Escolar Documentos
Profissional Documentos
Cultura Documentos
UNIVERSITY OF BRADFORD
Department of Cybernetics, Internet and Virtual Systems
Final Year Project
DECLARATION OF ORIGINALITY
Declaration
I understand that all my project work must be my own unaided work. If I make
use of material from any other source I must clearly identify it as such in any
interviews, reports or examinations. I understand that my reports must be
written unaided in my own words, apart from any quoted material, which I
must identify clearly in the correct manner.
I understand that the work, which I shall present for assessment must be work
carried out by myself only during the project period, which has not been
previously prepared. Where any such previous work is made use of in the
project, I shall make this clear in any interviews, reports or examinations.
I understand that violation of these conditions may result in a mark of zero for
the component or components of assessed work affected.
Print name:
Signature:
Date:
Abstract
For companies and organisations that run large computer networks, manually
installing and/or rebuilding desktop workstations is not a viable option, as it
takes a considerable amount of time per machine, which can quickly consume
company resources and increase the TCO (Total cost of ownership) for each
workstation.
For my final year project, I have proposed to implement a solution that will
enable automated deployments to any workstation (with varying hardware).
The automated deployments should include a common business operating
system, along with the most recent service packs, patches, applications and
miscellaneous configuration modifications. The system should also be
relatively easy for a competent technical user to maintain, and keep up to date
(software updates/patches etc.). This system will allow IT departments to run
much more efficiently and should significantly reduce support and system
maintenance costs.
For the deployments a very basic development network has been used, along
with the open source unattended project to successfully deploy Windows XP
professional along with the associated patches, applications and
configuration modifications to a variety of clients. The final solution can be
quite easily incorporated into most corporate networks, as the required
infrastructure will already be in place. It will also not add any additional
licensing costs, as all the software used in the project is open source and free
to use.
Keywords
Administration, Installation, Deployment, Automation, Scripting, Operating
System, Network, Client, Server.
Table of contents
1. Introduction....................................................................................................5
2. Project resources...........................................................................................5
3. Progress of the project...................................................................................6
3.1 Investigation of operating systems..........................................................6
3.1.1 Choosing the version of the operating system..................................6
3.2 Applications and utilities to deploy...........................................................7
3.3 Methods of deployment............................................................................7
3.4 Infrastructure preparation.........................................................................8
3.4.1 Adding the operating system.............................................................9
3.4.2 Booting from the network..................................................................9
3.5 Specifying installation options................................................................10
3.5.1 Windows setup options...................................................................10
3.5.2 Unattended script options................................................................11
3.5.3 Naming the client machine..............................................................11
3.6 Updating Windows.................................................................................12
3.6.1 Slipstreaming the service pack.......................................................12
3.6.2 Adding patches and updates...........................................................12
3.7 Adding applications................................................................................13
3.7.1 The install script...............................................................................13
3.7.2 Installing applications......................................................................13
3.8 Configuration modifications....................................................................15
3.8.1 Updating the start menu and desktop.............................................16
3.8.2 Registry modifications.....................................................................17
3.8.3 Other modifications.........................................................................18
3.8.4 Applying to the default user.............................................................18
4. Project management....................................................................................20
5. Conclusions.................................................................................................21
6. Recommendations for further work.............................................................22
6.1 Configuration based on MAC address...................................................22
6.2 Different application sets........................................................................22
6.3 Keeping the server up-to-date...............................................................22
6.4 Configuration stored in a database........................................................22
References.......................................................................................................23
Appendices......................................................................................................24
Appendix A Pxelinux configuration file......................................................24
Appendix B Unattend.txt configuration file................................................25
Appendix C Machine naming script..........................................................27
Appendix D Example registry file..............................................................28
Appendix E Network status icon script.....................................................29
Appendix F Gant chart..............................................................................30
1. Introduction
Many computer users have undoubtedly encountered the situation where a
serious problem has occurred on their system, or the system is just running so
slowly that it has become unusable, and as a result of this have had to
reformat (rebuild) their machine. This process of reloading the operating
system along with all the additional patches, applications and utilities, then
configuring everything as required can take many hours. It also requires a
user with an in-depth technical knowledge to be present to perform the
rebuild. As this is such an infrequent event for most home users, it can be an
acceptable solution to the problem. However, in a corporate environment
where there might be hundreds, or possibly thousands of machines, installing
each one manually is simply not a viable option due to the amount of time
required per machine.
