From Inventory to CtrlAltDel

1
From Inventory to Ctrl-Alt-Del

• Hamilton College
• Clinton, NY

2
Hamilton CollegeDesktop Integration Support

• Gretchen Maxam
• Desktop Integration Specialist Imaging Support
• gmaxam_at_hamilton.edu
• Jesse Thomas
• Desktop Integration Specialist Academic
  Facilities
• jthomas_at_hamilton.edu
• Dan Sloan
• Installation Specialist
• dsloan_at_hamilton.edu

3
History

• Existing Inventory System
• Computer Serial Number
• License
• User Name, Location
• Software
• Used Ghost
• Win98

4
History

• When XP arrived
• Needed to provide unique name to computer
• Add to Domain
• Provide proper license to activate
• Added Sysprep
• Fed it with unique data from Inventory DB
• Pre-Create computer objects in AD
• and on and on

5
Overview of Environment

• Academic Facilities
• 9 ITS Managed Labs
• 68 Windows
• 71 Macintosh
• 49 TE Classrooms
• 34 Windows Macintosh
• 15 Macintosh Only

6
Overview of Environment

• 6 Academic Images
• 3 Windows
• 3 Macintosh
• Ghost
• AD Structure
• Terminology
• Push the button
• Group Re-image

7
Ease of Imaging

• Get Hamilton Barcode(s)
• Locate machine(s) in Inventory

8
Ease of Imaging
Equipment Information
9
Ease of Imaging
Users Tab
10
Ease of Imaging
Software Tab
11
Ease of Imaging
Function Tab
12
Ease of Imaging
13
Ease of Imaging
14
Ease of Imaging
15
(No Transcript)
16
Ease of Imaging

• Group Reimage
• Edit psexec command
• Schedule Task
• Verify restore

17
How do we get here?
18
first_boot.cmd
REBOOT
Full File on Page 1 of Supplement
19
first_boot.cmd

• Script that runs on first boot
• Cleans up loose ends after imaging process
• Changes local account passwords
• Performs registry edits
• Re-installs anti-virus software (Sophos)
• Edits folder permissions

20
first_boot.cmd

• Cleans up loose ends after imaging process
  (contd)
• Sets Computer Description
• Hides service partition
• Restarts computer
• Deletes itself

21
first_boot.cmd

• Changes local account passwords
• net user ltusernamegt ltnew_passwordgt
• net user itsadmin unique_password

22
first_boot.cmd

• Performs Registry Edits - Delete Keys
• reg DELETE ltKeyNamegt ltoptionsgt
• reg DELETE "HKLM\Software\Sophos\ALC
  Agent\Private" /v pkc /f

23
first_boot.cmd

• Performs Registry Edits - Change Permissions
  (Citrix Web Client)
• regini ltinput_filegt (text file with registry
  data)
• echo \Registry\Machine\Software\Microsoft\MSLicens
  ing\HardwareID 1 5 7 13 17 gt c\Management\regin
  i.txt
• regini c\Management\regini.txt

24
first_boot.cmd

• Re-installs anti-virus software (Sophos)
• msiexec ltpath_to_msigt ltoptionsgt
• msiexec.exe /i "c\Program Files\Sophos\AutoUpdate
  \cache\savxp\Sophos Anti-Virus.msi" REINSTALLALL
  REINSTALLMODEvoums UPDATEDRIVERS0 /quiet

25
first_boot.cmd

• Edits folder permissions
• cacls ltfilenamegt ltoptionsgt
• cacls "c\Documents and Settings\All
  Users\Application Data\Windows Genuine Advantage"
  /E /T /G EveryoneF

26
first_boot.cmd

• Hides service partition
• diskpart /s ltdiskpart_scriptgt
• diskpart /s c\Management\diskpart_hide_winpe.txt
• diskpart_hide_winpe.txt
• select disk 0
• select partition 1
• remove
• exit

27
first_boot.cmd

• Restarts computer
• shutdown ltoptionsgt
• shutdown -r -f -t 5

28
first_boot.cmd

• Deletes itself
• del ltfiles or directoriesgt
• del c\Management\first_boot.cmd

29
Sysprep
REBOOT
first_boot.cmd
REBOOT
Full File on Page 2 of Supplement
30
Sysprep

• minisetup - w/ sysprep.inf answer file
• PnP device installation
• product key
• sets 'Administrator' password
• sets computer name
• joins to domain

31
Sysprep

• PnP device installation
• Unattended
• UpdateInstalledDriversYes
• DriverSigningPolicyignore

32
Sysprep

• Product Key
• UserData
• ProductIDABCDE-12345-FGHIJ-67890-KLMNO

33
Sysprep

• Sets Administrator password computer name
• GuiUnattended
• AdminPasswordpaw0rd
• UserData
• ComputerNamepc-869273

