that has administrator rights. 2 On the Control Panel, click User Accounts. 3 Click Turn User Account Control on or off. 4 Uncheck Use User Account Control (UAC) to help protect your computer. 5 Click OK. 6 Restart the computer. Preparing Windows XP SP2 Clients for Remote Installation Before you remotely install the Console client on Windows XP Service Pack 2 computers, you must verify that the following conditions are met: • If the Windows Firewall is turned on, you must verify that File and Printer Sharing is added to the Firewall Exceptions list. • If a firewall other than Windows Firewall is turned on, you may need to allow the following ports: For UDP: 137 and 138 For TCP: 139 and 445 • The administrator user account on the client computer must have a password. • You must ensure that simple file sharing is turned off. To alter client computer security settings on a Windows XP SP2 computer: 1 On the client computer, select Start—>All Programs—>Accessories—> Windows Explorer. 2 In Windows Explorer, on the Tools menu, click Folder Options. 3 On the View tab, under Advanced Settings, uncheck “Use simple file sharing”. 4 Click OK. 11–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

11

To add File and Printer Sharing to the Exceptions List on a Windows XP SP2 computer: 1 On the client computer, select Start—>Run. 2 In the Run dialog box, type Firewall.cpl. 3 Click OK. 4 On the Windows Firewall dialog box, under the Exceptions tab, verify that File and Printer Sharing is checked. 5 Click OK.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–9 Copyright © 2008 Symantec Corporation. All rights reserved.

Installing the Console Client

There are two methods for installing the Console client: •Use the Ghost Console to install the client remotely on computers running Windows Vista/2000/XP. •Use the Symantec Ghost CD to manually install the client on one workstation at a time.

Installing the Console Client You can install the Console client in either of the following ways: • Install the Console client remotely from the Symantec Ghost Console. You can install the Console client on computers that run Windows Vista/XP/ 2000. You cannot remotely install the Console client on Windows XP Home computers. • Manually install the Console client on a workstation from the Symantec Ghost CD. Remotely Installing the Console Client Once you have installed the Symantec Ghost Console, you can perform remote client installations. If the Ghost Console is running on a Windows Vista computer and you are having problems installing the Console client to clients, then verify that the LAN Manager authentication level setting on the Console computer is the same setting as the setting on your client computers. The Console computer setting might be incompatible with the setting on your client computers. The default level in Windows Vista is Send NTLMv2 response only. Note: On the client computer, the share C$ must be shared for administrative purposes to allow remote client installation.

11–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Manually Installing the Console Client You can install the Console client directly on a client computer from the installation CD. To manually install the Console client: 1 Insert the Symantec Ghost Solution Suite CD into the CD-ROM drive of the client computer. 2 In the Symantec Ghost Solution Suite installation window, click Install Symantec Ghost Corporate Edition. 3 Click Install Console Client. 4 At the installation wizard’s welcome screen, click Next. 5 Accept the terms of the license agreement, and then click Next. 6 At the Connect to Server screen, type the computer name of the Ghost Console server. 7 Click Next. 8 At the Destination Folder screen, confirm the installation location. 9 Click Next. 10 Click Install to start the installation process.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–11 Copyright © 2008 Symantec Corporation. All rights reserved.

11

To remotely install the Console client: 1 On the computer where the Ghost Console is installed, select Start—> Programs—>Symantec Ghost—>Ghost Console. 2 From the Tools menu, select Remote Client Install. 3 In the Remote Client Installation window, expand the Network tree until the computers you want to include in the client installation are displayed, then select the computers and click Add. You can select multiple computers under different domains. 4 In the Administrator User Account dialog box, enter credentials needed to log in to the selected computers as an administrator (for example, domain admin credentials), then click OK. 5 Click Install. 6 When the installation is complete, click OK.

Setting Global Properties for Managed Clients In the Ghost Console, select ToolsÆOptions.

Setting Global Properties for Managed Clients You can set default client properties in the Ghost Console. These settings apply automatically to all client computers detected by the Ghost Console. These settings are used unless you set the individual computer or task properties to override them. To modify global properties for managed clients: 1 In the Ghost Console, on the Tools menu, select Options. 2 In the Options window, click the Client tab. 3 Set properties as needed, then click OK to apply the changes and close the Options window.

11–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Property

Description

Client Warning

Warns users that the Ghost Console is about to run a task and gives them the option to cancel the task

Client Heartbeat

Sets the frequency with which clients send update messages to the Ghost Console

Virtual Partition Default PreOS

Sets the default PreOS used for the Ghost virtual partition on all clients

Default DOS Network Template

Sets the network driver that clients use to connect to the network when running tasks under DOS

Client User Interface

Enables users to initiate tasks from the Ghost Client Agent icon in their com puter’s system tray

Following are descriptions of the global client properties you can set: Property

Description

Client Warning

Warns users that the Ghost Console is about to run a task and gives them the option to cancel the task.

Client Heartbeat

Sets the frequency with which clients send update messages to the Ghost Console. If your computers are networked over a WAN, you might set this number lower to reduce network traffic. If you set the client heartbeat to 0, the status of the client computer is indicated as “Unavailable” on the Ghost Console.

Virtual Partition Default PreOS

Symantec Ghost creates a virtual partition automatically when a task that requires a computer to restart in a PreOS environment is executed. Both PC-DOS and WinPE are available, both of which are supplied with Ghost. The default is WinPE. If you want to use DOS but your computers don’t run under PC-DOS, you need to provide Ghost with MS-DOS system files. (For details on how to do this, see the topic “Creating Boot Packages with the Ghost Boot Wizard” in the “Creating Boot Packages” lesson.) Two versions of WinPE are supplied with Ghost: WinPE, which is designed to run on 256 MB RAM computers, and WinPE-512, which is designed to run on 512 MB computers. Win PE-512 includes more drivers and packages.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–13 Copyright © 2008 Symantec Corporation. All rights reserved.

11

Global Properties for Managed Clients

11–14

Property

Description

Virtual Partition Default PreOS (continued)

The PreOS version you specify here is the default version for all clients. You can choose a different PreOS version for individual clients, by changing the client property settings. Note: When Ghost boots a client into WinPE from the virtual partition, it boots into the WinPE Ramdisk environment, removes the virtual partition from the partition table, and restores the partition table and MBR to exactly what was in the operating system before booting into WinPE. It attempts to return the drive letters to what they were in the operating system, with the exception of X:, which is dedicated to the WinPE ramdisk. As soon as the client reboots from WinPE it should go back to the main operating system.

Default DOS Network Template

Sets the network driver that clients use to connect to the network when running tasks under DOS.

Client User Interface

Enables users to initiate tasks from the Ghost Client Agent icon in their computer’s system tray. This permits users to execute tasks at their own convenience. It also permits administrators to execute tasks immediately from a client without having to return to the Ghost Console computer.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Overriding Global Properties for Individual Clients

11

In the Ghost Console, right-click a client and select Properties.

Overriding Global Properties for Individual Clients To override global properties for individual clients: 1 In the Ghost Console, right-click the client whose properties you want to modify, and then select Properties. 2 Click the Client tab. 3 Adjust client settings (client heartbeat, default PreOS, or default network template) as needed.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–15 Copyright © 2008 Symantec Corporation. All rights reserved.

Creating Groups

Grouping Clients in the Ghost Console Overview of Ghost Console Groups Grouping computers lets you distinguish among computers with different user requirements. For example, you could create a group of client computers for students and a group for teachers. You could then run a task to restore the appropriate image file to the student computers, and then run another task to restore another image file to the teacher computers. Computer group information is stored in folders under the top-level Machine Groups folder in the Symantec Ghost Console. You can have a hierarchy of subgroups under the main groups so that a subgroup can be selected for a task, or you can apply a task to a main group that includes the subgroups. For example, you might have an Administration folder, and beneath that, an HR folder and a Payroll folder. A computer can be added to any one of these three groups. A task can be applied to either the HR group or the Payroll group. To execute the task for both HR and Payroll, select the Administration folder. The task executes for both the HR group and the Payroll group as well as any computers that are grouped in the Administration folder. Creating Groups The Ghost Console detects its client computers on the network and automatically adds them to the Default group in the Machine Groups folder. You can use this group if you want, or you can create new computer groups to suit your requirements.

11–16

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

11

To create a new computer group: 1 In the Ghost Console’s left pane, expand the Machine Groups folder. 2 Expand the computer group folder in which you want to place the new computer group. 3 In the Machine Groups pane, right-click an empty area and select New Folder from the quick menu. 4 Type a name for the new computer group. 5 Press Enter or click anywhere in the Symantec Ghost Console to confirm the name. The new group is added to the computer group hierarchy. You can now add computers to this group.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–17 Copyright © 2008 Symantec Corporation. All rights reserved.

Adding Managed Computers to Groups

After being pasted, this machine exists in both the “Symantec” and “Dev” groups.

Adding Managed Computers to Groups All the client computers must belong to a computer group. When you install the Ghost Client Agent on a computer, the client is automatically added to the Default group. You can copy or move the computers into other groups as appropriate. A computer may belong to two or more different groups. Following are some restrictions for adding computers to a group: • You cannot copy or move a computer into the Machine Groups folder. This folder is not a computer group, instead it is a container for your computer groups. • A computer group may contain only one copy of a computer. A computer group includes the main group folder and all its subfolders; therefore, each computer may appear only once under each main folder. (A main folder is a folder immediately below the Machine Groups folder.) To add a computer to a group you have created: 1 In the Ghost Console’s left pane, expand the Machine Groups folder. 2 Click the Default group. 3 In the Group pane, right-click the computer you want to add to a group, and then select Copy. 4 In the Ghost Console’s left pane, select the group where you want to add the computer. 5 In the Group pane, click Paste. The computer is added to the selected group.

11–18

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Task Step

Description

Clone

Restores a specified image file onto a client computer or group of computers

DeployAnywhere

Tells Ghost to use the DeployAnywhere driver database to install needed drivers when restoring a hardwareindependent image to clients

Configuration

Applies specified configuration settings to clients

Refresh Configuration

Reads configuration from clients and updates their default configuration settings in the Console

Refresh Inventory

Gathers inventory infor mation from clients and updates the Console’s inventory database

User Migration: Capture

Captures user files, application settings, and registry settings from clients and stores them in user packages

User Migration: Restore

Restores user files, application settings, and registry settings from user packages to clients

Softwar e and File Actions

Installs and uninstalls AutoInstall packages, transfer s files and folder s, retrieves files, and executes commands on clients

Creating Tasks in the Ghost Console Once you have installed the Ghost Agent software on all client computers and grouped the clients in the Ghost Console, you are ready to create tasks. The following table lists the available task steps. Task step

Description

Clone

Restores a specified image file onto a client computer or group of computers

DeployAnywhere

Tells Ghost to use the DeployAnywhere driver database to install needed drivers when restoring a hardwareindependent image to clients

Configuration

Applies the specified configuration settings (computer name, domain membership, and so on) to the client computers

Refresh Configuration

Reads the configuration from client computers and updates their default configuration settings in the Ghost Console database

Refresh Inventory

Gathers inventory information from client computers and updates the Inventory database on the Ghost Console server

User Migration: Capture

Captures user files, application settings, and registry settings from client computers and stores them in user packages

User Migration: Restore

Restores user files, application settings, and registry settings from user packages to client computers

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–19 Copyright © 2008 Symantec Corporation. All rights reserved.