If the rebuilding process could be automated it would remove the requirement
for a technical user to be present throughout the rebuild. It will also
significantly lower IT support costs, as IT staff will be able to use their time far
more efficiently. Automating rebuilds can further help to reduce support costs,
as in environments where no files are stored on local workstations (such as
the university for example), it is quicker and much more efficient to rebuild a
faulty machine, rather than having IT staff diagnose and attempt to fix the
problem. As rebuilding systems in this manner uses very little staff resources,
it means machines can be regularly rebuilt, which will help them to keep
running as fast as possible, and will ensure that machines have all the latest
versions of the software installed.
For my computer systems administration final year project, a system has been
implemented that will enable automated workstation deployments/rebuilds
over the local network. These installations deploy the Windows XP
Professional operating system, including the most recent service pack and
any other required patches. In addition to this a selection of common
applications are installed, such as Microsoft Office and Adobe Acrobat
Reader.
2. Project resources
For the development of the project a simple network was used that comprised
two standard 1.5GHz PCs. The first PC was to act as a client machine that
will be deployed; the other machine was to act as the server for the
deployments. Both machines were connected via a cheap 100MBit network
switch. The use of a larger scale network for deployments was also
investigated. Numerous software packages were also used in the
deployments; these are detailed throughout this report.
Release Date
Main Support
End Date
Extended
Support
End Date
Windows XP
Professional
Windows 2000
Professional
Windows NT4
Workstation
The table clearly shows that the most viable option is Windows XP
Professional, as if it was deployed today; it would still continue to be
supported for another 5/6 years.
Unattended project
Open source
Microsoft RIS
Commercial software
While Microsoft RIS offers a much faster deployment time, this is a less
important strength than those offered by the unattended project, as it is likely
that deployments will happen out of hours to avoid any disruption to users.
The unattended project also is far more adaptable than the Microsoft solution,
as it can run on a range of servers, and have additional software and patches
added in a matter of minutes, due to it being script based. Doing the same
using Microsoft RIS would involve deploying a machine, installing the patch,
taking an image of the machine, then pushing it back to the RIS server, which
is a great deal of work for just adding a new patch to the system.
to the install share on the deployment server. At this stage, the share was
tested across the network, using the UNC path \\ntinstall\install (Figure 3).
Finally, the configuration file that resides on the TFTP server should be
modified, as by default it boots straight into an installation. Due to the fact the
client machines will be set to boot from the network, this is undesirable, as the
clients will start a new installation every time they boot up. A new configuration
file was created (Appendix A) which will give the user a two second prompt to
type in a password (buildme) that will initiate an installation. If an invalid
password is entered, or there is no input in the first 2 seconds, the client will
boot locally. This file could have additional information appended, in order to
make different deployments available.
10
detailed information [8] for the Windows 2003 unattend.txt, which also mostly
applies to Windows XP and 2000. The unattend.txt file that was produced for
the deployments is included in Appendix B.
11
12
13
The commands to install applications are similar to those used to install the
Windows patches. There are several key installers used by software vendors
to distribute their software, generally each installer shares the same command
line arguments regardless of what application it is being used to distribute.
With the majority of installers, command line arguments can be listed by
running the installer with the /? argument. The installer vendors website
usually has a comprehensive guide of command line arguments that can be
used, even if the installer itself wont easily reveal them.
An example of the command required to install the codec pack package is:
> klmcodec145.exe /SILENT
When this is inserted into a script, it must pass this command along with the
full path to the script that manages the to-do list:
> todo.pl "%Z%\packages\codecs\klmcodec145.exe /SILENT"
This includes a variable for the Z: drive which is a drive mapping on the client
to the install share on the deployment server.