34
Sysprep

• Joins domain
• Identification
• JoinDomainhamilton.edu
• DomainAdminnetworkadmin
• DomainAdminPasswordpaw0rd

35
Sysprep

• Calls first_boot.cmd
• GuiRunOnce
• Command0() "systemdrive/Management/first_boot.
  cmd"

36
Download Image
REBOOT
first_boot.cmd
Sysprep
REBOOT
REBOOT
37
Downloading the Image

• Three parts
• Boot into WinPE
• Run download_production_image.cmd
• Run unique ghost.cmd

38
Downloading the Image

• PART 1
• Boot into WinPE
• located on 5GB service partition
• installed using WinPE bootable CD
• DIS WinPE Utility

39
Downloading the Image

• PART 2
• download_production_image.cmd
• called by startnet.cmd in WinPE
• sets-up environment
• maps drives
• sets variables for MAC address, service tag, IP
• starts VNC server
• runs machine specific ghost.cmd

Full File on Page 3 of Supplement
40
Downloading the Image

• PART 2 download_production_image.cmd
• Maps drives
• net use ltdrive lettergt ltpathgt /userltusernamegt
  ltpasswordgt
• net use i \\casper2\DIS-WIN /useradmin paw0rd

41
Downloading the Image

• PART 2 download_production_image.cmd
• Sets variables
• for /f "tokens1" x in ('ltcommandgt') do set
  ltvariablegtx
• for /f "tokens1" i in ('ipconfig /all gawk
  -F" " "/IP Address/ print 2 "') do set
  ipI
• for /f "tokens1" s in ('ghost32 -lockinfo
  gawk -F\" "/Serial/ print 2 "') do set
  serials

42
Downloading the Image

• PART 2 download_production_image.cmd
• Starts VNC server
• regedit /s i\Ghost-G3\tools\vnc\ultravnc.reg
• start /min winvnc.exe

43
Downloading the Image

• PART 2 download_production_image.cmd
• Runs machine specific ghost.cmd
• i\Ghost-G3\data\serial\ghost.cmd

44
Downloading the Image

• PART 3
• machine specific ghost.cmd
• downloads appropriate image (Ghost32)
• copies files to local machine
• sysprep.inf, first_boot.cmd
• sets boot disk
• writes logging info
• reboots

45
Downloading the Image

• PART 3 ghost.cmd
• Runs Ghost32.exe command
• ghost32 -clone,MODEprestore,src"i\images\2006
  Images\Desktop\sysprep\GX620.gho1",dst12 -sure
  -fx

Full File on Page 4 of Supplement
46
Downloading the Image

• PART 3 ghost.cmd
• Sets boot disk
• diskpart /s diskpart_set_active.txt
• select disk 0
• select partition 2
• assign letter w
• active
• exit

47
Downloading the Image

• PART 3 ghost.cmd
• Outputs logging info
• echo I was imaged on date time gtgt
  i\Ghost-g3\logs\barcode.txt
• copy i\Ghost-g3\logs\barcode.txt
  "w\Management\image.log"

48
Downloading the Image

• PART 3 ghost.cmd
• Copies files reboots
• mkdir w\Management
• copy "i\Ghost-G3\data\serial\sysprep.inf"
  "w\sysprep\"
• copy "i\Ghost-G3\data\serial\first_boot.cmd"
  "w\Management\
• exit

49
Inventory System Behind the Scenes
50
Inventory System Behind the Scenes

• Scripts used to format data
• Plug-in creates
• Custom directories using cpu serial
• Custom files with specific data for cpu

51
Inventory System Behind the Scenes
AddComputerToAD
52
Inventory System Behind the ScenesAddComputerToA
D

• Information from the Inventory record
• Computer Barcode to create part of the name
• Current User Department to determine Academic or
  Employee
• Current User Building and Current User Department
  to determine the current OU
• Current User Name and Department for the object
  description

53
Inventory System AddComputerToAD
VB script that pre-creates the computer object in
Active Directory
strComputer "pc-barcode" strCompDesc
"CompDesc1" Set objContainer GetObject("LDAP//o
uBUILDING, ouMANAGED COMPUTERS, ouAll Domain
Computers, Becomes strComputer
"pc-13880" strCompDesc KJ220- 10 -
ITS-LABS" Set objContainer GetObject("LDAP//ou
KJ 220, ouAcademic Facilities, ouMANAGED
COMPUTERS, ouAll Domain Computer,
Full File on Page 5 of Supplement
54
Inventory System Behind the ScenesAddComputerToA
D
55
Inventory System Behind the ScenesAddComputerToA
D
56
Inventory System Behind the ScenesAddComputerToA
D
57
Inventory System Behind the ScenesPrep Button
58
Inventory System Behind the ScenesPrep Button