11

Task Steps

Task step

Description

Software and File Actions

Installs and uninstalls AutoInstall packages on client computers, transfers files and folders to client computers, retrieves files from client computers, and executes commands on client computers.

Note: Image creation is not included in the preceding table because it exists as a stand-alone task, not a task step, in the Ghost Console. There are two categories of tasks you can create in the Ghost Console—normal tasks and “image create” tasks. This topic discusses how to create normal tasks. Image create tasks will be discussed in a later lesson. To create a task: 1 In the Ghost Console’s left pane, expand the Tasks folder. 2 Expand the folder where you want to store the new task. 3 In the Tasks pane, right-click an empty area, and then select New Task from the quick menu. 4 In the Properties For New Task window, type the name for the new task in the Name field. The name can be anything you want, up to a maximum of 50 characters, as long as you do not duplicate the name of an existing task in the same folder. 5 Under Task Steps, select the task steps that you want to include in the task. You must include at least one step in a task. When you deselect a step, the corresponding tab is hidden. Only the tabs relevant to the selected steps are shown. 6 Select the refresh steps that you want to include in the task. These steps have no tab associated with them, since you do not need to set any properties. 7 Under Target Machine Group/Machine, click Browse; select the computer, machine group, or dynamic machine group to which you want to apply the task; and then click OK. 8 If you want to be able to execute the task from the client computer, select the option Allow Client Initiation. This option does not become available until you complete all of the required information in the task. 9 Click Set Password and type the authorization password that the client user must provide to run the task. You must retype the password in the box below to confirm the password. The client users are prompted to type this password when they try to run the task. 10 If you want to override the default network properties for the task, make the appropriate settings on the Network tab. 11 On each of the remaining tabs, set the properties for each step that you have included in the task.

11–20

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

12 Perform one of the following:



11



To save the task, click Save. The new task is added to the Tasks folder and is available for use. To run the task, click Execute.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–21 Copyright © 2008 Symantec Corporation. All rights reserved.

Populating the Ghost Console with Client Information

Populating the Ghost Console with Client Information One of the first tasks you should run on your managed computers is a client inventory and configuration refresh task. This task is important because it populates the Ghost Console database with all the latest information about what software is installed on the managed computers and how they are currently configured. The configuration data is particularly important because the Ghost Console needs this information to run configuration-related tasks (such as changing computer names). To populate the Ghost Console database with client inventory and configuration information: 1 In the left pane of the Symantec Ghost Console, click the Tasks folder. 2 In the Tasks pane, right-click an empty area, then select New Task from the quick menu. 3 In the Properties For New Task window, type “Refresh Inventory and Config for Default Group” in the Name field. 4 Under Refresh Steps, select the following options: – Refresh Configuration – Refresh Inventory 5 Under Target Machine Group/Machine, browse to and select the Default group, then click OK. 6 Click Save. 7 Click Execute. 8 Click Yes to execute the task.

11–22

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary Key Points In this lesson, you learned about: – The purpose of the Ghost Console. – Preparing the Ghost environment for client integration. – Installing the Console Client. – Configuring settings that apply automatically to all client computers detected by the Ghost Console. – The benefits of using groups in the Ghost Console and create a new group. – Populating the Ghost Console database with client inventory and configuration information.

Lab 11: Integrating and Configuring Windows Desktops in the Ghost Console In this lab, you: •Prepare systems for integration with the Ghost Console. •Remotely integrate systems into the Ghost Console. •Group managed systems. •Populate the Ghost Console database with client information. •Change client configurations.

Lesson 11 Integrating and Configuring Windows Desktop Computers in the Ghost Console 11–23 Copyright © 2008 Symantec Corporation. All rights reserved.

11

– Creating a basic task in the Ghost Console.

11–24

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 12 Using the Ghost Console to Create and Restore Images

Lesson Introduction • Lesson 12: Using the Ghost Console to Create and Restore Images • Lesson 13: Using the Ghost Console to Migrate OS-Based User Profiles • Lesson 14: Using the Ghost Console to Perform Post-Deploym ent Customizations • Lesson 15: Using Client Inventory Reports in the Ghost Console • Lesson 16: Preparing to Remove a Computer from Production

Lesson Topics and Objectives After completing this lesson, you will be able to:

Topic

12–2

Overview of Imaging Tasks

Describe the purpose of the image create task and the clone task.

Configuring the G host Console to Use the Im age Repository

Configur e the Ghost Console to use an image repository for storing all im ages in a centr al netw ork location.

Building and Running an Image Create Task

Use the Ghost Console to build an im age create task, and then r un the task imm ediately or schedule it to run later.

Building and Running a Deploy Anyw her e Clone Task

Use the Ghost Console to build a DeployAnywhere clone task, and then r un the task imm ediately or schedule it to run later.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Overview of Imaging Tasks Image Create Task A special task that enables you to capture an image (either a normal backup image or a hardware-independent image) of a client computer

Clone Task A regular task in which you select and configure the “Clone” task step; this task lets you restore an image file to one or more client computers

12

Overview of Imaging Tasks Image Create Task The image create task is a special task that enables you to capture an image of a client computer. When you build an image create task, you must select the reference computer (that is, the computer you want to capture an image of), assign an image definition to the task, and optionally set the network and Sysprep parameters. Clone Task The clone task is a regular task in which you select and configure the Clone task step. This task lets you restore an image file to one or more client computers. You can restore an image file to a single computer, or restore the same image to all the computers in a computer group. If you have saved an image file locally on each of the target computers using the same name and location, you can restore them all in a single task.

Lesson 12 Using the Ghost Console to Create and Restore Images Copyright © 2008 Symantec Corporation. All rights reserved.

12–3

Configuring the Ghost Console to Use the Image Repository

1 2 3

Update Sysprep versions in Console (Win 2000/XP only). Add Sysprep configuration to Console. Add image definition to Console.

Configuring the Ghost Console to Use the Image Repository Before you can use the Ghost Console to create images to or deploy a master image from a central location on your network, you must configure the Console to use your image repository. To accomplish this, perform the following: 1 If you are planning on using the Ghost Console to deploy Windows 2000/XP, you must update the Sysprep versions in the Console. This step is not necessary for Windows Vista because the required Sysprep files are built into the operating system. Before you can update Sysprep versions in the Console, you must first obtain the appropriate Sysprep files. For instructions on obtaining Sysprep files, see the lesson “Creating a Master Image File” earlier in this student guide. After all the needed Sysprep files are available on the Console computer, perform the following to update the Sysprep versions in the Console: a In the Console, select Tools—>Supported Sysprep Versions. b In the Supported Sysprep Versions window, select the Sysprep configuration you want to update (Windows 2000, Windows XP, or Windows XP 64-bit) and click Update. c In the Properties window, click Browse, locate and select the folder where you placed the Sysprep files, and click OK. d Click OK to close the Properties window. The version numbers for the sysprep.exe and setupcl.exe files are displayed next to the version of Windows you selected. e Click OK to close the Supported Sysprep Versions window.

12–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Add a Sysprep configuration to the Console’s configuration resources. After you have updated the appropriate Sysprep versions, you can create and modify Sysprep configurations. A Sysprep configuration includes an answer file and, optionally, additional files that may be needed on target computers, such as required drivers. To add a Sysprep configuration: a In the Console’s left pane, expand the Configuration Resources folder and select Sysprep Configurations. b In the Console’s right pane, right-click an empty area and select New Sysprep Configuration. c In the Name field, type a name for the Sysprep configuration (for example, WinXP). d To the right of the Version field, click Browse. e Select the version of Sysprep you want to use and click OK. f In the Answer File Status group box, do one of the following: › Click Import, then browse to and select a Sysprep answer file you have already created. › To use the Console to create a basic Sysprep answer file, click Create and fill out the “Create sysprep answer file” form. Note that this method offers only a limited selection of the settings and options available in Microsoft’s Sysprep answer file creation tools. g To save the Sysprep configuration, click OK. 3 Add an image definition to the Console’s configuration resources. The image definition points the Console to your image repository, enabling you to create and restore images from a central network location. To create an image definition: a In the Console’s left pane, expand the Configuration Resources folder and select Images. b In the Console’s right pane, right-click an empty area and select New Image. c In the Name field, type a name for the image definition (for example, WinXP). d In the Location field, type the UNC path to your image repository and include the image filename in the path. Note: If an image file with the name you specify already exists at that location, the status of the image file is displayed, including the partitions included in the image and the image description (if any). e In the Properties for New Image window, click OK. The image definition is added to the Console, and the Console is now configured to use the image repository so you can create and restore images across the network.

Lesson 12 Using the Ghost Console to Create and Restore Images Copyright © 2008 Symantec Corporation. All rights reserved.

12–5

12

2

Building and Running an Image Create Task

Building and Running an Image Create Task To build and run an image create task: 1 In the Console’s left pane, select the Tasks folder. 2 In the Console’s right pane, right-click an empty area and select New Image Create Task. 3 On the General tab, set the following properties: – The task name – The drive and partition you want to image on the source computer – The image definition (that is, the location of the image repository where the image will be stored) – Data compression settings for the image – Whether the client computer can initiate the image create task – Whether to remove the client from the domain before the image is captured (when creating a master image, select this option) – Whether to use hot imaging to capture the image Note: The hot imaging feature, new in Ghost Solution Suite 2.5, enables you to capture an image of the client’s operating system without having to reboot into a PreOS environment. This option is useful if you want to quickly capture a backup of a client’s operating system. However, do not select this option when capturing a master image because hot imaging is not compatible with the Sysprep process (Sysprep strips information from the client computer and shuts down the client). – Advanced image creation options, such as Ghost command-line switches and whether to include the Ghost boot partition, if any, in the image 12–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

4 5

6 7

12

8

Click the Network tab and set the data transfer mode and data throughput limits to optimize the way image files are transferred over your network. To select a Sysprep configuration you defined previously and to choose various options for creating hardware-independent images, click the Sysprep tab. Note: When creating a master image from the Console, be sure to select the options “Tell Sysprep to perform a SID change” and “Run the MiniSetup wizard.” Click Save. The new task is added to the Tasks folder. If you want to run the task immediately, click Execute. The task runs immediately, and the lower pane of the Console shows the progress of the task. If you want to schedule the task to run at a later time, perform the following: a Close the task’s Properties window. b In the Tasks pane, right-click the image create task and select Schedule. c Click the Schedule tab. d Select the appropriate Schedule Task, Start Time, and Run On settings, then click OK.

Lesson 12 Using the Ghost Console to Create and Restore Images Copyright © 2008 Symantec Corporation. All rights reserved.

12–7

Building and Running a DeployAnywhere Clone Task 1 Create new task in Console. 2 Select Clone and DeployAnywhere task steps. 3 4

Select computers you want to clone. Configure clone settings.

