One of the most challenging and costly functions performed by IT
staff today is deploying a new operating system to client computers on a
network. The Windows® 2000 operating system Remote OS Installation
feature was created to meet this need to deploy an operating system
throughout an enterprise network without having to physically attend to
each client computer. The Remote Installation Services (RIS) takes
advantage of the new Dynamic Host Configuration Protocol (DHCP)-based
remote boot technology to assist IT staff with deploying Windows 2000
Professional remotely—reducing and, in some cases, eliminating the need
to visit the desktop. This document outlines the steps necessary to
install, configure, and use RIS.
On This Page
Introduction
Installing the Windows 2000 Remote Installation Services
Authoring RIS within the Active Directory
Setting Required User Permissions
Installing Client Computers Using Remote Installation
Configuring Remote Installation Services
Client Installation Options
Remote Installation Preparation Wizard (RIPrep)
Remote Installation Boot Disk Option
Remote Boot ROM PXE Architecture
Conclusion
Appendix A: Remote Installation Server and Workstation Hardware Requirements
Appendix B: Frequently Asked Questions
Related Links
Introduction
Remote Installation Services (RIS) ships as part of the Windows® 2000
Server operating system. This document outlines the steps necessary to
install, configure, and use RIS.
RIS was designed to reduce the costs incurred by pre-installing or
physically visiting each client computer to install the operating system
(OS). By combining RIS with other Windows 2000 IntelliMirror™
management technologies features—User Data Management, Software
Installation and Maintenance, and User Settings Management—companies
benefit from better disaster recovery with easier OS and application
management.
Prerequisites
See Appendix A below to ensure that both your server and client hardware meet the remote installation hardware requirements.
The drive on the server where you choose to install RIS must be
formatted with the NTFS file system. RIS requires a significant amount
of disk space and cannot be installed on the same drive or partition on
which Windows 2000 Server is installed. Ensure that the chosen drive
contains enough free disk space for at least one full Windows 2000
Professional compact disc—a minimum of approximately 800 megabytes
(MB)–1 gigabyte (GB).
RIS requires several other services that also ship as part of Windows
2000 Server. These services can be installed on individual servers, or
all on a single server, depending on your network design:
-
Domain Name Service (DNS) Server. Remote installation
relies on DNS for locating the directory service and client machine
accounts. You can use any Windows 2000 Active DirectoryTM service-compliant DNS server, or you can use the DNS server provided with Windows 2000 Server.
-
Dynamic Host Configuration Protocol (DHCP) Server. RIS
requires a DHCP server to be present and active on the network. The
remote boot-enabled client computers receive an IP address from the DHCP
server before contacting RIS.
-
Active Directory. RIS relies on Windows 2000 Active
Directory for locating existing client machines as well as existing RIS
servers. RIS must be installed on a Windows 2000-based server that has
access to Active Directory. This can be a domain controller or a server
that is a member of a domain with access to the Active Directory.
To ensure a successful installation, you must install and configure
the additional services described above in order for RIS to function. In
addition, make sure that you have both the Windows 2000 Server and
Professional CDs available.
Before beginning this step-by-step guide, you need to build the
common infrastructure, which specifies a particular hardware and
software configuration. The common infrastructure is covered in the
Common Infrastructure step-by-step guide, "Part 1: Installing a Windows
2000 Server as a Domain Controller"
http://www.microsoft.com/windows2000/techinfo/planning/server/serversteps.asp. If you are not using the common infrastructure, you need to make the appropriate changes to this instruction set.
Although not required, we also recommend reading and performing the
exercises available in the Step-by-Step Guide to Understanding the Group
Policy Feature Set. It addresses how Group Policy works and can be
applied in the context of remote installations.
Prerequisites for Client Installations
Ensure that the client computer's network card has been set as the
primary boot device within the system BIOS. When the client computer
boots and is configured with the network card as the primary boot
device, it requests a network service boot from the remote installation
server on the network. Once contacted, the RIS server prompts users to
press the
F12 key to download the Client Installation wizard. Users should be instructed to press
F12 only
if prompted, and only if they need a new OS installation or access to
maintenance and troubleshooting tools. Once the OS has been installed
via RIS, the user can ignore the request to press
F12 during
future client computer reboots. If using the RIS boot floppy disk,
simply insert the boot floppy into the drive and start the client
computer. The computer boots from the floppy disk, and the user is
requested to press
F12 to initiate the network service
boot. When the RIS boot floppy disk is used, the user must remove the
boot floppy at some point after pressing
F12 and before the text mode portion of setup completes.
Note: Compaq computer systems provide the ability to press the
F12 key during power up on PC98 or Net PC-based systems. In this case, the user is required to press
F12 on the Compaq Splash screen, and then press
F12 again when prompted by the RIS server.
Installing the Windows 2000 Remote Installation Services
The following instructions help you install, configure, and use the Windows 2000 Remote Installation Services.
Install Remote Installation Services
-
On a Windows 2000 Server, click Start, point to Settings, and click Control Panel.
-
Double-click Add/Remote Programs.
-
Double-click Add/Remove Windows Components.
-
Scroll down and select Remote Installation Services and Click Next.
-
Insert the Windows 2000 Server CD-ROM into the CD drive and click OK . The necessary files are copied to the server.
Note: After the CD is entered, a dialog box asks if you want to upgrade to the operating system. Click No and exit this screen.
-
Click Finish to end the wizard.