• Information from the Inventory record is used to
  create
• Sysprep answer file
• Ghost.cmd
• first_boot.cmd
• Backup files
• Directory on server to store these files

59
Inventory System Behind the ScenesPrep Button
60
Inventory System Behind the ScenesPrep Button
61
Inventory System Behind the ScenesPrep Button

• Sysprep answer file with specific data
• Admin Password (based on barcode)
• Windows License (can be volume or from cpu)
• Computer Name (based on barcode)
• Domain name
• Domain Account need to add computer to domain
• account password
• Run once file

Full File on Page 2 of Supplement
62
Inventory System Behind the ScenesPrep Button

• Sysprep answer file
• GuiUnattended
• AutoLogonYes
• AdminPasswordUnique_Based_On_Barcode
• AutoLogonCount 1
• EncryptedAdminPasswordNO
• OEMSkipRegional1
• TimeZone35
• OemSkipWelcome1

63
Inventory System Behind the ScenesPrep Button

• Sysprep answer file
• UserData
• ProductID ct6gt-x6tp7-9tk98-ykjq9-ykf6
• FullName"Hamilton College"
• OrgName"Hamilton College"
• ComputerName"pc-13880"

64
Inventory System Behind the ScenesPrep Button

• Sysprep answer file
• Identification
• JoinDomainhamilton-d
• DomainAdminltnetworkadmingt
• DomainAdminPasswordltpaw0rdgt
• Networking
• InstallDefaultComponentsYes
• GuiRunOnce
• Command0() "systemdrive/Management/first_boot.
  cmd"

65
Inventory System Behind the ScenesPrep Button
66
Inventory System Behind the ScenesPrep Button

• Ghost.cmd file with specific data
• Image name

Full File on Page 4 of Supplement
67
Inventory System Behind the ScenesPrep Button

• Ghost.cmd page of handout
• run ghost command
• echo Running Ghost...
• ghost32 -clone,MODEprestore,src"i\images\2006
  Images\Academic\sysprep\KJUnified.gho1",dst12
  -sure fx

68
Inventory System Behind the ScenesPrep Button

• First_Boot.cmd with specific data
• Local User Password (based on barcode)
• Sets computer description (based on barcode)

Full File on Page 1 of Supplement
69
Inventory System Behind the ScenesPrep Button

• First_boot.cmd page of handout
• using net user command
• net user itadmin UniquePassword
• Set computer description
• reg ADD "HKLM\SYSTEM\CurrentControlSet\Services\la
  nmanserver\parameters" /v srvcomment /d
  "pc-13880" /f

70
Inventory System Behind the ScenesRe-image
Button
71
Inventory System Behind the ScenesRe-image
Button

• Startimage.cmd
• psexec \\pc-barcode -s c\management\initiate_auto
  mated_imaging.cmd

Full File on Page 8 of Supplement
72
Inventory System Behind the ScenesRemote
Desktop Button
73
Inventory System Behind the ScenesRemote
Desktop Button

• Remote.rpd
• screen mode idi1
• desktopwidthi1280
• desktopheighti1024
• session bppi16
• winposstrs0,1,1300,9,2542,870
• full addresssPC-BARCODE
• compressioni1
• keyboardhooki2
• audiomodei0
• redirectdrivesi0
• redirectprintersi1

Full File on Page 8 of Supplement
74
Inventory System Behind the ScenesUpdate Image
Log Button
75
NetworkDirectory Structure
76
NetworkDirectory StructureCommands Directory
77
NetworkDirectory StructureData Directory
78
NetworkDirectory StructureInside Data
Directory
79
NetworkDirectory StructureLogs Directory
80
NetworkDirectory StructureTools Directory
81
NetworkTools used - Shareware

• COREUTILS http//gnuwin32.sourceforge.net/packages
  .html
• GAWK
• http//gnuwin32.sourceforge.net/packages.html
• GREP
• http//gnuwin32.sourceforge.net/packages.html
• psexec
• http//www.microsoft.com/technet/sysinternals/uti
  lities/psexec.mspx
• UltraVNC
• http//ultravnc.sourceforge.net/

82
NetworkTools used - Purchased

• Ghost
• http//www.symantec.com/enterprise/
• FileMakerPro
• www.filemaker.com
• Troi File plug-in for Filemaker
• http//www.troi.com/software/fileplugin.html

83
Conclusion

• Building Blocks
• Keep adding
• Can modify and add to scripts in Inventory
• Built with what we had
• Didnt need to switch to (or buy) new
  technology or software
• Fits our workflow

84
Conclusion

• Apply what we have to other systems
• Use for Faculty and Admin computers
• We have a parallel system for Macs

85
Next Steps

• PXE boot
• WinPE2
• Add application installers
• Create a web form for self service
• Add scheduling

86
Next Steps

• Vista

87
Thank you!Questions?