14
15
16
been created and the command will be unsuccessful. If long filenames are
being used, such as in the case above, they should be enclosed between
quotes, however, as the command is already enclosed in quotes (for being
passed to todo.pl, the quotes inside this command will require escaping with a
backslash, so that each quote is replaced with \.
17
18
template that is used to create new user accounts. However, this file cannot
be accessed through the registry be default, in order to access it, the hive
must be loaded into a new tree of the registry. This can be done with the
following command:
> REG LOAD HKU\TempHive "C:\Documents and Settings\Default
User\ntuser.dat"
This command simply loads the specified registry hive file, into the HKEY
USERS\TempHive tree of the registry. Any changes performed in HKEY
CURRENT USER must also be performed in this tree as well, so that they
will be applied to the default template. Once all registry modifications have
been made, the hive is simply unloaded via the following command:
> REG UNLOAD HKU\TempHive
It should also be noted that the default user profile, also has several desktop
items, and start menu items that may require modifications, although this is a
much simpler task, as the files are directly accessible.
19
4. Project management
From the very start of the project, time management was a key factor that was
heavily utilised to help ensure that the project ran according to the
predetermined schedule and that it was completed on time. The time available
for the project was managed via means of a Gant chart that was produced in
the very early stages of the project. A copy of the Gant chart can be found in
Appendix F.
The project target objectives were originally specified as follows:
Deployed systems should have all service packs & patches in place.
The end user should be able to rebuild their system (If authorised to).
Unfortunately, not all of the original target objectives were met. While a range
of applications were successfully installed to deployed systems, the range
was fixed - different groups of users did not have the ability to have different
sets of applications installed. This was unable to be implemented due to a
hard disk on the development network failing, which in turn caused delays in
the progress of the project until a replacement could be acquired. In addition
to this, the performance of simultaneous installations could not be
investigated, as it was not possible to obtain a large number of workstations
that could be rebuilt, although this was predicted as a potential constraint
when the objectives were originally specified.
20
5. Conclusions
From observing the progress of the project it can be clearly observed that
automating the deployment of workstations is beneficial to any business or
organisation that has a large number of workstations to support.
The project allows for a workstation with no operating system or data to be
plugged into the network and have the operating system, patches and
applications all automatically installed. The only user intervention that is
required is the initiation of the process. The deployment also contains
numerous configuration modifications, so that deployed clients can be
configured exactly to the companys policies and themes. A full client
deployment on the development network (using standard 1.5GHz machines)
takes around two hours to complete.
By implementing the solution demonstrated in the project, an organisation
could increase the efficiency of their technical support department as the
amount of time required for staff to deploy a client would dramatically drop,
and the time saved could be used elsewhere. Further to this, the system could
also be used for fixing more serious system errors, as it is likely that it would
be quicker to perform an automatic rebuild, rather than having a member of
the support staff spending time attempting to fix the error. The user of the
machine in question could also perform the rebuild, which potentially allows a
user to fix a serious fault without even having to contact the support
department.
The system requires very little specialist infrastructure in place, so can be
easily integrated into the majority of business class networks. Windows or
Linux based servers can be used, and the system does not require a
dedicated server it can be placed on an existing server with no problems. I
have even started to keep a copy on my laptop along with the boot CD, so
that I can rebuild friends computers easily.
After carrying out the work involved with the project I feel that I have a far
deeper understanding of the Windows operating system with regard to what
goes on under the bonnet. I feel that this is especially due to the fact that
typical methods used for system configuration couldnt be used in the project
(such as the usual point and click GUIs), which meant more complex
methods had to be investigated and used. I am also aware that my scripting
skills have been improved, as the deployments are heavily scripted so I was
constantly writing and editing them, in addition to this I also had to learn
regular expressions in order to produce the machine naming script that can be
found in Appendix C.