-
You are prompted to restart your computer. Click Yes.
-
When the server is done rebooting, logon as a local administrator.
To set up Remote Installation Services
-
Click Start, click Run, and type RISetup.exe. This starts the Remote Installation Services (RIS) Setup wizard.
-
The Welcome screen appears, indicating some of the requirements to successfully install RIS. Click Next.
-
The next screen prompts you to enter the server drive and directory
where you would like to install the RIS files. The default drive and
directory will be the largest non-system, non-boot, NTFS-formatted
drive. In our example, this would be E:\RemoteInstall. Click Next.
Note: The drive on which you choose to install RIS must
be formatted with the NTFS file system. RIS requires a significant
amount of disk space and cannot be installed on the same drive or
partition on which Windows 2000 Server is installed. Ensure that the
chosen drive contains enough free disk space for at least one full
Windows 2000 Professional compact disc —a minimum of approximately 800
MB–1GB.
The setup wizard prompts you to either enable RIS at the end of
setup, or disable the service to allow modification of specific server
options before servicing client computers. These options are:
-
Respond to clients requesting service. This option
controls whether this RIS server responds to client computers requesting
service at the end of setup. If this option is checked, the server will
respond to clients and provide them with OS installation options. If
unchecked, this RIS server will not respond to clients requesting
service.
-
Do not respond to unknown client computers. This option
controls whether this server responds to unknown client computers
requesting a remote installation server. A client computer is known if a
managed computer account object exists for it within Active Directory.
This allows the administrator to offer only authorized—that is,
pre-staged within the Active Directory—computers the OS installation
options from this RIS server. This setting also provides support for
multiple Remote Boot or Install servers from different vendors on one
physical network. For example, if another vendor's remote install/boot
server exists on the same network as the RIS server, you cannot control
which server answers the client computer's request. Setting this option
and pre-staging client computers ensures that this RIS server will
service only pre-staged client computers.
-
For the purpose of this guide, select Respond to client computers requesting service and click Next.
-
The setup wizard prompts you for the location of the Windows 2000
Professional installation files. RIS supports the remote installation of
Windows 2000 Professional only. Insert the Windows 2000 Professional CD
into the server's CD drive and type the drive letter containing the CD
(or browse to a network share that contains the installation source
files). Click Next.
-
The wizard prompts you to enter the directory name that will contain
the workstation files on the RIS server. This directory is created
beneath the directory specified in Step 3 above. The directory name
should reflect its contents—for example, Win2000.pro. Click Next to accept the default name of win2000.pro.
-
You are prompted for a friendly description and help text that
describes this OS image. The friendly description and help text is
displayed to users or IT staff during the client installation wizard
(OSChooser) at initial startup on a remote client. For example, if this
workstation OS will be tailored to sales staff, then a friendly
description might be "Windows 2000 Professional for Sales Staff." The
help text is displayed when the user selects the description within the
Client Installation wizard. Make sure you provide clear help text to
your users, to ensure that they choose the correct OS option at
installation time. For this exercise, click Next to accept the default
name of Microsoft Windows 2000 Professional.
-
At this point, you are presented with a summary screen indicating the
choices you have made. Click Finish to confirm your choices. Once the
installation wizard completes, you are ready to either service client
computers, or additionally configure the RIS settings.
Wait while the wizard installs the service and settings you have
selected. This takes several minutes. When it is finished, a screen
appears as in Figure 1 below:
Figure 1: Completed RIS installation.
-
Click Done.
Now that RIS is successfully installed, you must authorize the RIS
server within Active Directory. If you do not authorize the RIS server,
it will fail to service client computers requesting a network service
boot. The next section outlines these steps.
Authoring RIS within the Active Directory
RIS allows you to control which RIS servers can service client
computers on the network. For a RIS server to operate, it must first be
authorized within Active Directory. If the RIS server is not authorized
within Active Directory, client computers requesting service will not be
able to contact the RIS server and will not be answered.
To authorize a RIS server within Active Directory, you must be logged
on as an enterprise administrator or a domain administrator of the root
domain. You can complete the following steps on any domain controller,
member server of the domain, or a Windows 2000 Professional workstation
that has installed the Administrator Tools Package containing the DHCP
Server Management snap-in. This guide performs the authorization on a
domain controller: specifically, the domain controller that would have
been created by running Part I of the Common Infrastructure step-by-step
guide.
-
Click Start, point to Programs, point to Administrative Tools and click DHCP. The following snap-in appears as in Figure 2 below:
Figure 2: DHCP Snap-In
-
Right-click DHCP in the upper-left corner of the DHCP screen, and select > Manage Authorized Servers. If your server is not already listed, click Authorize, and enter the IP address of the RIS server. Click > Yes when prompted to verify that the address is correct.
At this point, your RIS server is authorized within Active Directory
and is now able to respond to client computers requesting service.
Note: If you authorize the RIS server on a non-domain
controller computer, follow these steps to install the Administrator
Tools Package: Click
Start, click
Run, and type
adminpak.msi on a Server system. From a Professional based system, execute adminpak.msi from the Windows 2000 Server CD.
Setting Required User Permissions
If users are allowed to use RIS to install their own client
computers, the administrator must ensure that those users have been
granted the correct permissions for creating machine accounts within the
domain. The permissions granted using the steps below will allow users
to create computer accounts anywhere in the domain.
-
Click Start, point to Programs, point to Administrative Tools, and click Active Directory Users and Computers.