5 Configure DeployAnywhere settings. 6 Save task. 7 Execute task imm ediately, or schedule for later.

Building and Running a DeployAnywhere Clone Task In most cases, you deploy a master image by using a boot package that boots target computers into a PreOS environment and then runs Ghost. However, there are instances when it is useful to restore a master image to computers on which an operating system is already installed. For example, suppose you have a user whose computer crashes frequently. You are managing the computer from the Ghost Console, so you can use the Console to restore a corporate master image to the computer. This is a much faster approach than manually re-installing an operating system on the user’s computer. To use the Console to deploy a master image to managed clients, build a task that includes the Clone task step and the DeployAnywhere task step. The following is an overview of how a DeployAnywhere clone task works: • A master image is restored to the selected clients. Note that the Console client must be included in the master image so that communication can be established between the client computers and the Console in preparation for the DeployAnywhere process. • The DeployAnywhere executable ghDplyAw32.exe is run on the clients with the switches /eval and /managed. • DeployAnywhere sends back to the Console a list of NIC and storage drivers that are missing from the clients. • The Console checks the DeployAnywhere template driver database (by default located at C:\Documents and Settings\All Users \Application Data\Symantec\Ghost\Template \common\windrivers on the Console computer) and sends any missing drivers to the clients. 12–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

DeployAnywhere installs the missing drivers from the client’s copy of the driver database (whose location is specified by the /DDB switch) and performs other necessary configuration tasks.

To build and run a DeployAnywhere clone task: 1 Create a new task in the Console. a In the Console’s left pane, select the Tasks folder. b In the Console’s right pane, right-click an empty area and select New Task. c In the Name field, type a name for the DeployAnywhere clone task. The name can be anything you want, up to a maximum of 50 characters, as long as you do not duplicate the name of an existing task in the same folder. 2 Under Task Steps, select the Clone and DeployAnywhere task steps. 3 Under Target Machine Group/Machine, click Browse, select the computer or group of computers to which you want to clone (restore) the image, and click OK. 4 Configure clone settings. a Click the Clone tab. b In the Destination drive box, type a drive number, if required. c If you want to restore a partition in the image file to a particular partition on the target computers, select Partition Restore, then type a destination partition number. d Under Image, click Browse, select the image configuration you want to use, and click OK. e If you want to restore a single partition in the image file, under Source partition, select the appropriate partition from the drop-down list. If the image file does not yet exist, no partitions are defined. You can type a Source Partition number instead. f If you want to preserve specific files or folders on the target computers, click Preserve to set the file preservation options. g If you want to add more advanced features to the task using the command line, click Advanced to set the advanced feature options. 5 Configure DeployAnywhere settings. a Click the DeployAnywhere tab. b If you want the client to remain in the PreOS environment if the task fails (for example, you want to troubleshoot the failure in the PreOS environment), select the option “Remain in PreOS if DeployAnywhere fails.” c If you need to add NIC or storage drivers to the DeployAnywhere database, click Manage Drivers, then use the Windows Driver Database Editor to add the new drivers. 6 Click Save. The new task is added to the Tasks folder. 7 Click Execute to run the task immediately, or schedule the task to run at a later time. Lesson 12 Using the Ghost Console to Create and Restore Images Copyright © 2008 Symantec Corporation. All rights reserved.

12–9

12



Lesson Summary Key Points In this lesson, you learned about: – The purpose of the image create task and the clone task. – Configuring the Ghost Console to use an image repository for storing all images in a central network location. – Using the Ghost Console to build and run an image create task. – Using the Ghost Console to build and run a DeployAnywhere clone task.

Lab 12: Using the Ghost Console to Create and Restore Images In this lab, you: •Configure the Ghost Console to use the image repository. •Create and execute an image creation task. •Create and execute an image restoration task.

12–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 13 Using the Ghost Console to Migrate OSBased User Profiles

Lesson Introduction • Lesson 12: Using the Ghost Console to Create and Restore Im ages • Lesson 13: Using the Ghost Console to Migrate OS-Based User Profiles • Lesson 14: Using the Ghost Console to Perform Post-Deploym ent Customizations • Lesson 15: Using Client Inventory Reports in the Ghost Console • Lesson 16: Preparing to Remove a Computer from Production

Lesson Topics and Objectives

After completing this lesson, you will

Topic

13–2

be able to:

Overview of User Migr ations

Describe the types of user data you can capture and r estore with the Ghost Console.

Building User Migr ation Templates

Set up a migr ation template by specifying the set of files, application settings, and registry keys you want to captur e.

Capturing User Data

Set up and r un a task in the G host Console to capture user data from a computer.

Restor ing User Data

Set up and r un a task in the G host Console to restore user data to a computer.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Overview of User Migrations

User settings

You can use the Ghost Console to capture and restore:

Folders and files Registry entries

You can use the Ghost Console to capture a user’s personal files and settings from a computer, save them to a migration package, and restore the package to the same computer or to another computer. During a user migration you can perform tasks that preserve a user’s personal setup and reset applications with mandatory or personal configurations. You can use migration tasks to quickly move a user from one computer to another. If you installed an updated version of an application that Ghost supports, the restore task updates the user settings. You can capture and restore the following user information: User settings

You can capture desktop and application settings. For example, you can capture the following settings: • The default printer that is selected in Microsoft Word • A user’s screen saver or desktop wallpaper settings • A user’s Internet settings

Folders and files

You can capture entire folders or individual files from any Windows-accessible partition on the computer (for example, the My Documents folder).

Registry entries

You can capture individual registry entries, keys, or user hives.

Lesson 13 Using the Ghost Console to Migrate OS-Based User Profiles Copyright © 2008 Symantec Corporation. All rights reserved.

13–3

13

Overview of User Migrations

Components of a Migration Template Component

Description

Application settings

The applications for which you want to capture user settings. The list contains all the applications that Symantec Ghost supports.

Specified user files and folders to include or exclude

A specified set of user files and folders to include or to exclude. Each set contains a directory path and file definition and may include variables and wildcard characters. You can select files based on creation or modification dates and file size. You can specify a destination path and replacement options for the files that you want to include.

Specified registry keys to capture or exclude

The specified set of registry entries to capture or exclude. Each set contains a registry path and may include wildcard characters. You can specify a destination path and replacement options for registry keys that you want to include.

Building User Migration Templates You specify the user information that you want to capture by setting up migration templates. When you set up a migration template, you specify the set of files, application settings, and registry keys that you want to capture from a computer. You can create new migration templates at any time, and can modify existing templates to suit your requirements. The following table describes the components of a migration template. Component

Description

Application settings

The applications for which you want to capture user settings. The list contains all the applications that Symantec Ghost supports.

Specified user files and folders to include or exclude

A specified set of user files and folders to include or to exclude. Each set contains a directory path and file definition and may include variables and wildcard characters. You can specify whether to include or exclude particular sets of files. You can select files based on creation or modification dates and file size. You can specify a destination path and replacement options for the files that you want to include.

Specified registry keys to capture or exclude

The specified set of registry entries to capture or exclude. Each set contains a registry path and may include wildcard characters. You can specify a destination path and replacement options for registry keys that you want to include.

13–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Creating a Migration Template You can create new templates directly in the Configuration Resources folder or as you set up a User Migration: Capture task. Each template must contain at least one item to include or exclude, or it must contain an application setting.

13

To create a migration template in the Configuration Resources folder: 1 In the Ghost Console’s left pane, expand the Configuration Resources folder, then expand the User Migration Templates folder. 2 In the User Migration Templates pane, right-click an empty area and select New Migration Template from the quick menu. 3 In the Properties for New Migration Template window, type a name for your new migration template in the Migration Template Name field. 4 In the Supported Applications list, select the applications for which you want to capture user settings and files. The list contains all the applications that Symantec User Migration supports. To select an application, mark the checkbox next to the application name. If the application is not installed on the source computer then no settings are captured. 5 If you want to include or exclude additional files and folders in the template, click the Files and Folders tab and include or exclude files as needed. 6 If you want to include or exclude specific registry keys, click the Registry Keys tab and include or exclude registry keys as needed. 7 Click OK to save the migration template. The new migration template is added to the User Migration Templates folder and is available for inclusion in a capture task.

Lesson 13 Using the Ghost Console to Migrate OS-Based User Profiles Copyright © 2008 Symantec Corporation. All rights reserved.

13–5

Capturing User Data

Capturing User Data You capture user data from a computer by setting up and running a User Migration: Capture task. This capture saves the user data in a user package. You can use the package to restore the user data to the same computer or to another computer by running a User Migration: Restore task. You can save all of the user packages on the Console server, or you can save each user package on the client computer from which it was collected. You should save all user packages on the Console server when you want to move users from one computer to another. If the target of the task is a computer group, all packages are named automatically. If the target is a single computer, you can specify a name for the package or use the automatic naming option. To capture user data: 1 In the Ghost Console’s left pane, expand the Tasks folder. 2 In the Tasks pane, right-click an empty area and select New Task from the quick menu. 3 In the Properties for New Task window, type a name for the new task in the Name field. 4 In the Task Steps box, select User Migration: Capture. 5 In the Target Machine Group/Machine box, click Browse, select the destination computer or computer group from the folder structure, and then click OK. 6 Click the User Migration: Capture tab. 7 Under Package, choose whether to save the migration packages on the Ghost Console computer or on the client computers. 13–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

In the “Specify a package name” field, specify a name for the package. 9 In the Users box, in the Capture drop-down list, select one of the following options: 8

Domain users only

Migrates only the users that belong to a domain.

Local machine users only

Migrates only the user accounts that are stored locally.

All users

Migrates all the user profiles that are on the computer.

Last logged in user

Migrates only the user who last logged in to this computer.

DOMAIN\Username

Migrates the users that are specified in this box. You can use a wildcard character with a user name or a domain. For example, 2K3N\* selects all users on the 2K3N domain, and *\Joe_* selects all users that start with Joe_ in any domain.

recently, check Only Users Accessed Within, and in the Days box, type the appropriate number of days. The maximum number of days that you can set is 365. 11 Under Migration Templates, click Browse. 12 In the Select Migration Template dialog box, expand User Migration Templates, select a template, then click OK: 13 In the Logging Level drop-down list, select one of the following event logging options: Low

Logs errors and warnings only.

Medium

Logs errors, warnings, and debugging information.

Full

Logs errors, warnings, information, and debug details.

14 In the Compression Level drop-down list, select the compression level for the

files in the package. The available options are: – None – Low – Medium – Full Compression helps improve performance during package creation and minimizes the storage requirements for the packages.

Lesson 13 Using the Ghost Console to Migrate OS-Based User Profiles Copyright © 2008 Symantec Corporation. All rights reserved.

13–7

13

10 If you want to migrate only those users who have accessed their accounts

15 If you want the task to stop if a warning is issued, select Abort on Warning.

If multiple steps are included in the task, the task stops at the point of error and does not attempt to run the rest of the steps. For example, if the task includes a capture step, a clone step, and a restore step, and the capture step returns a warning, then the task fails without running the clone and restore steps. 16 Click Save. 17 To run the task immediately, click Execute, or schedule the task to run later. When you run a User Migration: Create task, the user settings on each destination computer are stored in a user package. Each user package is an .ump file and is saved on the Ghost Console computer or on the client computer, according to the settings that you specified in the task. If the user package is saved on the Ghost Console computer, the package definition is added to the User Packages folder.