21
22
References
[1] OS Market Share: Microsoft Stomps the Competition
[URL: http://www.windowsitpro.com/Article/ArticleID/40481/40481.html]
(Accessed: 09/11/05)
[2] Microsoft Lifecycle Information
[URL: http://support.microsoft.com/gp/lifeselect]
(Accessed: 11/11/05)
[3] Microsoft Deployment Tools Windows XP unattended installation
[URL: http://www.overclockers.com/tips1158]
(Accessed 17/11/05)
[4] MSFNs Unattended Windows
[URL: http://unattended.msfn.org]
(Accessed 17/11/05)
[5] The Unattended Project
[URL: http://unattended.sourceforge.net]
(Accessed: 19/11/05
[6] Microsoft Remote Installation Services
[URL: http://technet2.microsoft.com/WindowsServer/en/Library/
dc89bc1c-9df2-4fc3-ae7f-c46f1a8b41fa1033.mspx]
(Accessed: 23/11/05)
[7] tftpd32 home page
[URL: http://tftpd32.jounin.net]
(Accessed 01/12/05)
[8] Unattended Installation Tools and Settings
[URL:http://www.microsoft.com/resources/documentation/windowsServ
2003/all/techref/en-us/w2k3tr_unatt_tools.asp]
(Accessed: 07/12/05)
[9] Unattended The [_Meta] section
[URL: http://unattended.sourceforge.net/meta.php]
(Accessed: 09/12/05)
[10] How to integrate Windows XP SP2 into installation folder
[URL: http://support.microsoft.com/?kbid=900871]
(Accessed: 22/11/05)
23
Appendices
Appendix A Pxelinux configuration file
# isolinux/pxelinux configuration file
default localboot
timeout 20
prompt 1
label localboot
LOCALBOOT 0
label buildme
kernel bzImage
append initrd=initrd z_user=install z_pass=buildme z_path=//ntinstall/install
24
25
[RegionalSettings]
LanguageGroup=1
Language=00000809
[Branding]
BrandIEUsingUnattended=Yes
[URL]
Home_Page=http://www.google.co.uk
Search_Page=http://www.google.co.uk
[Proxy]
Proxy_Enable=0
Use_Same_Proxy=1
[Networking]
InstallDefaultComponents=Yes
[NetOptionalComponents]
LPDSVC=0
[_meta]
top=full.bat
middle=""
local_admins=""
ntp_servers=""
edit_files=0
fdisk_lba=1
fdisk_cmds="fdisk /clear 1;fdisk /pri:4000;fdisk /activate:1"
fdisk_confirm=0
format_cmd="format /y /z:seriously /q /u /a /v: c:"
replace_mbr=1
26
27
[HKEY_USERS\TempHive\Software\Microsoft\MediaPlayer\Setup\UserOptions]
"DesktopShortcut"="no"
"QuickLaunchShortcut"="yes"
[HKEY_USERS\TempHive\Software\Microsoft\MediaPlayer\Preferences]
"AcceptedPrivacyStatement"=dword:00000001
"FirstRun"=dword:00000000
"StartInMediaGuide"=dword:00000001
"CDRecordMP3"=dword:00000001
[HKEY_USERS\TempHive\Software\Microsoft\MediaPlayer\Player\Settings]
"EnableDVDUI"="Yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsMediaPlayer]
"GroupPrivacyAcceptance"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Settings\MP3Encodi
ng]
;"LowRate"=dword:0000dac0
;"MediumRate"=dword:0001f400
;"MediumHighRate"=dword:0003e800
;"HighRate"=dword:0004e200
"LowRate"=dword:0001f400
"MediumRate"=dword:0003e800
"HighRate"=dword:0004e200
[-HKEY_CLASSES_ROOT\.avi\ShellEx]
[-HKEY_CLASSES_ROOT\.mpg\ShellEx]
[-HKEY_CLASSES_ROOT\.mpe\ShellEx]
[-HKEY_CLASSES_ROOT\.mpeg\ShellEx]
28
29
30