-
Right-click the Domain Name (Reskit.com) at the top of the snap-in, and click the Delegate Control option.
-
A wizard starts. Click Next.
-
Click Add to add users who are allowed to install their own computers using Remote OS Installation.
-
For the purpose of this guide, highlight Everyone and click Add. Click OK.
-
Click Next to continue.
-
Check the Join a Computer to the Domain option, and click Next.
-
Click Finish. Users can now create computer account objects during the OS installation using the RIS service.
You can now either use the default RIS settings and immediately begin
servicing client computers, or you can make changes to the RIS settings
first. In either case, review the section titled "Prerequisites for
Client Installations" above before servicing the first client computer.
Installing Client Computers Using Remote Installation
This section describes the steps required to successfully install
Windows 2000 Professional on a Net PC, a Managed PC (PC 98 compliant
system), or a PC that contains a network card supported by the remote
installation boot floppy. To ensure a successful client installation,
complete all prerequisites listed at the beginning of this document.
-
Reboot your client machine from either the remote floppy or the PXE boot ROM. When prompted, press the F12 key to start the download of the client installation wizard.
-
Press Enter at the welcome screen.
-
For the user name, type Jon Grande (this user is
created using the Common Infrastructure step-by-step guide discussed in
the Prerequisites Section above.) Press the Tab key twice. For this instruction set, the password is left blank and the domain name should be entered as reskit.com. Press Enter to continue.
-
You will get a warning message that all data on the client machine hard drive will be deleted. To continue, press Enter.
-
A computer account and a global unique ID for this workstation are displayed. Press Enter to begin Setup. The Windows 2000 Setup program begins.
-
If prompted, type the Product Key (found on the back of the Windows 2000 Professional CD case) and click > Next. (Note:
This step can be avoided by specifying the product key in the .sif
file; see Windows 2000 Online Help for assistance in making this change
to the .sif file.)
After the installation is complete, the user is prompted to log on to
the network with an existing user account, password, and logon domain.
At this point, you have successfully configured and installed a
remote operating system using RIS. See below for additional information
on configuration options.
Configuring Remote Installation Services
This section outlines the specific RIS configuration options that can
be configured. If desired, these optional steps should be performed
using the Active Directory Users and Computer snap-in on the RIS server.
Note: Although not covered in this guide, you can
administer the majority of the RIS configuration settings from a Windows
2000 Professional client. To administer a RIS server from a Windows
2000 Professional client, install the Administrator Tools package
AdminPak.msi that ships as part of the Windows 2000 Server CD. The
Administrator Tools package can be deployed or installed from the
<Windir>\System32 directory on the server.
-
Click Start, point to Programs, point to Administrative Tools, and click Active Directory Users and Computers.
You are presented with your Active Directory tree as in Figure 3 below:
Figure 3: Active Directory Users and Computers Snap-In
There are two areas of administration concerning the configuration of the RIS server settings:
-
Remote installation server properties, which allow you to determine
how this RIS server responds to client computers that request service.
-
Advanced settings, which provide additional flexibility regarding the ways in which client computers are installed.
Locate your RIS server computer object within the Active Directory
Users and Computers snap-in. Depending on the type of server, domain
controller, or member server of a domain, the server's computer object
can be located in the Domain Controller Active Directory container or
another container specified by the administrator at install time.
-
Click Domain Controllers in the left pane.
-
Right-click HQ-RES-DC-01 in the right pane.
-
Click Properties.
-
Click the Remote Install tab. The property page appears as in Figure 4 below :
Figure 4: RemoteInstall Options
The server options control how this RIS server responds to remote client computers requesting service.
-
Click Advanced Settings on the RIS server property page.
-
Click the down arrow next to the Generate client computer names using drop-down box as in Figure 5 below.
Figure 5: Client under Advanced
The administrator can define the automatic computer naming policy
that is used during OS installation to provide the computer with a
unique name. The computer name is used to identify the client computer
on the network, similar to the older NetBIOS name used in previous
versions of the Windows NT® and Windows operating systems.
This tab also allows you to define a default Active Directory
container for client computer account object creation. You can group
clients within a specific directory service domain or organizational
unit (OU). During OS installation, Windows 2000 setup queries these
settings to ensure the client computer is configured according to what
the administrator has specified. These are the options:
-
Default directory service location. This option
specifies that the computer account object for the client computer will
be created in the default Active Directory computer accounts location.
The default Active Directory location is set to the Computers container
within the Active Directory. The client computer becomes a member of
the same domain as the RIS server installing the client.
-
Same location as the user setting up the computer.This
options pecifies that the client computer account object will be created
within the same Active Directory container as the user setting up the
machine. For example, if Jon logs on within the Client Installation
wizard and his user account currently resides within the "Users" Active
Directory container, the client computer account is created within the
"Users" container in the Active Directory.
-
A specific directory service location. This option
allows the administrator to set a specific Active Directory container
where all client computer account objects installed from this server are
created. It is assumed that most administrators will select this option
and specify a specific container for all remote installation client
computer account objects to be created in.
Note: If an end user is setting up the client computer,
the user must have the appropriate rights to create the computer
account within the domain or OU chosen. For more information on giving
users computer account creation permissions, please see the RIS online
Help.
Note: In order for all client computers using the RIS
feature for OS installation to contain the same settings, all remote
installation servers need to be configured in the exact same way. This
release does not support replication of OS images or RIS configuration
settings between RIS servers.