13–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Restoring User Data

Restoring User Data

To create a User Migration: Restore task: 1 In the Ghost Console’s left pane, expand the Tasks folder. 2 In the Tasks pane, right-click an empty area and select New Task from the quick menu. 3 In the Properties for New Task window, type a name for the new task in the Task Name field. 4 In the Task Steps list, select User Migration: Restore. 5 In the Target Machine Group/Machine box, click Browse, select the destination computer or computer group from the folder structure, and then click OK. 6 Click the User Migration: Restore tab. 7 Under Package, specify the location of the user packages to restore (the Ghost Console computer or the client machines). 8 Perform one of the following: – To select a package that has been named automatically, click “Select latest Package based on Package’s Target Machine Name.” The name format is: machinename (yyyy-mm-dd hh:mm:ss). By default, the target computer name of a package is set to the source computer name. Lesson 13 Using the Ghost Console to Migrate OS-Based User Profiles Copyright © 2008 Symantec Corporation. All rights reserved.

13–9

13

You restore user data from a user package to a computer by setting up and running a User Migration: Restore task. You can set up a User Migration: Restore task as a stand-alone task or as a step within a task.



To use the same naming convention that was selected in the capture step, select “The package name is specified in the User Migration: Capture step.” – To specify a package name and location if a package is stored on the Ghost Console, select “Specify a package name,” click Browse, and browse to the appropriate package in the Configuration Resources folder. – To specify a package name and location if a package is stored on the client computer, select “Specify a package name,” click Edit, and type the drive letter and path to the package on the client machine. 9 In the Logging Level drop-down list, select the level of event logging information you want to capture (Low, Medium, or Full). 10 Click Save. 11 To run the task immediately, click Execute, or schedule the task to run later.

13–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary Key Points In this lesson, you learned about: – The types of user data you can capture and restore with the Ghost Console – Setting up a migration template by specifying the set of files, application settings, and registry keys you want to capture – Setting up and running a task in the Ghost Console to capture user data from a computer – Setting up and running a task in the Ghost Console to restore user data to a computer

Lab 13: Using the Ghost Console to Migrate OS-Based User Profiles 13

In this lab, you: •Create a migration template. •Create and execute a User Migration Capture task. •Create and execute a User Migration Restore task.

Lesson 13 Using the Ghost Console to Migrate OS-Based User Profiles Copyright © 2008 Symantec Corporation. All rights reserved.

13–11

13–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 14 Using the Ghost Console to Perform PostDeployment Customizations

Lesson Introduction • Lesson 12: Using the Ghost Console to Create and Restore Im ages • Lesson 13: Using the Ghost Console to Migrate OS-Based User Profiles • Lesson 14: Using the Ghost Console to Perform Post-Deployment Customizations • Lesson 15: Using Client Inventory Reports in the Ghost Console • Lesson 16: Preparing to Remove a Computer from Production

Lesson Topics and Objectives

After completing this lesson, you will

Topic

14–2

be able to:

Benefits of Perfor ming PostDeploym ent Customiz ations on Remote Computers

Discuss the benefits of using the Ghost Console to deploy AI packages and to perform other post-deploy ment customizations on client computers.

The Softw ar e and File Actions Task

Describe the purpose and com ponents of the Softw ar e and File Actions task.

Creating an AI Package Definition

Cr eate an AI package definition to m ake an AI package available for deploym ent.

Building and Running a Software and File Actions Task

Per form post-deployment customizations on client computers by running a Softw are and File Actions task from the G host Console.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Benefits of Performing Post-Deployment Customizations on Remote Computers

Using the Ghost Console to perform post-deployment customizations enables you to: •Manage the customization process from a central location. •Target customizations to specific individuals or departments. •Perform customizations on computers even if the logged-in user does not have the necessary rights.

Using the Ghost Console, you can remotely customize computers you have deployed in your organization. Performing post-deployment customizations offers the following benefits: • You can manage the process from a central location, greatly reducing the time and cost required to customize users’ computers. • Using computer groups in the Console, you can target customizations to specific individuals or departments in your organization. • Because the Console uses a special Ghost administrative account to manage client computers, it can perform customizations on computers even if the logged-in user does not have the necessary rights. (Issues with insufficient rights often cause customizations, such as application installations, to fail when using such methods as login scripts.)

Lesson 14 Using the Ghost Console to Perform Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

14–3

14

Benefits of Performing Post-Deployment Customizations on Remote Computers

Components of the Software and File Actions Task Action

Functionality

Install an AI package

Deploys AI packages to client computers

Uninstall an AI package

Removes installed AI packages from client computers

Transfer files and folders

Copies files and folders from the Ghost Console computer to the operating system or the Ghost partition of the client computer

Retrieve a file

Retrieves files from client com puters and stores them in a specified location on the Ghost Console computer

Execute a command

Executes commands in the client’s operating system or the Ghost partition

The Software and File Actions Task The Software and File Actions task step (new in Ghost Solution Suite 2.5) simplifies the process of customizing newly deployed computers. This feature enables you to build a set of actions and control their order of execution. The actions you can perform as part of a Software and File Actions Task are: • Install an AI package • Uninstall an AI package • Transfer files and folders • Retrieve a file • Execute a command Install AI Package Action You can deploy AI packages to client computers by running an Install AI Package action in a Software and File Actions task. When you set up the action, you select the target computers and specify which AI packages to install. Uninstall AI Package Action You can remove installed AI packages from client computers by running an Uninstall AI Package action.

14–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Not all AI packages can be uninstalled. You cannot uninstall an AI package in the following cases: The package does not include an Uninstall command.

When each package is built, you have the option to include an Uninstall command. If you do not include this command, you cannot uninstall the package in a Deploy AI Package task. If you want to check whether or not a package includes an Uninstall command, open the package with AI Builder and view its contents.

The package has been rebuilt with a new identifying number (GUID).

The rebuilt package cannot uninstall any software that was installed with the package prior to the rebuild. The application checks the GUID to ensure that the package used to uninstall software is the same as the package used to install the software.

Transfer Files and Folders Action You can copy files and folders from the Ghost Console computer to the operating system or the Ghost partition of the client computer by running a Transfer Files and Folders action. If you transfer the files to the virtual partition, then the files remain there only while the task is being executed. If you transfer files by multicast, you may encounter the following issues: • When you transfer files to multiple clients by multicast, there is a 20-second delay between each file transfer. Therefore, the task might take longer to run than expected. • The Ghost Console supports only one multicast file transfer at a time. Multicast file transfers do not run simultaneously. Warning: Do not attempt to transfer files to the My Documents folder on the client computer in a file transfer task. If you want to move files to the My Documents folder, use the User Migration task steps. User Migration automatically handles the required directory mapping. Retrieve File Action You can use the Retrieve File action to retrieve files from client computers and store the files in a specified location on the Ghost Console computer. You can use variables to differentiate files that are retrieved from different clients in the same task. There are four variables that you can use in a destination path: • MachineId: An internal unique ID for the client computer from which the file was retrieved

Lesson 14 Using the Ghost Console to Perform Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

14–5

14

If an AI package does not include an Uninstall command, or if the package has been rebuilt with a new GUID, you must use some other means to uninstall the software from the client computers.



Filename: The name of the source file (without any drive or path information) • FileBase: The same as Filename, but without an extension • FileExt: The file extension You specify variables in a destination path or file name by surrounding them with curly braces (for example: {Filename}). Variables are not case-sensitive. When you select a destination path in the Console, the default file name is {FileBase} ({MachineId}).{FileExt}. This appends the client computer ID to the file that was retrieved from it. You can modify the default to suit your requirements. For example, you may want to place retrieved files in separate subdirectories for each client computer. Execute Command Action You can use the Execute Command action to execute commands in the client’s operating system or the Ghost partition. You can specify the acceptable return codes to ensure that the command action performs to your requirements. Any return codes that are not defined as successful or warning codes are treated as failure codes. You can also specify the action name and whether or not the task is to continue if the action fails.

14–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Creating an AI Package Definition

Creating an AI Package Definition In an earlier lesson, we discussed how to create AI packages. After you create an AI package, there is one more step you must take before you can use the Ghost Console to install the package on clients—you must create an AI package definition in the Console.

To create a new AI package definition: 1 In the Console’s left pane, expand the Configuration Resources folder and select the AI Packages folder. 2 In the AI Packages pane, right-click an empty area and select New AI Package. 3 In the Properties For New AI Package window, in the Name field, type the name for the new AI package definition. The name can be anything you want, up to a maximum of 50 characters. 4 If the AI package file is stored on the client computer, select “Package is located on the Client machine,” click Edit, and enter the location of the AI package file on the client. 5 If the AI package file is stored on the Ghost Console computer, a network share, or an HTTP location, browse to and select the AI package file. If the package is located on an HTTP path, click Validate to verify that the package is a valid AI Package. If the package is a valid AI Package, the Package GUID is displayed.

Lesson 14 Using the Ghost Console to Perform Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

14–7

14

Each AI package definition contains the name and location of an AI package and, if the package is stored on the Ghost Console computer, the GUID of the package. AI package definitions are stored in the AI Packages folder in the Console.

If you want to view or edit the contents of the package, click Launch AI Builder to open the package in AI Builder. 7 Click OK. The new AI package definition is added to the AI Packages folder. 6

14–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Sample Software and File Actions Task: Conditional AI Package Installation 1 2 3

Create new Software and File Actions task. Add “Install AI Package” action. Add “Transfer Files and Folders” action.

4 Add “Execute a Command” action. 5 Arrange actions in desired order of execution. 6 Save Software and File Actions task. 7 Execute task imm ediately, or schedule for later.

Building and Running a Software and File Actions Task In this topic, you step through the process of adding and arranging actions for a Software and File Actions task. Specifically, you perform the following actions: • Transfer a file to a managed client • Run a command from a managed client’s operating system • Install an AI package To create and run the Software and File Actions task: Create a new task. a In the Ghost Console’s left pane, select the Tasks folder. b In the Tasks pane, right-click an empty area and select New Task from the shortcut menu. c In the Properties for New Task dialog box, type a name for the new task in the Task Name field. The name can be anything you want, up to a maximum of 50 characters. d In the Task Steps box, select Software and File Actions. e In the Target Machine Group/Machine box, click Browse, select the destination computer or computer group, then click OK. 2 Add and configure the “Install AI Package” action. a Click the Software and File Actions tab. b Click Add. c Verify that the option “Install an AI package” is selected, then click Next.

