Read Windows Server 2008 R2 Unleashed Online
Authors: Noel Morimoto
nization’s server and workstation deployment requirements requires some time and a lot
of testing, but when tens or hundreds of machines are deployed each year, taking the time
to deploy and configure WDS and WDS images will definitely simplify the deployment of
systems and improve system standardization and recoverability.
This chapter focuses on using Windows Deployment Services (WDS) to automate the
deployment of operating systems to workstations. Also included in this chapter are some
general overviews of the different services and applications provided with Windows Server
2008 R2 that can assist with the management, configuration, and support of servers and
workstations after they are already deployed on the production network.
When planning how the information technology department will manage desktops and
servers for a particular organization, many different support scenarios should be consid-
ered. Deploying operating systems is only one of the many tasks that fall under the
managing desktops and servers umbrella. Additional tasks include deploying and updating
software to existing systems, generating reports that detail the status of the overall
computer and network infrastructure, supporting end users, and managing backup and
ptg
recovery processes. There are, of course, many more tasks, but this chapter is limited to
these types of IT-related tasks and primarily focuses on the automation of operating
system deployment using Windows Server 2008 R2 Windows Deployment Services.
Operating System Deployment to Bare-Metal Systems
When choosing to deploy an operating system to a bare-metal system, all you need is the
operating system media, the correct product key, and the supporting driver disks for your
hardware. This is the traditional way to deploy a system—in today’s computer and
network infrastructure, many workstations come with operating systems preinstalled and
servers usually contain vendor-specific installation disks that not only deploy the operat-
ing system, but also install vendor-specific drivers, services, and applications specific to
the particular server hardware. Deploying operating systems to bare-metal systems, or
systems with no existing operating system, is still a common scenario when organizations
want to ensure that a very clean, unmodified operating system is deployed without any
unnecessary applications or services. Also, this method might be required to meet specific
security requirements or to be able to easily leverage WDS to quickly roll out new servers
and desktops.
Managing Updates and Applications
Up until a few years ago, deploying security and application updates to Microsoft Windows
workstation and server operating systems was very challenging. Any attempt to centralize
the management and deployment of these updates required third-party suites or custom
development and scripts. This challenge did not apply only to systems already deployed on
the network, but it also applied to systems recently deployed from a WDS server.
Operating System Deployment Options
989
Now many organizations utilize domain group policies to configure the Windows Update
settings on the organization’s servers and desktops to ensure that all systems adhere to a
policy that automatically keeps the systems updated and secure. The Windows Server 2008
R2 Windows Server Updates Services role can be used in conjunction with the Windows
Updates settings in domain policies to allow an organization to centrally manage and
report on which updates will be deployed and which client and server systems are in and
out of security update compliance. Regarding WDS images, if any custom images will need
to be deployed to systems, they must be updated and recaptured to ensure that the WDS
images maintain a high level of security whenever they are deployed.
Supporting End Users and Remote Administration
Supporting end users and performing administration of the computer and network infra-
structure from remote workstations is a necessity for most organizations. Each organiza-
tion should determine what the particular end-user support requirements will be and how
support will be provided. If remote support of end users is the preferred approach, the
organization needs to decide on whether Microsoft-specific tools will be used or if third-
party products will be necessary to meet the support requirements. Also, the organization
needs to determine how or if remote administration of the computer and network infra-
structure will be supported.
ptg
26
Operating System Deployment Options
When new servers or workstations need to be deployed, one of the big decisions to make
is whether these systems will be built and deployed manually or if the system deployment
process will be automated. Automating system deployment is not a task that can be
completed in a few hours or days, at least not the first time. On the contrary, building a
functional operating system deployment infrastructure takes careful planning, sometimes
expensive licenses, and many hours and days or weeks worth of testing and tuning the
images and the automation. There are a few different ways Windows server and business
desktop operating system deployments can be performed, including manual installation,
unattended installations, manufacturer-assisted or customized unattended installations,
and through the deployment of prebuilt and possibly customized operating system images.
Manual Installation Using Installation Media
Manual installation is rather straightforward. Insert the installation media and run
through the step-by-step installation, documenting all of your settings as you move
forward. This method is sometimes required when administrators do not have an image
suitable for the particular hardware platform or when only a small number of systems are
regularly deployed and taking the time to create unattended or image type installations is
unnecessary and provides no real value to the organization.
990
CHAPTER 26
Windows Server 2008 R2 Administration Tools for Desktops
Unattended Installation
Unattended installations can be helpful when deploying a large number of desktops and
servers that have the same hardware specifications. An unattended file is simply a file
created that answers all the questions asked during a manual installation. Unattended
configuration files were historically referred to as answer files. Options in some unat-
tended answer files can include accepting the end-user licensing agreement, entering a
volume license product key, choosing to format the drive, specifying a particular partition
or volume size for the operating system, and much more. This is now referred to as an
unattended installation file.