-
Specify the desired user name parameters and directory service location and click Apply.
-
Click the Images tab.
The Images tab is used for managing the client
operating system images installed on a RIS server. Its options allow an
administrator to add, remove, or modify the properties of an operating
system image.
There are two types of images that can be displayed on the Images tab:
If you replace the existing friendly description and help text with
new text, all users of the client installation from that point forward
see the new text descriptions. You can also use the Properties option to view specific image attributes, such as OS version, language, and the type of image (CD or RIPrep).
-
Click Cancel to make no changes.
-
Click the Tools tab if you wish to view its options.
The Tools tab is available for independent software
vendors (ISVs) or original equipment manufacturers (OEMs) that would
like to use their pre-boot tools with RIS. ISVs or OEMs need to provide
an external setup program that adds their respective tool to the
\RemoteInstall directory tree. Once added, the tool shows up on the Tools tab and is available to administrators and users of the Client Installation wizard.
The Tools option also allows ISVs or OEMs to provide
pre-OS installation maintenance and troubleshooting tools to
administrators, IT staff, or users. This provides administrators with an
easy way to update client computer systems, such as the system BIOS.
-
After making the desired changes, close Active Directory snap-in.
Client Installation Options
There are four installation options that you can choose to present to
a user of the Client Installation wizard. These options are:
-
Automatic setup
-
Custom setup
-
Restart a previous setup attempt
-
Maintenance and troubleshooting
The installation options available to any given user are determined
by the specific Remote Installation Services Group Policy settings. For
example, you can choose to provide all members of the Help Desk Security
group access to all of the installation options, yet restrict general
network users to the Automaticsetupand Maintenance and
troubleshootingoptions. This prevents user confusion and helps guide the
user to the correct choices for OS installation. By default, users are
given the right to automatic setup only.
Automatic Setup
The Automatic setup option is the default installation option enabled
for all users of the Client Installation wizard. If this is the only
installation option available to a user, when the user logs on within
the Client Installation wizard, the automatic setup option is not
displayed. Instead, the Client Installation wizard jumps directly to the
OS images selection screen. If there is only one OS image offered, the
user simply logs on within the Client Installation wizard and is asked
to confirm the installation. If more than one OS image is available for
installation, the user has a choice of which OS to install. Note that
you can configure the RIS server to limit the OS images the user can
see. For more information on restricting OS image access, see the
section "Restricting OS Image Options" below.
By using an unattended installation setup answer file (*.sif), you
can create several unattended OS installations that are associated with
one CD-based OS image on the remote installation server. You can
customize which items are installed, as well as how the specific OS
options are configured during OS install.
For example, you can choose to create a specific OS unattended setup
answer file (*.sif) that installs the TCP/IP protocol, sets the display
resolution to 800 x 600, and sets a specific company or department name.
You can provide a friendly description for this OS image that the user
can relate to, such as
Windows 2000 Professional for Sales Staff. The
friendly description is configurable after the initial posting of the
workstation OS image on the RIS server (see the preceding section on
configuring options on the RIS server). When a user logs on, a list of
OS installation images is displayed for the user to choose from.
When the user selects one of the operating system images, a message
displays stating that an operating system is about to be installed on
this computer, and that the operating system requires the local hard
disk to be repartitioned and formatted, thus erasing all data that
currently resides on the disk.
Note: An administrator can edit the "Caution.osc"
screen using the Notepad.exe program to provide a friendly message
regarding the repartition and format of the local hard disk.
Custom Setup
The
Custom setup option allows you to override the
automatic computer name assignment, as well as the computer account
creation mechanism. You are prompted to manually enter a computer name
or the Active Directory location where the computer account should be
created.
Note: The
Custom setup option can also
be used to pre-stage a client computer into the Active Directory before
delivery of the PC to the end user. Windows 2000 Remote Installation
Services do not support fully unattended installations on machines that
contain ISA or non Plug and Play aware devices.
Restart a Previous Setup Attempt
This option provides the ability to restart a failed setup attempt.
If you started to install the OS and for some reason lost your
connection to the RIS server, you can reboot the client computer, press
F12 when prompted for a network service boot, and choose the
Restart a Previous Setup Attempt.
This restarts the installation of the previous installation attempt
without asking for the computer name or Active Directory location
previously entered before the initial failure.
Maintenance and Troubleshooting
This option provides access to third-party ISV and or OEM Pre-OS maintenance and troubleshooting tools.
Restricting Client Installation Options
To restrict the client installation options for users of RIS within
your organization, apply the appropriate Group Policy settings for the
RIS servers on your network.
-
Click Start, point to Programs, point to Administrative tools, and click Active Directory Users and Computers.
-
Locate the Active Directory container where you would like the RIS
policy settings to be set. By default, the RIS policy settings are
applied within the Default Domain Policy Object, which is located at the root of your domain.
-
Right-click Reskit.com in the left pane, and click the Properties option.
-
Click the Group Policy tab from the top of the Properties dialog box.
-
Click the Default Domain Policy object and click Edit.
-
Expand the User Configuration option by clicking the + next to it (unless it is already expanded), and then expand the Windows Settings option in the same way. Click the Remote Installation Services option as in Figure 7 below.
Figure 7: Group Policy RIS Choice Options
-
Double-click the Choice Options in the right pane.
