16 December 2010

Automating Desktop Installation - Pt1. Concepts

This may be familiar territory for a lot of sys-admins out there. You have a room full of computers, all requiring the same software to be installed although of course every machine needs to be slightly different. So what do you do? There are three approaches.

You could install each machine individually but that would take forever. You could set-up one machine and then copy it using drive cloning software (like Symantec Ghost for example), or you could go down the enterprise route and use sysprep to create a machine which has no individualisation which can then be cloned and reconfigured. There are in fact other options but for now we'll look at the cloning option since this is the most cost-effective for small or medium sized businesses.

Usually there are a lot of factors beyond your control however some network configurations can make life easier. For example if you have the choice between static IP addresses or DHCP, I would personally opt for static. Being able to spot malicious packets using wireshark and knowing exactly which machine is being used can save a lot of time. On the other hand DHCP can make managing desktops easier since it avoids any possibility of having multiple machines using the same IP address. Using DHCP with a wi-fi access point will also allow your users to use other devices (phones, ipads, laptops etc) without you having to allocate an IP address to each one (and also having to configure the device for use on your network).

If you use static IP addresses, you probably use the last octet of the IP address in the computers network name. For example a PC called RoomA-1 would be set to with RoomA-2 being The 3rd octet (123) may be different but this is fairly basic networking and used to be called a private class C network. These days there's a new standard (called CIDR) which would see this IP address displayed as (the /24 means the first 24 bits are used to identify the network address and the remaining bits are used to specify the machine address - in this case using the remaining 8 bits which would allow a max of 2^8 or 256 machines on this network).

With DHCP, life is simpler. You give each machine a unique host name and then let the DHCP server take care of all the IP addressing. Think of a DHCP server as being like the voter registration system used by the government - everybody should get one voting slip and only one which identifies them. DHCP also creates a problem though since we never know what the IP address is going to be (if you move house the week before voting, your voting card may not arrive at your new address in time). You could configure your DHCP server to always issue the same IP address which sort of defeats the purpose a bit. Well ok, in some circumstances you want this to happen. It's harder to configure firewalls and port-forwarding on routers if your servers keep changing IP addresses.

Back to the main issue though. You now have one machine set-up and you want to create another 10+ copies of that machine but you don't want the hassle of reconfiguring them all. What do you do?

We know that hostnames will initially be the same since we are going to copy the entire hard-drive and that will have the machine-name stored on it. We suspect that you will most likely be using DHCP if you want users to have their own devices connected to your network with the least amount of hassle. So how do you get the machines to reconfigure themselves automatically?

The answer is to use the hardware. Each network card (NIC) has it's own unique identifier called a MAC Address. It's what network switches use to direct packets of information between connected devices. They are designed to be unique so that network devices don't get confused about which messages going over the network are for them. Think of this like an RFID chip. We can question this chip to find out the MAC address and then perform a look-up using a data file. This data file will have the MAC address of each computer on our network and we will use a script to discover this hostname, set it, join our domain and then reboot the machine. To think I used to have to do this manually on over 150 Pc's each year.

Unfortunately all of this needs to be installed on our machine before we clone the drive so the first step is to collect the hardware information about all our computers. Once we have done this, there are certain other factors to keep in mind. In many cases machines are secured to desks but if one is removed (swapped because of a fault for example) just keep in mind that you will need to update your list of MAC addresses.

I like to call this initial data collection process the pre-ghost routine. The process involves running the following script on all our lab PC's. The good news is this can be done remotely from my own desktop. First of all we need a list of our current hostnames which looks like this:


We save this to a file called hostnames.txt. This file is then called from our VB script file to read the MAC addresses of those machines. The script which does this is here:

' Requires a list of machine host names in file hostnames.txt
' Must be run from domain pc with admin rights on all machines in list
' Windows management service must also be running on these PCs
Dim fso
Dim tst
Dim Oput
Dim strMachineName

Set fso = createObject("Scripting.FileSystemObject")
Set tst = fso.OpenTextFile("hostnames.txt", 1, false) 'mode1 = read
Set Oput = fso.OpenTextFile("Macs.txt", 8, true) 'mode2=write (append=8)

While Not tst.AtEndOfStream
strMachineName = tst.readLine
echoMAC strMachineName

Sub echoMAC(strComputer)
On error resume next
' strComputer = (InputBox(" Computer name for MAC address", "Computer Name"))
If strComputer <> "" Then
strInput = True
End if

Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery _
("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True")

For Each objItem in colItems
if objItem.MACAddress <> "00:11:67:27:B4:4E" Then
'this mac appears on all PC's - wi-fi/bluetooth maybe?
'you can probably leave out the if and end-if
'for your network but leave the oput line below
Oput.writeline strComputer & "=" & objItem.MACAddress
End if
End Sub

If all goes to plan then you will end up with a file called Macs.txt which looks similar to below. If not then todays task is to discover why this is not working and fix it. For that reason I will leave off here for now.

Macs.txt file

If you do get a machine which persistently fails to run the script, you can also obtain the MAC address using command line tools. From the start menu, select run and type in cmd.exe. Then use the following commands

ping hostname
arp -a

If this also fails you will need to login on the machines in question and start up cmd.exe again and type in

ipconfig /all

The MAC address is referred to as the physical address and looks like those above with all the : characters. If you decide to edit your macs.txt file by hand to include these, make sure that all the hex characters (A-F) are entered using CAPITAL letters or the next scripts may fail.