Lesson 14 Using the Ghost Console to Perform Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

14–9

14

1

Click Browse, then browse to and select the AI package you want to deploy. e Choose to accept the default name for the action, or specify a custom name. f If you want to abort the Software and File Actions task in the event that the AI package fails to install, de-select the option “Continue task if the package fails to install.” In this case, we will keep the option selected because we want the task to finish regardless of whether the AI package installs successfully or not. g Click Finish. 3 Add and configure the “Transfer Files and Folders” action. a Click Add. b Select “Transfer Files and Folders,” then click Next. c Click Add Files, then browse to and select the file or files you want to transfer to clients. d If you want to transfer the files to the client’s installed operating system, verify that the option “Transfer to the Target Operating System” is selected. If you want to transfer the files to the Ghost partition (for example, you want to reboot the client to a PreOS environment from a virtual Ghost partition so you can perform operations outside of the client’s installed operating system), then select the option “Transfer to the Ghost Partition.” e To specify the destination location on the client computer where you want to copy the files, click Edit. f Under Volume Identifier, specify the drive letter or volume label for the destination location on the client. g In the Path field, specify the folder path to the destination location on the client (for example, TransferredFiles\CommandFiles), then click OK. h Click Next. i Choose to accept the default name for the action, or specify a custom name. j De-select the option “Continue task if the files fail to transfer” because in this case, we want the task to abort if files cannot be successfully copied to the client. k Click Finish. 4 Add and configure the “Execute a Command” action. a Click Add. b Select the option “Execute a Command,” then click Next. c In the Command field, type the command you want to execute. d To run the command in the client’s installed operating system, verify that the option “Execute command in the Target Operating System” is selected, then click Next. d

14–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

To pause the Software and File Actions task until the command finishes executing and reports a return code, select the option “Wait for the command to finish executing before continuing the task,” then specify both the success and failure (or warning) return codes the command may return. f Choose to accept the default name for the action, or specify a custom name. g De-select the option “Continue task if the command fails to execute” because in this case, we want the task to abort if a failure (or warning) return code is received. h Click Finish. 5 Click “Move Up” or “Move Down” to arrange the actions in the order you want them to execute. 6 Click Save. 7 Click Execute to run the task immediately, or schedule the task to run at a later time.

14

e

Lesson 14 Using the Ghost Console to Perform Post-Deployment Customizations Copyright © 2008 Symantec Corporation. All rights reserved.

14–11

Lesson Summary Key Points In this lesson, you learned about: – The benefits of using the Ghost Console to deploy AI packages and to perform other post-deployment customizations on client computers – The purpose and components of the Software and File Actions task – Creating an AI package definition to make an AI package available for deployment – Performing post-deployment customizations on client computers by running a Software and File Actions task from the Ghost Console

Lab 14: Using the Ghost Console to Perform Post-Deployment Customizations In this lab, you: •Add AutoInstall packages to the Ghost Console. •Deploy an AutoInstall package using the Ghost Console. •Build and run a Software and File Actions task.

14–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 15 Using Client Inventory Reports in the Ghost Console

Lesson Introduction • Lesson 12: Using the Ghost Console to Create and Restore Im ages • Lesson 13: Using the Ghost Console to Migrate OS-Based User Profiles • Lesson 14: Using the Ghost Console to Perform Post-Deploym ent Customizations • Lesson 15: Using Client Inventory Reports in the Ghost Con sole • Lesson 16: Preparing to Remove a Computer from Production

Lesson Topics and Objectives After completing this lesson, you will be able to:

Topic

15–2

Overview of Client Inventory

Describe the Ghost Console’s Client Inventory feature and discuss the requirements for using Client Inventory.

Managing Collected Data Sets

Describe the purpose of collected data sets as they apply to the Client Inventory feature, and explain how to set up collected data sets in the Ghost Console.

Viewing Inventory Information

Set up views in the Ghost Console to control how information is displayed in inventory reports.

Using Filters

Set up and use filters in the Ghost Console to control which clients show up in reports.

Using Reports

Create and run reports in the Ghost Console.

Using Dynamic Machine Groups

Describe the purpose of dynamic machine groups, and create a dynamic machine group in the Ghost Console.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Client Inventory Resources

Overview of Client Inventory In the lesson “Integrating and Configuring Windows Desktop Computers in the Ghost Console,” you learned how to create and run a task that populates the Ghost Console database with inventory and configuration data for managed clients. This lesson discusses the Ghost Console’s Client Inventory feature in more detail. Client Inventory lets you obtain information from the Windows Management Instrumentation (WMI) repository on each managed client. You can choose the type of information you want to collect and which computers to collect it from.

15

The information that you collect is stored in a database on the Ghost Console computer and is updated on request. You can query this database to select the computers that have certain properties and then use the selected computers as the target of a task. For example, you can select the computers that have available memory that is greater than a specified amount. You can view the property values for each computer. You can also produce reports that contain the property values for each computer in a group.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–3

Client Inventory Resources

Resource

Description

Collected Data Stores the collected data sets that define the type of information you want to collect from other computers and store in the inventory database Filter

Stores the filters that you use for querying the Inventory database; a filter is a query that you apply to a computer group

Report

Stores the reports that you use for retrieving detailed information for computers that match a specific filter; a report typically contains a filter and a view and is applied to a particular computer group

View

Stores the views that you use for displaying property data; a view is a list of properties that you want to display

Client Inventory Resources You can access and maintain the Client Inventory through the Ghost Console. The Client Inventory resources are stored under the Inventory folder and in the Dynamic Machine Groups folder. You can also view Client Inventory information through the Machine Groups folder.

15–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

The Inventory folder contains the following subfolders: Collected Data

Stores the collected data sets that define the type of information you want to collect from other computers and store in the inventory database. You specify the WMI classes that you want to collect from the client computers. You can assign userfriendly names to the classes and properties. If you create a new class, all properties are collected. You can turn off any properties you do not want to collect.

Filter

Stores the filters that you use for querying the Inventory database. A filter is a query that you apply to a computer group. It searches the Inventory database and selects all the computers in the target group that match the filter conditions. You can set up filters to search for any combination of properties and property values that you want.

Report

Stores the reports that you use for retrieving detailed information for computers that match a specific filter. A report typically contains a filter and a view, and is applied to a particular computer group. The output of a report is the list of computers that match the filter conditions and, for each computer, the properties specified in the view. You can view reports on the screen, print them, and save them as text files.

View

Stores the views that you use for displaying property data. A view is a list of properties that you want to display. You can display the inventory information you are interested in by applying the appropriate views to client computers or computer groups. For example, you may want to set up views containing groups of related properties (such as software, hardware, or network) and apply them each time you want to view those properties for a computer group.

Machine Groups

Stores all the computers known to the Ghost Console, as well as the computer groups that you have set up. You can see inventory information for individual computers in the Properties window. You can also specify the views associated with each computer in a computer group.

Dynamic Machine Groups

Stores the dynamic machine groups that you have set up. A dynamic machine group is the result of a filter applied to a computer group, and contains the computers in the target group that match the filter conditions. Each dynamic machine group is treated as a virtual computer group, and can be used as the target of a task.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–5

15

The other folders that are used by the Client Inventory are as follows:

Using the Client Inventory

To use the Client Inventory feature, you must: 1. Set up collected data sets. 2. Set up any needed computer groups. 3. Run a refresh inventory task. 4. Set up properties for each collected data set. 5. Set up appropriate views. 6. Set up filters. 7. Use filters and views to create reports, set up dynamic machine groups, and show inventory information.

Using the Client Inventory You need to set up and maintain the collected data sets, filters, and views that you want to use. You can use the available filters and views to create and run reports on particular computer groups, and view inventory information for client computers. You can also set up dynamic machine groups, and use them as the target of a task. The Client Inventory relies on the data provided by Microsoft Windows Management Instrumentation (WMI). The accuracy of the data returned by WMI depends on operating system version, service pack, and WMI version installed. To use the Client Inventory feature: 1 Set up the collected data sets to include all the WMI classes that you want to collect from the client computers. 2 If necessary, set up the computer groups that you require. 3 Run a refresh inventory task to collect the appropriate WMI class instances from each computer in the target computer group. This task populates the inventory database and produces a properties list for each collected data set. 4 Set up the properties for each collected data set to suit your requirements. When you add a new collected data set and get data for it, all the properties in the WMI class become available. You can then set the property display names, and specify which properties to include in the collected data set for subsequent database refreshes. 5 Set up the views that you want to use. 6 Set up the filters that you want to use. 7 Use the filters and views to create reports, set up dynamic machine groups, and show inventory information. 15–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Collected Data Sets Collected data sets: • Specify the WMI classes that are collected from client computers when you run a refresh inventory task • Are copied from client computers and stored in the inventory database on the Ghost Console computer • Can be queried in the inventory database to generate reports for the purpose of targeting specific clients for tasks

For more information about WMI classes, see: http://msdn.microsoft.com/library/default.asp?url=/library /en-us/wmisdk/wmi/wmi_classes.asp

Managing Collected Data Sets The Collected Data folder shows all the WMI classes defined in the inventory database. You need to set up the collected data sets to suit your requirements and to ensure that you collect data for all the WMI classes that you want. You can also choose to collect particular properties within a WMI class and ignore the properties that you are not interested in. The collected data sets specify the WMI classes that are collected from client computers when you run a refresh inventory task. All instances of the specified classes found on client computers are copied and stored in the inventory database on the Ghost Console computer. You can query the inventory database to obtain the information you want.

If you need more information on these classes, or on WMI classes in general, refer to the documentation supplied by Microsoft. For more information see the article at the following URL: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ wmisdk/wmi/wmi_classes.asp

You can add additional collected data sets to collect the information you require from the client computers. There is no restriction on the WMI classes you can use. They may be additional Microsoft WMI classes or third-party vendor classes.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–7

15

Groups of predefined collected data sets that contain commonly used WMI classes are provided. These include the basic Windows classes such as operating system, memory, and hard disk space. Each WMI class has a number of properties, which represent the information gathered for the class. System properties are not displayed, and you cannot collect them.

Showing the Collected Data Folder In the Ghost Console, select ToolsÆOptions.

Showing the Collected Data Folder By default, the Collected Data folder is hidden in the Ghost Console. You can show this folder when you want to view the collected data sets, or make any changes. To show the Collected Data folder: 1 In the Ghost Console, on the Tools menu, click Options. 2 Under the Inventory tab, check Show Collected Data Sets in Inventory. 3 Click Apply.

15–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Setting Up Collected Data Sets

To set up collected data sets: 1.Create the new collected data sets that you require. 2.Run a refresh inventory task. 3.Set up the WMI class properties for each collected data set.

Setting Up Collected Data Sets

To set up collected data sets: 1 Create the new collected data sets that you require. This defines the WMI namespace, WMI class name, and display name for each data set that you want to include. 2 Run a refresh inventory task. The refresh inventory task reads the WMI repository on each client computer and populates the inventory database with all the properties of all the new WMI classes that are found. 3 Set up the WMI class properties for each collected data set. You can specify the display name of each property and whether or not to use it in data collection.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–9

15

If you want to collect data for a WMI class that is not included in a collected data set, you need to create a new collected data set in the Ghost Console. You can then specify the WMI class and properties to collect. You can also modify existing collected data sets to change property names, or specify different properties to collect.

Creating a New Collected Data Set From within a Collected Data subfolder’s pane, right-click and select New Collected Data Set.