Each Choice Option allows for a specific setting, as follows:
-
Allow. If this option is selected, the users that this policy is applied to are offered the installation option.
-
Don't Care. If this option is selected, the
administrator accepts the policy settings of the parent container. For
example, if the administrator for the entire domain has set RIS specific
policy, and the administrator of this container has chosen the Don't Care option, the policy that is set on the domain is applied to all users who are affected by that policy.
-
Deny. If this option is set, the users affected by this
policy are not allowed to access that installation option within the
Client Installation wizard.
-
Close the Choice Options and other windows, and close the Active Directory Users and Computers Snap-In.
Restricting OS Image Options
RIS provides the administrator flexibility in the amount of control
users have in choosing the OS that is installed on their computer. The
administrator can configure the RIS servers to guide users through a
successful OS installation without requiring the user to select the
correct OS image.
By setting explicit user or group security permissions on the
unattended setup answer file (*.sif) for a given OS image, you can
determine which OS options a user can see and install. You can choose to
allow all users of RIS to choose from all of the OS images available on
a given RIS server, or you can restrict the user to only a select few
that are appropriate for that user or group of users.
-
Click Start, point to Programs, point to Accessories, and click Windows Explorer.
-
Click the + next to My Computer
-
Click the + next to New Volume
-
Click the + next to RemoteInstall
-
Click the + next to Setup
-
Click the + next to English (or whatever language you are using)
-
Click the + next to Images
-
Click the + next to win2000.pro
-
Click the + next to i386
-
Click Template. A sample directory structure is shown in Figure 8 below.
Figure 8: Templates
Note: Each CD-based OS image that you add to a RIS
server has an associated \Templates directory that contains the image's
associated unattended setup answer files (*.sif).
Depending on the level of restriction that you want to establish, you can set specific access permissions on the \Templates directory
or in the individual unattended setup answer files within this
directory. If you have not associated additional unattended answer files
to the base OS image, you will only see one SIF file (Ristndrd.sif)
within the \Templates directory.
-
Right-click the \Templates directory, and click the Properties option. The property page for the \Templates folder appears.
-
Select the Security tab. A dialog box appears as in Figure 9 below:
Figure 9: Template Properties
In this example, the existing security permissions allow all users
access to this OS image from within the Client Installation wizard.
-
To restrict access to this OS image, select the Everyone group, and click Remove. This
removes user access to this OS image. If a normal user were to run the
Client Installation wizard at this point, the user would not have access
to any available OS image to install.
-
Click Add, and select the security group or individual users that should be allowed access to this OS image. Click Add to add them to the authorized list, and then click OK twice. The default permissions that are set for each user or security group are sufficient for use with RIS.
Note: Selecting individual users for specific access
can become an administrative burden. Instead group your users by
security group and apply the security group to the
\Templates directory
for OS image access. In this way, if you add users to the security
group, they already have access to the correct OS image.
Important Note Never remove the permissions assigned
to the Administrators group for a .SIF file. Doing so will prevent the
RIS components themselves from accessing the file and prevent proper
client installations.
At this point, you are ready to service client computers with RIS.
Ensure that all services are running, all configuration settings have
been made, and that the client computers adhere to the minimum
requirements as described above.
Remote Installation Preparation Wizard (RIPrep)
The Remote Installation Preparation wizard (
RIPrep.exe)
provides the ability to prepare an existing Windows 2000 Professional
installation, including locally installed applications and specific
configuration setting, and replicate that image to an available RIS
server on the network. The RIPrep feature currently supports replication
of a
single disk single partition (C Drive only) with
Windows 2000 Professional installation. This means that the OS and all
of the applications that make up the standard installation must reside
on the C: drive before running the wizard.
First use RIS to remotely install the base Windows 2000 Professional
OS on a client computer. Next, install any desired applications on the
client computer. Configure the installation to adhere to any company
policies; for example, you might choose to define specific screen
colors, set the background bitmap to a company-based logo, or set
intranet proxy server settings within Internet Explorer. Once the
workstation is configured and tested, run the Remote Installation
Preparation wizard (RIPrep.exe) from the RIS server that will receive
the RIPrep-based OS image.
The destination computer does not need to have the same hardware as
the source computer used to create the image, with the exception that
the Hardware Abstraction Layer (HAL) drivers must be the same. For
example, both computers must be ACPI (Advanced Configuration and Power
Interface)-based or both must be non ACPI-based). In many cases,
workstation-class computers do not require unique HAL drivers. The
RIPrep utility uses the new Plug and Play support that ships with
Windows 2000 for detecting any differences between the source and the
destination computer hardware during image installation time.
To run the Remote Installation Preparation wizard (RIPrep.exe)
-
Install the base Windows 2000 Professional OS from an available RIS server on a supported client computer.
-
Install any applications locally on the client computer. Configure
the client computer with any specific corporate standard desktop
settings. Be sure the client installation is exactly as you want it to
be. Once the image is replicated to the RIS server, you cannot alter its
configuration.
-
Connect to the RIS server where you want to replicate this image, as follows:
-
Click Start , click Run, and type the following command in the Open text box:
\\RISservername\Reminst\Admin\I386\RIPrep.exe
where RISservername is the computer name of the destination RIS server. In our example, this is HQ-RES-DC-01. Reminst is the Remote Installation Share that is created when you installed the RIS service on the server. Admin is the directory that contains the RIPrep.exe that launches the remote installation.
