NT Workstation duplication

Schlomo Schapiro schapiro at clerk.pi.huji.ac.il
Mon Jan 31 17:51:14 GMT 2000


Hi,

I'll be glad to help.

we have a lab of 20 odd NT workstations (identical hardware). We use Ghost
to install the NTs (multicast is a very very good feature), using a NT
client (on my desk) for ghost multicast server (Symantec ! Wake up and
make a linux ghost server !). After that we use GHOSTWALKER (also from
symantec) to change the name and SID of the NT on the file system and the
registry WITHOUT changeing anything else (especially machine acocunt
passwords).

Of course each NT gets a different name, I will soon develop a smart
bootdisk that will take this info (WS name) from the DHCP (we use the DHCP
to deliver fixed addresses).

The NT duplication trick is in that before duplicating the NTs I register
the master in the Samba domain and then I copy the password hash values
from the master machine account the the to-be-created NT WS accounts (in
smbpasswd). Thus the NT clients will be able to re-connect to the domain
without problems with their new name (I got scipts for all that) since on
the client side ghostwalker changed the name, but not the password, while
on the server side I copied the password to the name accordingly.

One should register the master just before duplication since otherwise you
could get a problem with the life time of the machine passwords and NTs
not talking to the domain because the password is too old etc. (Didn't try
it though).

That's it. Works very smooth (I start the NTs from a diskette, they
connect to the multicast server, dump their image, ghostwalker changes the
name & SID, the client reboots and is ready for use and registered in the
domain.

Schlomo

PS: I am asking each and every NT admin how to do THAT trick on NT Server
but didn't yet get an anwser :-) Looks like there is no solution for
automatic re-registration of the NT client in the domain.


 On Mon, 31 Jan 2000, Alfredo Ramos wrote:

> Schlomo,
> 
> You have touched a subject I am very interested in: Imaging NT's. I need
> to be able to remotely image NT's from a unix box. The NT administrator
> uses PCRDIST to download the image from the unix box, but he swears he has
> to visit every NT workstation in order to get the imaging process going. I
> am in charge of making the NT's talk to unix, but I am NOT an NT
> administrator. I am curious to know what process you use to image the NT's
> on your network. Samba works great on our installation. The only problem
> is the imaging process. Even when imaging directly from an NT server, the
> administrator used the same procedure. I know there has to be a better
> solution to the imaging process. Our NT base is growing and I definitely
> need to be able to image the NT's from my unix console. Any help on this
> would be greatly appreciated!
> 
> Al Ramos.
> 
> ---------------------------------------------------------------------------------
>                                          | Alfredo Ramos
> This space available for rent.           | New Media & Student Computing
> Get your product moving. Advertise here! | Rice University.
>                                          | Email: ralf at is.rice.edu
> ---------------------------------------------------------------------------------
> 
> On Sun, 30 Jan 2000, Schlomo Schapiro wrote:
> 
> > Hi Folks,
> >
> > the fact that I have smbpasswd as a text file that I can change by hand
> > (or script) is THE ONLY REASON for me to move to Samba. I have to install
> > classrooms with NT WS via imaging and only because I can copy the password
> > hash entrys between workstation accounts I can install my NT classes 100%
> > automatically. Please don't loose that edge over MS !
> >
> > Schlomo
> >
> > --
> > Schlomo Schapiro
> > Computation Authority
> > Hebrew University of Jerusalem
> >
> > Tel: ++972 / 2 / 65-85812
> > email: schapiro at clerk.pi.huji.ac.il
> >
> >
> 

-- 
Schlomo Schapiro
Computation Authority
Hebrew University of Jerusalem

Tel: ++972 / 2 / 65-84404
email: schapiro at clerk.pi.huji.ac.il



More information about the samba-ntdom mailing list