Creating a New Collected Data Set You create a new collected data set by defining the WMI namespace, WMI class name, and display name for the new collected data set in the Ghost Console. To create a new collected data set: 1 In the Ghost Console’s left pane, expand the Inventory folder. 2 Expand the Collected Data folder, and then expand the subfolder where you want to create the new collected data set. 3 In the Collected Data pane, right-click an empty area and select New Collected Data Set from the shortcut menu. 4 In the Properties for New Collected Data Set window, in the Display Name field, type a name for your new collected data set. The name must be unique and may contain up to 50 alphanumeric characters. Type a descriptive name that is easy to recognize when you are setting up filters and views. 5 In the Namespace drop-down list, select the namespace of the WMI class that you want to collect, if it is listed. The Namespace list contains all the WMI namespaces known to the Ghost Console. These namespaces are read from the WMI repository on the Ghost Console computer. If the namespace of the class that you want to collect is not listed, go to step 7. 6 In the WMI Class Name list, select the class, if it is listed. The WMI Class Name list contains all the WMI classes known to the Ghost Console in the selected namespace. 15–10

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

7 8

9

10 11

12

If you selected the WMI class that you want to collect from the list, go to step 10. If the name of the WMI class that you want to collect is not listed, go to step 7. Select “Enter WMI Class details.” In the Namespace field, type the full namespace of the class that you want to collect. The name may contain up to 255 alphanumeric characters. In the WMI Class Name field, type the class name. The name may contain up to 255 alphanumeric characters. The Ghost Console does not perform any validation on user-defined classes. If you make an error in typing the namespace or the class name, the Ghost Console is not able to find the class instance data on the client computers. Click OK. In the Properties dialog box, view the details of the new collected data set properties. If the new collected data set is a user-defined WMI class, there are no properties displayed. If the new collected data set is a WMI class already known to the Ghost Console, the Properties dialog box displays the class properties as they are currently defined. These properties are read from the WMI repository on the Ghost Console server and are usually sufficient to work with. You can set up the properties as you want, or you may prefer to perform a refresh inventory task to update the Inventory database first. Click OK to close the Properties dialog box. The new class is added to the Collected Data view.

Running a Refresh Inventory Task

To populate the Inventory database: 1 Set up an inventory refresh task by selecting the Refresh Inventory step in the task definition. 2 Run the inventory refresh task on the appropriate computer group. You may want to set up a computer group that contains all the managed client computers to ensure that the Inventory database is complete and up-to-date. If a WMI class has instances with different properties on different computers, the class properties are merged in the Inventory database. If no instances of a WMI class are found on any client computers, the class properties cannot be added to the database. If this occurs, you may want to check that you have specified the WMI namespace and class name correctly in the collected data set. Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–11

15

The properties for all WMI classes defined in the collected data sets are gathered when you run a refresh inventory task on the client computers. When you add a new collected data set, you need to run a refresh inventory task to collect the appropriate WMI class properties and add them to the Inventory database.

Setting Up WMI Class Properties

Setting Up WMI Class Properties You can set up the properties of each collected data set to suit your requirements. When you create a new collected data set, you need to set up the WMI class properties as part of the process. You can modify the property settings at any time. The default display name for each property is the WMI property name. You can change the property display names to make them more descriptive when showing inventory data. Descriptive property display names are also easier to use when you create filters and views. You can specify the properties in each class that you want to collect from client computers. You can choose to collect particular properties within a class and ignore the properties that you are not interested in. You may want to do this to make the inventory data collection process quicker and more efficient, and to keep the size of the Inventory database to a minimum. To set up collected data set properties: 1 In the Ghost Console’s left pane, expand the Inventory folder. 2 Expand the Collected Data folder, and then expand the subfolder that contains the collected data set that you want to set up. 3 In the Collected Data pane, right-click the class you want to set up and select Properties. 4 In the Properties window, set up the collected data set properties to suit your requirements. You can sort the properties by display name, WMI name, or type by clicking the appropriate column header to toggle the order. 15–12

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

5

6

7 8

15

9

If you want to change the display name of a property, right-click the property name and select Rename. Type the new name, and then press Enter or click anywhere in the window. The name must be unique and may contain up to 50 alphanumeric characters. Choose a descriptive name that is easy to recognize when you are setting up filters and views. To specify whether or not a property is collected from client computers and added to the Inventory database, right-click the property name and select one of the following: – Enable – Disable The property status is indicated by the symbol beside the property display name. A green check mark means the property is enabled for data collection; an empty space means it is disabled. You can also click directly on the space or green check mark to turn the status on and off. A key symbol indicates a key property, and a padlock indicates a property that is currently used in a filter or view. These properties are always included in data collections, and you cannot disable them. If you want to hide disabled properties, check “Hide disabled properties.” If you want to ignore this collected data set when refreshing the Inventory database, check “Do not collect data for this class.” This lets you temporarily disable all properties in the collected data set. You may want to do this to minimize the time required to complete the refresh inventory task by collecting only the data sets that you want. When you have finished setting up the collected data set properties, click OK. The refresh inventory task collects the enabled properties from the target computers. Any disabled properties are removed from the Inventory database. Collected data sets that are ignored when refreshing the Inventory database are indicated in the Ghost Console by a small barred circle on the left side of the collected data set icon.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–13

Client Inventory Views Views are a collection of properties that you want to display. Typically, you set up a view as a group of related properties that you are interested in. For example, here are the properties included in the predefined “System Information” view:

Viewing Inventory Information You can view inventory information for client computers or computer groups by selecting views. A view is essentially a collection of properties that you want to display. You would typically set up a view as a group of related properties that you are interested in. For example, the Hardware view may include information such as the make and model of the client computer, its physical memory, processor speed and number and size of its hard drives. The Software view may include the operating system, versions of installed software, and any patches applied. The Networking view may include the IP and MAC addresses, domain membership, and the DNS server to which the computer is connected. You can use views in reports to obtain inventory information for the computers in a computer group. You can also use views to customize the information shown on the Inventory tab in the Properties window for client computers. Note: The Ghost Console includes a set of pre-defined views. These contain groups of properties that are commonly used. You can modify them to suit your requirements.

15–14

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Creating Views From within a View subfolder’s pane, right-click and select New Inventory View.

Creating Views You can create new views and modify existing views at any time. When you create a view, you select the properties that you want to include. Note: Disabled properties have no values when you use a view in a report or to display inventory information. If you want to see the values of these properties, enable the properties in the collected data set, and then perform a refresh inventory task to update the inventory database.

15

To create a view: 1 In the Ghost Console’s left pane, expand the Inventory folder. 2 Expand the View folder, and then select the subfolder where you want to place the new view. 3 In the View pane, right-click an empty area and select New Inventory View from the shortcut menu.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–15

Adding Properties to a New View

4

5

6

7

8 9

15–16

In the Properties for New Inventory View window, type the name of the new view in the View Name field. The name must be unique, and may contain up to 50 alphanumeric characters. Choose a descriptive name that indicates which properties are contained in the view. In the Collected Data Sets list, select the collected data set that contains properties that you want to add. The Properties list shows the available properties for the selected data set. By default, the available properties are those that are enabled in the collected data set. If you want to include disabled properties in the view, uncheck “Hide disabled properties.” This option is checked by default. When you uncheck it, the Properties list is updated to show all properties of the selected data set, allowing you to select the properties that you want. Remember that the disabled properties are not collected from client computers until they have been enabled in the collected data set and a refresh task has been executed. In the Properties list, select the properties you want to add. If you want to select all the properties in the collected data set, click Select All. If you want to clear your selection, click Deselect All. Click Add. The selected properties are added to the list in the Preview pane. Repeat steps 5 through 8 for each collected data set that has properties that you want to include in the view.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

10 In the Preview pane, arrange the list of properties in the order that you want

15

them to appear when inventory information is displayed. To move an item in the list, click it to select it, and then click Move Up or Move Down as many times as necessary. Each click moves the item one place in the list. If you want to remove an item from the list, click it to select it, and then click Remove. If you want to remove all items from the list, click Remove All. 11 When you have finished setting up the view, click OK. The new view is added to the View folder.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–17

Setting the Common Inventory View for Computer Groups Right-click a machine group and select Set Inventory Views.

Setting the Common Inventory View for Computer Groups You can set the common Inventory views for computer groups. These views are applied to all computers that are currently in the group. If a new computer is added to the group, it uses the default views set in the Console Option window. You will see the common views on the Inventory tab in the Properties window for each client computer. You can change the views for individual computers, for example, if you want to show more information for particular computers. To set the common Inventory view for a computer group: 1 In the Ghost Console’s left pane, expand the Machine Groups folder. 2 In the Machine Groups pane, right-click the computer group that you want to set up and select Set Inventory Views. 3 In the Set Inventory Views window, from the “Settings for” drop-down list, select whether to apply the view to “This Machine Group only” or “All Machine Groups in hierarchy.” 4 If you want the group view settings to overwrite the individual settings for each computer in the group, check Overwrite individual machine settings. 5 To move the views that you want to use into the Assigned Views pane: – To add views, select them in the Available Views pane, and then click Add. – To remove views, select them and click Remove. The View Properties pane shows the properties (and their values if known) of the selected view. The properties are listed in the order in which they are set up in their respective views. 6 Click OK. 15–18

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Setting the Default Inventory Views for New Client Computers Select ToolsÆOptions, and on the Inventory tab, click Modify.

Setting the Default Inventory Views for New Client Computers

To set the default Inventory views for new client computers: 1 In the Symantec Ghost Console, on the Tools menu, click Options. 2 Under the Inventory tab, click Modify. 3 In the Set Inventory Views window, to move the views that you want to use into the Assigned Views pane, perform the following: – To add a view, select it in the Available Views pane, and then click Add. – To remove a view, select it in the Assigned Views pane, and then click Remove. The View Properties pane shows the properties of the selected view. The properties are listed in the order in which they are set up in their respective views. 4 Click OK. 5 In the Options window, under the Inventory tab, click Apply.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–19

15

You can specify the views to use for a client computer when it is detected by the Symantec Ghost Console.

Viewing Inventory Information for Client Computers In a machine group’s pane, right-click a computer and select Properties.

Viewing Inventory Information for Client Computers You can view inventory information for any client computer. The common views applied to the machine group folders are automatically applied to each computer. You can add views to individual computers to see more inventory information. If you later change the common views for the computer group, the changes are merged with the views that are currently applied to individual computers in the group. The individual settings are updated to include any new views, but are not overwritten unless you choose to overwrite them. To view inventory information for a client computer: 1 In the Ghost Console’s left pane, expand the Machine Groups folder. 2 Expand the computer group that contains the client computer that you want to view. 3 In the Machine Groups pane, right-click the computer for which you want to view inventory details and select Properties. 4 In the Properties window, click the Inventory tab. This tab lists the views assigned to the computer. The default views are the common views currently applied to the computer groups folder. 5 In the Inventory Views list, select a view to display the instance number, name, and value of each property that it contains. 6 If you want to change the views assigned to this computer, click Set Views.

15–20

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

In the Set Inventory Views window, to move the views that you want to use into the Assigned Views pane, perform the following: – To add a view, select it in the Available Views pane, and then click Add. – To remove a view, select it in the Assigned Views pane, and then click Remove. The View Properties pane shows the properties of the selected view. If you remove a view that is one of the common views set for the computer group, it is automatically removed from the list of common views. 8 Click OK to close the Set Inventory Views window. The Inventory Views pane under the Inventory tab shows the updated list of views. 9 If you want to save the changes you have made to the selected views, click OK. If you want to remove the changes you have made and restore the previous selected views, click Cancel.