-
At this point, the Remote Installation Preparation wizard starts and
you are presented with a welcome screen that describes the feature and
its functionality. Click Next.
-
You are prompted to enter the name of the RIS server where you would
like to replicate the contents of the client hard disk. By default, the
RIS server that the wizard (RIPrep.exe) is being run from is
automatically filled in (in our example, Reskit.com). Click Next.
-
You are prompted to provide the name of the directory on the RIS
server where this image will be copied. The image is created under the
\remoteInstall\setup\OS Language\Images directory. Click Next.
-
You are prompted to provide a friendly description and help text
describing this image. The friendly description and help text are
displayed to users of the Client Installation wizard during OS image
selection. Provide enough information that a user can distinguish
between images. Click Next.
-
The wizard displays a summary screen of your selections. After you have reviewed them, click Next.
The image preparation and replication process begins. The system is
prepared and files are copied to the RIS server specified. Once the
replication of the image completes, any remote boot enabled client
computer can select the image for a local installation.
Remote Installation Boot Disk Option
The remote installation boot disk can be used with computers that do
not contain a remote boot-enabled ROM on the network card. The boot disk
is designed to simulate the PXE boot process for computers that lack a
supported DHCP PXE-based remote boot ROM. The boot disk generator
utility is called RBFG.EXE and is located within the
\RemoteInstall\admin directory on every Remote Installation Server.
The RBFG.exe utility is also contained within the Administrator Tools
package that ships with Windows 2000 Server. The Administrator Tools
package can be deployed across your organization using either Systems
Management Server 2.0 or using the new Software Management feature,
which is part of the Group Policy infrastructure.
Creating a Remote Installation Boot Floppy
To create a Remote Installation Boot Floppy, run the RBFG.exe utility
from the RIS server either on a client computer that is connected to
the RIS server or a computer with the administrator tools package
installed.
-
Click Start, click Run, and in the Open text box, type RBFG.exe, and click OK.
Note: The RBFG.exe utility does not allow you to add
network adapters). To create a remote installation boot disk, insert a
disk into the appropriate drive and then select
Create Disk.
Remote Boot ROM PXE Architecture
Remote Installation Services uses DHCP for IP address assignment to
clients. When a new DHCP- PXE-based remote boot client computer is
powered on for the first time, the client requests an Internet Protocol
(IP) address, and the IP address of an active boot server via the DHCP
protocol. As part of the initial request, the client computer sends out
its globally unique identifier (GUID or UUID), which is used to uniquely
identify the client machine within the Active Directory, in the case of
Windows 2000 Remote Installation Services.
From the RIS server, the client computer receives:
-
Its own IP address from DHCP.
-
The IP address of the RIS server.
-
The name of a boot image the client computer will need to request when contacting the RIS server for initial service.
Once the client request is made, the first RIS server to respond will
check Active Directory to see if this client has been pre-staged or
not. RIS does this by checking in Active Directory for a computer
account object that has the unique GUID/UUID.
The PXE process is used every time a remote boot ROM-enabled client
requests a network service boot. Remote boot/installation server vendors
implement their own process to download the first image.
Conclusion
The information presented in this guide has provided the technical
details required to install, configure, and use Microsoft Remote
Installation Services.
Remote Installation Services require several of the Windows 2000
Server technologies—Active Directory, DHCP server, and the DNS server
services. The remote installation server also requires that client
computers contain either the new DHCP PXE-based remote boot capable ROMs
or a network card supported by the remote installation boot floppy.
Appendix A: Remote Installation Server and Workstation Hardware Requirements
Server Hardware Requirements
See the Product Compatibility page to verify that your server meets the minimum requirements for Windows 2000 Server.
-
Pentium or Pentium II 200 megahertz (MHz) recommended (166 MHz minimum)
-
64 MB RAM minimum. If additional services such as the DS, DHCP, and
DNS are installed then the minimum amount of RAM is 96 or 128 MB
-
2-GB drive dedicated to the Remote Installation Servers directory tree
-
10 or 100 megabits per second (Mbps) network adapter card. (100 Mbps preferred.)
Note: You should dedicate an entire hard drive or
partition specifically to the Remote Installation Services directory
tree. (SCSI-based disk controller/disks are preferred.)
Client Hardware Requirements
See the Product Compatibility page to make sure that your workstation
meets the minimum requirements for Windows 2000 Professional.
-
Pentium 166 MHz or greater NetPC client computer
-
32 MB of RAM
-
1.2-GB drive minimum
-
PXE DHCP-based boot ROM version .99c or greater or a network adapter supported by the RIS boot floppy.
Best Practice:
Always check with the manufacturer of your network adapter to get the latest version of the PXE ROM.
Network Cards supported by RIS Boot Floppy
3 Com Network Adapters
-
3c900 (Combo and TP0)
-
3c900B (Combo, FL, TPC, TP0)
-
3c905 (T4 and TX)
-
3c905B (Combo, TX, FX)
AMD Network Adapters
-
AMD PCNet and Fast PC Net
Compaq Network Adapters
-
Netflex 100 (NetIntelligent II)
-
Netflex 110 (NetIntelligent III)
Digital Equipment Corporation (DEC) Network Adapters
Hewlett-Packard Network Adapters
Intel Corporation Network Adapters
-
Intel Pro 10+
-
Intel Pro 100+
-
Intel Pro 100B (including the E100 series)
SMC Network Adapters
-
SMC 8432
-
SMC 9332
-
SMC 9432
Appendix B: Frequently Asked Questions
How do I know I have the correct PXE ROM version?
