[Samba] (no subject)

[Mark Pavlichuk]

  I'm a sysadmin at a small (and apparently skint) University.  I've
been playing with mass disk-imaging of a lab using as much free software
as I could.  I thought some people out there might find this info
useful, and others might be able to show me how to get better results so
I've written my method up and posted it.  (Sorry about the
crossposting).

  BTW, I'm not subscribed to any lists, but I browse the archives...

-Mark (jc128191 at nospam.jcu.edu.au)

Aim : Allow replication of new hard disk images to a lab of PCs without
having to leave my desk.  Budget $0.

Overview : 	As part of my duties I maintain a lab of specialised PCs
which are used to program and power electronics.  Recently we replaced
the ancient hodgepodge of PCs with a uniform lab of P4s.  I thought I'd
take the opportunity to make my life a bit easier by automating software
maintenance as much as I could.  I had no money, but I already had some
free software experience, licenses for Symantec Ghost and
University-wide licenses for any MS operating system I needed to use.

Tools :

CLIENT SIDE
* Windows 2000 (Microsoft)
* Grub boot manager v0.91 (GPLed)
* Ghost v7.0 (Symantec)
* IBM DOS Network Client (taken from Ghost boot disk).
* MSDOS 7 (Microsoft - from Win95) - tried FreeDOS but didn't work.

SYSADMIN TOOLS
* War Panel (feedbackware)
* Wakelan (GPLed)

SERVER SIDE
* Samba (GPLed)
* TFTP server (GPLed)
* DHCP server (GPLed?)

Method :

CONFIGURE SERVER
* install and configure Samba and TFTP server.  (The DHCP server already
existed and isn't under my control).

CONFIGURE A SINGLE CLIENT PC
* Hard drive partitioned with small MSDOS and large NTFS partition.
* MSDOS installed /w IBM network client.
* MSDOS autoexec configured to :
 - connect to Samba share
 - pull an NTFS (Win2k) partition from an image file on the network
using Ghost
 - configure Win2k SID and machine name using Ghostwalk utility (part of
the Ghost package).
* Win2k installed on the NTFS partition and configured to taste.
* Grub compiled with support for local network card
* Grub installed and configured to try to load a second Grub
configuration file via TFTP (on failure fallback to loading local
Win2K).

CREATE GHOST IMAGE OF PC ON NETWORK
+ Used ghost boot floppy to put image of PC on network.

CONFIGURE OTHER CLIENT PCS
* Load image onto all client PCs (using a Ghost floppy disk).
* Hand-configure unique machine names and SIDs into each Ghostwalk
invokation (so that SIDs and machine names would always be unique after
reimaging).

CONFIGURE MANAGEMENT WORKSTATION
* Install War Panel

Result : 

  It is now possible to centrally change the default behaviour of
clients from booting Win2k to booting DOS (thereby installing a fresh
Win2K image) by modify the network Grub configuration.  PCs can then be
remotely rebooted en mass using the warpanel utility.

Problems, Ramblings and Possible Solutions :

* Need to manually rejoin the domain after imaging - This is a pain. 
Logons fail even though machine accounts for all client machine-names
have been created and used.  I suspect this is because client machines
have files somewhere that store their password to logon to the domain,
and of course this password would be wrong after cloning.  I could keep
a copy of this file on the DOS partition, BUT how would I copy such a
file back to Win2K/NTFS during imaging?

* Use of nonfree cloning software - Use of Ghost and MSDOS as part of
the solution is not desirable.

  I tried using FreeDOS but I couldn't find free DOS disk imaging
software, and Ghost won't run under FreeDOS either.

  I'm intrigued by the thought of using a Linux-based solution.  The
partition could be copied using dd though this would be HORRIBLY slow. 
(The speed of the current solution is pretty dismal on a 10mb hub - I
can only do 6 clients at a time).  Perhaps there's a way to use
multicasting? Copying from a network filesystem file by file could be an
option or maybe rsync (though I'm not sure how the Linux NTFS support
works with Win2K, and I'd suspect there would be all kinds of issues
with getting file permissions carrying across correctly).  The main
stumbling block would probably be finding a way to give each workstation
a unique SID and machine name.  I don't think there's any free way to do
this either, though Microsofts own sysprep might solve half of this
problem.  I also haven't looked at how to copy or create a boot block(?)
for the Win2k partition...  not sure if this is an issue or not.  Sfdisk
looks interesting too...  its basically a scriptable fdisk and allows
noninteractive creation of partitions, and it can be used to dump
partition info also.  Could be used as part of a free way of
implementing ghost functionality(?).

* Can't reboot Win2k boxes from Linux

  Apparently warpanel issues an RPC to Win2k clients to get them to
reboot.  Don't think Samba is capable of this(?), and I tried running
warpanel in wine...  no go either.  Is there another way to reboot Win2K
clients from Linux (preferably as nicely as warpanel)?