15

7

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–21

Creating Filters In the Filter pane, right-click an empty space and select New Inventory Filter.

Using Filters A filter is a query that searches the Inventory database and returns all the records that match the specified property conditions. You can set up filters to search for the combination of properties you want. You can also set up filters to return all the records that do not match the filter conditions. Note: You can only use properties that are enabled in the collected data sets. Disabled properties are not available. If you want to use any properties, you need to enable them in the collected data set first. The filters have been developed for US English client computers. As the data provided by WMI is dependent on the language of the client operating system, filters used with clients that are not US English may return an incorrect number of clients. The Filter folder stores all the available filters. You can create new filters to suit your requirements, and can edit, copy or delete existing filters. You can use filters in reports, to select the computers in a computer group that have particular property values. You can also use filters in dynamic machine groups, to set up virtual computer groups that contain the computers that match the filter conditions. A set of predefined filters is provided. These are examples that illustrate the use of a filter. You can modify them to suit your requirements. The predefined filters include filters that are based on the minimum requirements for Microsoft Vista as defined by Microsoft.

15–22

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Creating Filters You can create new filters to suit your requirements. When you create a filter, you specify the filter conditions to use. Each filter condition is a restriction, such as a maximum or minimum value, placed on a single property. The conditions are linked by And, Or, And Not, or Or Not statements, which lets you group (nest) them as appropriate. Before you create a filter, you should decide which filter conditions you need and determine the grouping required. This lets you add the conditions in the correct order for the grouping you want to use. You cannot move a condition within the list.

15

To create a filter: 1 In the Ghost Console’s left pane, expand the Inventory folder. 2 Click the Filter folder. 3 In the Filter pane, right-click an empty area and select New Inventory Filter. If appropriate, you can copy an existing filter and rename it, and then modify it to suit your requirements. You may want to do this when you are creating a number of filters with the same components. 4 In the Properties window, type the new filter name in the Filter Name field. 5 Set up the filter conditions that you require. 6 If you need to nest certain groups of conditions, or need two or more conditions to apply to the same instance of a class, create the appropriate groups. 7 If you want to remove a condition, select it, and then click Delete. The grouping, if any is applied to the condition, is automatically adjusted. 8 Specify whether you want to select the computers that match the filter conditions, or those that do not match the filter conditions, by clicking one of the following: – All machines from the Target group matching these filter conditions – All machines from the Target group that do not match these filter conditions 9 Click OK to save the filter. The new filter is added to the Filter pane and is available for you to use in a report or dynamic machine group.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–23

Setting Up Filter Conditions In the filter’s Properties window, click Add or Modify to set filter conditions.

Setting Up Filter Conditions You can add or modify filter conditions as required. To set up a filter condition: 1 In the filter’s Properties window, perform one of the following: – If you want to add a new condition, select an existing condition below which you want to add the new condition and click Add. If you do not select an existing condition, the new condition is added to the bottom of the list. – If you want to modify a condition, select it and click Modify. 2 In the Filter Condition window, in the Collected Data Sets pane, select the data set that contains the property for which you want to set a condition. The Collected Properties pane lists all the available properties in the selected collected data set. Available properties are those that are currently enabled for collection in the collected data sets. If a property is disabled in the collected data set, you cannot use it in a filter. 3 In the Collected Properties pane, select the property for which you want to set a condition. 4 In the Restriction box, from the drop-down list, select the operator that you want to use for the property. The list contains all the operators that are relevant to the type of property selected.

15–24

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

The available comparison operators (conditions) and their limitations are described as follows:

5

Operator

Definition

Limitations

=

Equal to

All except Array



Not equal to

All except Array

<

Less than

All except Array and Boolean



Greater than

All except Array and Boolean

>=

Greater than or equal

All except Array and Boolean

Contains

Contains the specified string

String and Array only

Not Contains

Does not contain the specified string

String and Array only

Is Empty

Contains no characters

String and Array only

Is Not Empty

Contains characters

String and Array only

Is Null

Property does not exist; no instances collected

All property types

Is Not Null

Property exists; one or more instances collected

All property types

In the Value field, specify the value against which you want to compare the property as follows: Boolean

Select the value from the drop-down list.

String, Array, UInt

Type the value.

DateTime

In the Value field, click the down-arrow to open a calendar, and then select the date. If you want to specify a time as well, check Time, and then type the time value or set it using the arrow buttons.

In the “Link with previous condition” drop-down list, select one of the following: – AND – OR – AND NOT – OR NOT The default is AND. If you are adding a new condition, you can specify the link with the previous condition. If you are modifying a condition, you can specify the link with the next condition. 7 Click OK. If you are creating a new condition, it is added to the list in the filter’s Properties window. Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–25

15

6

Grouping Filter Conditions

Grouping Filter Conditions By default, the filter conditions are evaluated in the order in which they are listed, and the links between them have the same priority. Each condition is evaluated independently of other conditions. If you want to give higher priority to the links between particular conditions, or make two or more conditions apply to the same class instance, you need to group the filter conditions. You can group filter conditions as follows: Group

Evaluate the conditions as a single unit within the list of conditions.

Group on Instance

Evaluate the conditions on the same instance of a class.

Grouping You can group two or more conditions as a single unit within the list of conditions. The grouped conditions are evaluated before the conditions outside the group. A group may contain multiple nested levels of subgroups, but each subgroup must be completely within its parent group. When a filter contains multiple levels of grouping, the innermost group is evaluated first.

15–26

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

For example, if you have a number of computers, with some running Windows XP and some running Windows 2000, you can apply the following filter: OperatingSystem.Name = Windows XP AND PhysicalMemory.Capacity > 512 Mb OR OperatingSystem.Name = Windows 2000 AND PhysicalMemory.Capacity < 256 Mb Without grouping, this filter returns only the Windows 2000 computers that have less than 256 MB of memory. The Windows XP computers that were selected with the first two conditions are not returned since they do not satisfy the fourth condition. To make the filter return the Windows XP computers that have over 512 MB of memory and the Windows 2000 computers that have less than 256 MB of memory, you need to group each OperatingSystem condition with the corresponding PhysicalMemory condition. This grouping is as follows: ( OperatingSystem.Name = Windows PhysicalMemory.Capacity > 512 Mb ( OperatingSystem.Name = Windows PhysicalMemory.Capacity < 256 Mb

XP AND ) OR 2000 AND )

The grouping is indicated in the list of conditions as follows: An opening parenthesis in the (... column

The first condition in the group

A closing parenthesis in the ...) column

The last condition in the group

Conditions deleted from within a group, and no end-of-group conditions deleted.

Grouping is preserved on remaining conditions.

Condition deleted from start or end of a group.

Grouping is removed from remaining conditions. If a deleted condition is the start or end of two or more nested groups, all nested groups are ungrouped.

To group (nest) filter conditions: 1 In the filter’s Properties window, in the list of conditions, select the conditions that you want to group.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–27

15

When you delete conditions from a group, the grouping is automatically adjusted according to the remaining group start and end conditions. The grouping adjustment depends on whether the deleted conditions are at the start or end of the group, or in the middle as follows:

You can select all the conditions, or just the first and last conditions. Any unselected conditions between the selected conditions are automatically included in the group. 2 Click Group. The grouping is indicated in the list of conditions. 3 If you need to undo any grouping, select all the conditions in the group, or the first or last condition of the group, then click Ungroup. If the selected condition is the first or last for two or more groups, the outermost group is ungrouped.

15–28

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Grouping Filter Conditions on Instance

Grouping on Instance If you need to apply two or more conditions to the same instance of a class, you can group the conditions on instance. When you do this, all the conditions in the group must be satisfied for properties of the same class instance. The same restrictions as for a nested group apply, but you cannot create any subgroups on instance. For example, you might have a computer with two logical disks as follows: • Drive C: NTFS, 10 gigabytes • Drive D: FAT, 30 gigabytes You can apply the following filter: LogicalDisk.FileSystem = NTFS AND LogicalDisk.Size > 20 Gb

15

By default, the filter returns this computer because both conditions are met, one on each logical disk, even though the computer does not contain a disk that meets the filter criteria. To make the filter exclude the computer unless it contains a logical disk that satisfies both the conditions, you need to group the conditions on instance: ( LogicalDisk.Size > 20 Gb )

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–29

The grouping is indicated in the Property column, as follows: preceding the class name

The last condition in the group on instance

A group on instance is automatically a nested group. This grouping is indicated by the ( symbol in the (... column and the ) symbol in the ...) column. When you add conditions to the filter within a group on instance, you are restricted to properties for the same class as in the group. To group filter conditions on instance: 1 In the filter’s Properties window, in the list of conditions, select the conditions that you want to group on instance. You can select all the conditions, or just the first and last conditions. Any unselected conditions between the selected conditions are automatically included in the group. All the conditions must relate to the same class in order to group them on instance. 2 Click Group on Instance. The grouping is indicated in the list of conditions, in the Property column. 3 If you need to undo the grouping on instance, select all the conditions in the group, or the first or last condition of the group, and then click Ungroup.

15–30

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Creating Reports In the Report pane, right-click an empty space and select New Inventory Report.

Using Reports A report is simply the association of one filter, one view, or one of each, and a target computer group. You cannot have two or more filters or views in the same report. If you run a report on a single computer, you must use a view; you cannot use a filter. The output of a report depends on whether or not it includes a view. If the report has no view (just a filter), the output is the list of computers that satisfy the filter criteria. If the report contains a view, the output is the list of computers in the target computer group, and the values of the properties contained in the view. You need to set up your filters and views before you can include them in a report. If necessary, you can create a new filter or view as you set up your new report. Creating Reports

To create a report: In the Ghost Console’s left pane, expand the Inventory folder. 2 Click the Report folder. 3 In the Report pane, right-click an empty area and select New Inventory Report from the shortcut menu. 1

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–31

15

You can create a new report at any time, and can use any combination of filters and views. You can preview a report by running it immediately, or you can save it in the Reports folder and run it later.

4

5 6 7

8

9

15–32

In the Properties for New Inventory Report window, in the Report Name field, type the name of the new report. The name must be unique, and may contain up to 50 alphanumeric characters. Choose a descriptive name that indicates what information is contained in the report. Next to the Target box, click Browse. In the Select Target window, select the computer group that you want to use as the target of the report. If you want to use a filter in the report, check Use Filter and click Browse. In the Select Inventory Filter window, select the filter that you want to use in the report. If you want to use a view in the report, check Use View and click Browse. In the Select Inventory View window, select the view that you want to use in the report. Click OK to save the report. The new report is added to the Report folder.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Inventory Report Results

Running Reports You can run a report to obtain inventory information from the database. You should update the inventory database before running a report to ensure that the report results are up-to-date.

If the report contains a view

The output is a table listing computers and the values of the properties that were included in the view. You can set the sort order for each column by clicking the column headers. If the report contains a filter and a view, the table contains the computers that match the filter conditions. If the report does not contain a filter, the table contains all the computers in the target computer group.

If the report does not contain a view (just a filter)

The output is the list of computers in the target computer group that meet the filter criteria. For example, you may want to obtain a list of computers that have the prerequisites for a software rollout.