When the NetPC or client computer ROM-boots, a PXE (LSA) ROM message
appears on the screen. You can see which version of the PXE ROM code is
displayed during the boot sequence of the client machine. Windows 2000
RIS supports .99c or greater PXE ROMs. You may be required to obtain a
newer version of the PXE-based ROM code from your OEM if you are not
successful with this existing ROM version.
How do I know if the client computer has received an IP Address and has contacted the Remote Installation Server?
When the client computer boots, the PXE Boot ROM begins to load and
initialize. The following 4-step sequence occurs with most Net PC or PXE
ROM-based computers (Note: the sequence may be different on your
computer):
Step 1: The client computer displays the message
BootP. This message indicates the client is requesting an IP address from the DHCP server.
Troubleshooting: If the client does not get past the BootP message, it means the client is not receiving an IP address. Things to check are:
-
Is the DHCP server available and has the service started? DHCP and
RIS servers must be authorized in the Active Directory for their
services to start. Check that the service has started and that other
non-remote boot-enabled clients are receiving IP addresses on this
segment.
-
Can other client computers—that is non-remote boot-enabled clients—receive an IP address on this network segment?
-
Does the DHCP server have a defined IP address scope and has it been activated? To check this click Start, point to Programs, point to Administrative Tools, and click DHCP.
-
Click Start, point to Programs, point to Administrative Tools, and click Event Viewer. Are there any error messages in the event log under the System Log for DHCP?
-
Is there a router between the client and the DHCP server that is not allowing DHCP packets through?
Step 2: When the client receives an IP address from the DHCP server, the message changes to
DHCP. This indicates the client successfully leased an IP address and is now waiting to contact the Remote Installation Server.
Troubleshooting: If the client does not get past the
DHCP message, it means the client is not receiving a response from the
remote installation server. Things to check are:
-
Is the remote installation server available and has the (BINLSVC) RIS
service started? RIS servers must be authorized in the Active Directory
for their services to start. Check to ensure the service has started
using the DHCP snap-in (click Start, point to Programs, point to Administrative Tools, and click DHCP).
-
Are other remote boot-enabled clients receiving the Client
Installation wizard? If so, this may indicate this client computer is
not supported or is having remote boot ROM-related problems. Check the
version of the PXE ROM on the client computer.
Is there a router between the client and the remote installation
server that is not allowing the DHCP-based requests/responses through?
When the RIS client and the RIS server are on separate subnets the
router between the two systems must be configured to forward DHCP
packets to the RIS server. This is because RIS clients discover a RIS
server by using a DHCP broadcast message. Without DHCP forwarding set
up on a router, the clients' DHCP broadcasts will never reach the RIS
server. This DHCP forwarding process is sometimes referred to as DHCP
Proxy or IP Helper Address in router configuration manuals. Please refer
to your router instructions for setting up DHCP forwarding on your
specific router.
-
Click Start, point to Programs, point to Administrative Tools, and
click Event Viewer. Are there any error messages in the event log under
the System or Application logs specific to RIS (BINLSVC), DNS, or the
Active Directory?
Step 3: The client changes to
BINL or prompts the user to click the
F12 key.
This means that the client has contacted the RIS server and is waiting
to TFTP the first image file—OSChooser. You may not see the BINL and
TFTP message as on some machines as this sequence simply flashes by too
quickly.
Troubleshooting: If the client machine does not get a
response from the Remote Installation Server, the client times out and
displays an error that it did not receive a file from either DHCP, BINL,
or TFTP. In this case, the RIS Server did not answer the client
computer.
Stop and restart the BINLSVC. From the
Start menu, click
Run, and type
CMD. Enter these commands:
Net Stop BINLSVC
Net Start BINLSVC
If the client machine does not receive an answer after attempting to
stop and restart the service, then check the Remote installation Server
Object properties to ensure the correct setting has been set—that is,
verify that RIS is set to "Respond to client computers requesting
service", and "Do not respond to unknown client computers". Click
Start, point to
Programs, point to
Administrative Tools, and click
Event Viewer to check the Event log on the RIS server for any errors relating to DHCP, DNS, or RIS (BINLSVC).
Step 4: At this point, the client should have
downloaded and displayed the Client Installation wizard application with
a Welcome screen greeting the user.
Does RIS support remote installation of Windows 2000 Server CD-based or RIPrep OS images?
No. RIS does not support remotely installing Windows 2000 Server.
Does RIS support remotely installing an OS image (RIPrep or CD-based) on laptop computers?
Yes and no. RIS has been tested with laptop computers in docking
stations that support the required PXE ROM code. The laptops must be
located within the docking stations with the network cable plugged into
the network adapter located in the docking station.
RIS does not support laptop computers that contain PC Card or PCMCIA cards that contain a PXE supported ROM.
Is the Pre-Boot portion of the PXE-based Remote Boot ROM Secure?
No. The entire ROM sequence and OS installation/replication is not
secure with regard to packet type encryption, client/server spoofing, or
wire sniffer based mechanisms. As such, use caution when using the RIS
service on your corporate network. Ensure that you only allow authorized
RIS servers on your network and that the number of administrators
allowed to install and or configure RIS servers is controlled.
Can RIPrep-based OS images be replicated to alternate media such as DVDs, CDs, and/or Zip drives?