Manufacturer-Assisted Installation
Some manufacturers provide automated installation media that, upon bootup, prompts
the administrator to answer a few questions and the remainder of the installation is auto-
mated. This is a very common scenario encountered in the retail sector for home user and
business desktops and servers that are shipped with preinstalled operating systems. These
types of installations usually include original equipment manufacturer (OEM) licensed
software. One important point to note is that when an organization wants to move
toward the automated deployment of servers or desktops using an imaging or deployment
system, an OEM operating system license and media cannot be used as it usually violates
ptg
the licensing agreement.
Cloning or Imaging Systems
Cloning or imaging systems can be helpful when deploying a series of identical desktops
and servers. You build up a desktop or a server, prepare the system for cloning/imaging,
and copy/capture the system image using third-party tools or Microsoft deployment tools
such as Windows Deployment Services. Microsoft only supports the cloning and imaging
of servers and desktops when Sysprep is used to generate new machine security identifiers
(SIDs). Windows Deployment Services can be used to deploy both base installation images
and customized or captured installation images to Windows servers and desktops.
System Center Configuration Manager 2007 R2
For medium- and enterprise-sized organizations, additional deployment options can be
leveraged when the organization has deployed System Center Configuration Manager
2007 R2 or System Center Configuration Manager 2007. Utilizing the Operating System
Deployment feature, organizations can leverage a zero-touch or lite-touch deployment of
operating systems. As evident by the name zero-touch, if configured properly, the worksta-
tion or server does not ever need a visit. As an example of how this can be used, an exist-
ing Windows XP or Windows Vista SP1 system can be tested for Windows 7 compatibility
and if the tests pass, the user state can be exported and saved, a customized Windows 7
image can be pushed down to the system followed by postimage processing to install
applications, and, finally, restoring the exported user state if compatible. The end result
delivers Windows 7 to the end-user desktop with the user’s profile already configured.
More information on this and many of the other valuable features included with System
Center Configuration Manager 2007 R2 can be found at http://www.microsoft.com/
systemcenter/configurationmanager/en/us/default.aspx.
Windows Server 2008 R2 Windows Deployment Services
991
Remote Installation Services
Remote Installation Services (RIS) was released with Windows 2000 Server and was
Microsoft’s first successful “over the network” operating system deployment services.
Windows 2000 Server RIS did not support server operating systems and had many limita-
tions, but it was a very functional and valuable tool.
Automated Deployment Services
Automated Deployment Services was an add-on to Windows Server 2003 Enterprise
Edition, and was designed to assist with the rapid deployment of Windows 2000/2003
server operating systems only. For organizations that utilized Windows Server 2003 and
required desktop deployment options, Windows Server 2003 Remote Installation Services
was still required.
Windows Server 2003 SP2 Windows Deployment Services
With the release of Windows Server 2003 Service Pack 2, administrators could upgrade
their Windows Server 2003 RIS systems to Windows Server 2003 Windows Deployment
Services (WDS). If RIS had previously been deployed with existing images, the upgrade
took the existing RIS (RIPREP and RISETUP) images and placed them in the Legacy Image
folder within the WDS MMC snap-in and upon your initial launch of the WDS console,
the administrators were prompted to choose whether the WDS system would run in
ptg
Legacy or Mixed mode. After a few more simple configurations, existing RIS images would
work successfully in the environment.
26
Windows Server 2008 R2 Windows Deployment Services (WDS)
Windows Deployment Services (WDS) running on Windows Server 2008 or Windows
Server 2008 R2 systems provides many of the same features and functions of RIS,
Automated Deployment Services, and Windows Server 2003 SP2 WDS combined.
Windows Server 2008 R2 WDS also provides additional functionality not included in any
of its predecessors. Two of the distinct features of Windows Server 2008 and Windows
Server 2008 R2 Windows Deployment Services are that both server and desktop operating
systems can be deployed and images can be deployed using multicast communication.
New specifically on Windows Server 2008 R2 WDS systems is the ability to support
directly adding drivers or driver provisioning to Windows 7 and Windows Server 2008 R2
boot images using the WDS console and the support for network booting on x64-based
computers with Extensible Firmware Interface (EFI) support. The proceeding sections, and
the bulk of the remainder of this chapter, detail Windows Server 2008 R2 WDS installation
and configuration.
Windows Server 2008 R2 Windows Deployment
Windows Server 2008 R2 WDS is a server role that is designed to assist organizations that
utilize Active Directory Domain Services with the deployment of Windows systems. The
WDS system typically is set up to provide the storage and image retrieval services neces-
sary for image deployment, the client components such as the PXE boot images, and the
992
CHAPTER 26
Windows Server 2008 R2 Administration Tools for Desktops
management components used to configure WDS settings, including adding images to the
WDS server and creating multicast transmissions.
As previously stated, Windows Server 2008 R2 WDS includes the best features of all of its
predecessors released with Windows 2000 Server, Windows Server 2003, and Windows
Server 2008. Some of the features include, but are not limited to, the following:
. Support for Windows Server 2008, Windows 7, Windows Vista SP1, and Windows
Server 2008 R2 operating systems images.
. Support for Windows Server 2003 and Windows XP Professional images.
. The ability to deploy images using multicast communication.