You can print the report results, or export the results to a formatted text file or a comma-separated file. You can also create a new dynamic machine group from the report. Note: You can also run a report directly from the report’s Properties window, by clicking Run Report. Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–33

15

The following formats are for report results, depending on whether or not a view is included:

To run a report: 1 In the Ghost Console’s left pane, expand the Inventory folder. 2 Click the Report folder. 3 In the Report pane, right-click the report that you want to run, then select Run Report. 4 In the Inventory Report Results window, view the report result. 5 If you want to preserve the report results, you can save the report as a dynamic machine group, export the results to a file, or print the results. 6 Click Close to close the Inventory Report Results window. Printing the Report Results You can print the report results on any printer that the Console can access. To print the report results: 1 In the Inventory Report Results window, click Print. 2 In the Print window, select the appropriate settings. 3 Click OK. Exporting the Report Results to a File You can export the report results to a formatted text file, or a comma-separated file. The file can be exported to any directory that the Console can access. To export the report results to a file: 1 In the Inventory Report Results window, click Export. 2 In the Export Inventory Report To window, browse to the location to which you want to export the results. 3 In the File Name field, type the file name. 4 In the Save as Type drop-down list, select one of the following: – Formatted Text File – Comma-separated File – Comma-separated File (legacy format) 5 Click OK. The file is saved in the specified location and is automatically opened in Notepad. 6 View the file and make any appropriate changes or add extra information. 7 If necessary, save your changes, and then close Notepad.

15–34

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Dynamic Machine Groups

A dynamic machine group: • Is a group created from the results of an inventory report or by applying a filter • Is populated each time the inventory database is updated • Includes all the computers in the target computer group that currently match the filter conditions • Is stored as a folder within the Dynamic Machine Groups folder • Can be used as the target of a task in the same way as a normal computer group

Using Dynamic Machine Groups

15

A dynamic machine group is created from the results of an inventory report or by applying a filter to the computer records in the Ghost Console database. Dynamic machine groups are populated each time the inventory database is updated, and contain all the computers in the target computer group that currently match the filter conditions. The members of a dynamic machine group may change as their property values change.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–35

Dynamic Machine Groups

Dynamic machine groups are stored as folders within the Dynamic Machine Groups folder. Each dynamic machine group can be used as the target of a task, in the same way as a computer group. Note: You may want to refresh the inventory database before you use a dynamic machine group as the target of a task, to ensure the dynamic machine group contains the appropriate computers. The inventory database is not updated automatically.

15–36

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Saving a Report as a Dynamic Machine Group In the Inventory Report Results window, click Create Group.

Creating Dynamic Machine Groups You can create a dynamic machine group directly from the results of a report. You can also manually create a new dynamic machine group at any time, and can use any filter and target computer group. Saving a Report as a Dynamic Machine Group

15

To save a report as a dynamic machine group: 1 In the Inventory Report Results window, click Create Group. 2 In the Properties for New Dynamic Machine Group window, type the name for the dynamic machine group. 3 Click OK. The new dynamic machine group is added to the Dynamic Machine Groups folder.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–37

Manually Creating a Dynamic Machine Group In the Dynam ic Machine Groups pane, right-click an empty space and select New Dynamic Machine Group.

Manually Creating a Dynamic Machine Group To manually create a dynamic machine group: 1 In the Ghost Console’s left pane, expand the Dynamic Machine Groups folder. 2 In the Dynamic Machine Groups pane, right-click an empty area and select New Dynamic Machine Group from the quick menu. 3 In the Properties for New Dynamic Machine Group window, in the Dynamic Machine Group Name field, type the name of the new dynamic machine group. The name must be unique and may contain up to 50 alphanumeric characters. 4 Next to the Target field, click Browse. In the Select Target window, select the computer group that you want to use as the target of the dynamic machine group and click OK. 5 Next to the Filter Name field, click Browse. In the Select Inventory Filter window, select the filter that you want to use in the dynamic machine group and click OK. 6 Click OK. The new dynamic machine group is added to the Dynamic Machine Groups folder.

15–38

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson Summary Key Points In this lesson, you learned about: – The Ghost Console’s Client Inventory feature and the requirements for using Client Inventory – The purpose of collected data sets as they apply to the Client Inventory feature, and how to set up collected data sets in the Ghost Console – Setting up views in the Ghost Console to control how information is displayed in inventory reports – Setting up and using filters in the Ghost Console to control which clients show up in reports – Creating and running reports in the Ghost Console – The purpose of dynamic machine groups, and how to create a dynamic machine group in the Ghost Console

Lab 15: Using Client Inventory Reports in the Ghost Console In this lab, you: •Run reports in the Ghost Console.

15

•Create dynamic groups within the Ghost Console.

Lesson 15 Using Client Inventory Reports in the Ghost Console Copyright © 2008 Symantec Corporation. All rights reserved.

15–39

15–40

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Lesson 16 Preparing to Remove a Computer from Production

Lesson Introduction • Lesson 12: Using the Ghost Console to Create and Restore Im ages • Lesson 13: Using the Ghost Console to Migrate OS-Based User Profiles • Lesson 14: Using the Ghost Console to Perform Post-Deploym ent Customizations • Lesson 15: Using Client Inventory Reports in the Ghost Console • Lesson 16: Preparing to Remove a Computer from Production

Lesson Topics and Objectives

After completing this lesson, you will be able to:

Topic

16–2

Im por tance of Preparing Com puters for Retirem ent

Explain w hy it is cr ucial for businesses to perm anently erase sensitive data from their hard disks befor e r etiring computer s.

Using GDisk to Securely Retir e a Har d Disk

Use GDisk to securely wipe a hard disk.

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Importance of Preparing Computers for Retirement

Steps must be taken to prepare obsolete computers for retirement because: •Deleting files and reformatting partitions do not permanently remove data from hard disks. •There are numerous, readily available data recovery services and software that can be used to recover data from hard disks years after files were deleted.

Importance of Preparing Computers for Retirement When you delete files and empty the Recycle Bin in Windows, and even when you reformat a partition or a partition becomes corrupt, the data from your files still remains on your hard disk. Files are merely pointers to data on the hard disk. When you delete files, you are actually only deleting pointers to data, not the data itself.

16

There are numerous, readily available data recovery services and software that can be used to recover data from hard disks years after files were deleted. Therefore, it is crucial for businesses to permanently erase sensitive data from their hard disks before retiring computers.

Lesson 16 Preparing to Remove a Computer from Production Copyright © 2008 Symantec Corporation. All rights reserved.

16–3

Overview of the Ghost Solution Suite’s GDisk Utility GDisk: •Is a multipurpose disk management utility that includes a secure disk wiping feature •Can wipe disks according to the U.S. Department of Defense DoD 5220.22-M standard •Comes in two versions: − GDisk.exe (DOS) − GDisk32.exe (Windows)

•Can be found in the following directory: \Program Files\Symantec\Ghost\

Using GDisk to Securely Retire a Hard Disk The GDisk utility included with the Ghost Solution Suite is a multipurpose disk management utility that includes a secure disk wiping feature. GDisk’s secure disk wiping feature wipes data according to the U.S. Department of Defense DoD 5220.22-M standard. According to this standard, the following group of operations is performed six times: • All addressable locations on the hard disk are overwritten with 0x35. • All addressable locations hard disk are overwritten with 0xCA. • All addressable locations hard disk are overwritten with a pseudo-random character. • All addressable locations hard disk are verified in hardware using the Verify Sectors command to the disk.

16–4

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

GDisk Disk Wipe Syntax

The syntax for using GDisk to securely wipe a hard disk with the DoD 5220.22-M standard is as follows: gdisk disk /diskwipe /dodwipe Command-line examples: DOS gdisk.exe 1 /diskwipe /dodwipe Windows gdisk32.exe 2 /diskwipe /dodwipe

Running GDisk to Securely Wipe a Disk There are two versions of GDisk. • GDisk.exe This version of GDisk runs in DOS. You can run GDisk.exe from a DOS boot disk to securely wipe an entire hard disk. If you use the Ghost Boot Wizard to create a DOS boot disk, you must choose to include the GDisk.exe file at the “Additional Files” screen. GDisk.exe is located in the \Program Files\Symantec\Ghost\ directory on the computer where Ghost Solution Suite is installed. • GDisk32.exe This version of GDisk runs in Windows. To use this version of GDisk to wipe an entire hard disk, you must run GDisk32.exe from a WinPE boot disk. You can create a WinPE boot disk with Ghost Boot Wizard. Using this method, when you create a Standard Ghost Boot Disk, GDisk32.exe is automatically included in the Ghost folder on the root of the disk. The syntax for using GDisk to securely wipe a hard disk with the DoD 5220.22-M standard is as follows:

16

gdisk disk /diskwipe /dodwipe

Lesson 16 Preparing to Remove a Computer from Production Copyright © 2008 Symantec Corporation. All rights reserved.

16–5

The following table explains the GDisk command line elements: Element

Description

gdisk

The GDisk executable; use GDisk.exe for the DOS version and GDisk32.exe for the Windows version

disk

Represents the physical fixed disk you want to wipe, from 1 to 128

/diskwipe

Instructs GDisk to perform a disk wipe

/dodwipe

Makes six passes when deleting the data on the specified disk

Following are examples of the GDisk secure wipe command line: gdisk.exe 1 /diskwipe /dodwipe

This command line runs in DOS to securely wipe physical disk 1 using the DoD 5220.22-M method. gdisk32.exe 2 /diskwipe /dodwipe

This command line runs in WinPE to securely wipe physical disk 2 using the DoD 5220.22-M method.

16–6

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

Running GDisk from the Console to Securely Wipe Managed Clients In the Ghost Console, select ToolsÆErase Machine.

Running GDisk from the Ghost Console to Securely Wipe A Managed Client

16

To use the Ghost Console to wipe one or more disks on managed clients, perform the following: 1 From the menu bar in the Console, select Tools-->Erase Machine. 2 In the Task Name field, specify a name for the task (or accept the default name). 3 To the right of the Target Machine Group/Machine field, click Browse, then browse to and select the machine group or individual machine that you want to wipe. 4 In the Disks to Wipe group box, specify what you want to wipe (system disk, all disks except USB and FireWire disks, or all disks). 5 In the Options group box, you can choose to perform a secure six-pass erase and to remove wiped clients from the Console. 6 To proceed with the task, click Execute. When you are prompted to verify that you want to erase the disks on the selected client or clients, click Yes.

Lesson 16 Preparing to Remove a Computer from Production Copyright © 2008 Symantec Corporation. All rights reserved.

16–7

Lesson Summary Key Points In this lesson, you learned about: – Why it is crucial for businesses to permanently erase sensitive data from their hard disks before retiring computers – Using GDisk to securely wipe a hard disk

Lab 16: Preparing to Remove a Computer from Production In this lab, you: •Perform a standard disk wipe with GDisk. •Perform a secure disk wipe with GDisk.

16–8

Symantec Ghost Solution Suite 2.5 Administration Copyright © 2008 Symantec Corporation. All rights reserved.

View more...

Comments

Copyright ©2017 KUPDF Inc.
SUPPORT KUPDF