No. This is something that is being considered for the next major release of RIS.
Does the RIPrep feature of RIS support different hardware
between the source computer used to create the RIPrep-based OS image and
the destination computer that will install the image?
Yes. The hardware between the source PC and the destination PC can be
different. The one exception to this is the Hardware Abstraction layer
(HAL) driver used. For example, if the source PC is an Advanced
Configuration Power Interface (ACPI)-based computer, it uses a specific
ACPI HAL driver. If you attempt to install this RIPrep image on a
non-ACPI-based or enabled computer, it will fail.
Does the RIPrep wizard support multiple disks and or multiple partitions on a given client computer?
No. The RIPrep utility only supports a single disk with a single partition (C:\ drive) in this release of RIS.
How does the RIPrep wizard deal with disks that differ in size
between the source PC used to create the image and the destination PC
that will receive it?
The destination PC's disk size must be equal to or larger than the source disk used to create the image.
How do I replicate all of the OS images currently located on one
of my RIS servers to other RIS servers on the network for consistency
across all client installations?
Currently RIS does not provide a mechanism for replication of OS
images from one RIS server to another. There are several mechanisms that
can be employed to solve this problem. Take advantage of the
replication features of the Microsoft Systems Management Server product,
for example. This product provides for scheduled replication,
compression, and slow link features. You can also employ third-party
vendor solutions for OS image replication. Ensure that the replication
mechanism supports maintaining the file attributes and security settings
of the source images.
Can I have an RIS server and a third-party remote boot server on
the network at the same time? If so, what are the implications?
Yes. You can have multiple vendor Remote Boot/Installation (RB/RI)
servers on one physical network. It is important to understand that
currently the remote boot PXE ROM code does not know the difference
between vendors RB/RI servers. As such, when a remote boot-enabled
client computer powers up and requests the IP address of a RB/RI server,
all of the available servers respond to that client. Thus, the client
has no way to ensure it is serviced by a specific RB/RI server.
RIS allows an administrator the ability to pre-stage client computers
into the Active Directory and mandate which RIS server services that
client. By configuring the RIS server to answer only known client
computers (pre-staged), the administrator is assured that the correct
RIS server services the client. Not all of the third-party RB/RI vendors
have implemented the ability to ignore service requests, so you may
need to segment off the specific vendors servers so that clients are not
answered by these vendors' RB/RI servers.
Can I remotely manage the RIS servers from Windows 2000 Professional workstations on my network.
Yes. If you are an administrator in the domain and you have installed
the Administrator Tools MSI package, you can administer the majority of
the RIS configuration settings. There are some items that you cannot
manage. For example, you cannot remotely add additional OS images to RIS
servers from Windows 2000 workstation computers.
Can I add additional network adapter cards to the RIS Boot Floppy?
No. The RBFG.exe utility is hard-coded with the supported network
card adapters for this release of RIS. Microsoft will be adding
additional network card adapters over time. Microsoft makes the updated
RBFG.exe utility available through normal distribution channels such as
the Web, Windows Update, and future service/feature pack updates.
Can I use the Active Directory object attributes to create a
naming format for use with the RIS automatic computer-naming feature?
No. The existing attributes supported with the automatic
computer-naming feature leverage the Active Directory. However, all of
the Active Directory object attributes are not currently supported. This
is something that is being investigated for a future release of RIS.
Where do I look on the client computer to find the GUID/UUID for pre-staging clients in the Active Directory for use with RIS?
The GUID/UUID for client computers that are PC98 or Net PC compliant
can be found (in most cases) in the system BIOS. OEMs are encouraged to
ship a floppy disk containing a comma-separated file or spreadsheet that
contains a mapping of Serial # to GUID/UUID. This allows you to script
pre-staging client computers within the Active Directory. OEMs are also
encouraged to post the GUID/UUID on the outside of the computer case for
easy identification and pre-staging of computer accounts. If the GUID
is not found in the above-mentioned locations, you can sniff the network
traffic of the client, locate the DHCP Discover packet, and within that
field will be the 128-bit 32 byte GUID/UUID.
Important Notes
The example company, organization, products, people, and events
depicted in this step-by-step guide are fictitious. No association with
any real company, organization, product, person, or event is intended or
should be inferred.
This common infrastructure is designed for use on a private network.
The fictitious company name and DNS name used in the common
infrastructure are not registered for use on the Internet. Please do not
use this name on a public network or Internet.
The Active Directory structure for this common infrastructure is
designed to show how Windows 2000 features work and function with the
Active Directory. It was not designed as a model for configuring an
Active Directory for any organization—for such information see the
Active Directory documentation.
Related Links
Step-by-Step Guide to a Common Infrastructure for Windows 2000 Server
Deployment: Installing a Windows 2000 Server as a Domain Controller at
http://www.microsoft.com/windows2000/techinfo/planning/server/serversteps.asp
Introduction to Windows 2000 Group Policy at
http://www.microsoft.com/windowsserver2003/techinfo/overview/gpintro.mspx
Windows 2000 Group Policy at
http://www.microsoft.com/windows2000/techinfo/howitworks/management/grouppolwp.asp
Windows 2000 Server Online Help
http://windows.microsoft.com/windows2000/en/server/help/
Windows 2000 Planning and Deployment Guide at
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/w2rkbook/dpg.asp
Microsoft Systems Management Server home page at
http://www.microsoft.com/smserver/default.asp
