EXtreme Deployment Distributing and Configuring 450 Student Notebooks in Five Hours E. Axel Larsson & Russell Sprague Drew University.

Slides:



Advertisements
Similar presentations
This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
Advertisements

Omni eControl. New Features in Version 2.x - Manage Mixed Networks: eDirectory, Active Directory, GroupWise, Exchange eControl Version 2.0 New Features.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
A Case Study: Implementing Supportworks Professional Helpdesk at Drew University Betsy Black & E. Axel Larsson Drew University, Madison, NJ.
Installation and Deployment in Microsoft Dynamics CRM 4.0
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
A Tour of System Center Configuration Manager Adam Duffy Edina Public Schools.
Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.
Active Directory: OU Administration December 17th, pm Daniels 407.
1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.
SOE and Application Delivery Gwenael Moreau, Abbotsleigh.
9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
ZENworks for Servers Presenter Name Title Directory-Enabled Management Novell is a leader in Directory-Enabled Workstation management, and we are now.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Two Deploying Windows Servers.
Oracle Application Express 3.0 Joel R. Kallman Software Development Manager.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 13.
Chapter 9: Novell NetWare
Deploying Chromebooks RICK NICHOLAS A.
Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.
Module 7: Fundamentals of Administering Windows Server 2008.
Ali Bahar Eric Hetrick. Introduction CAS Uptown uses ZENworks 10.0 for their current imaging needs. CAS Uptown manages about 300 machines in Sander and.
SUSE Linux Enterprise Desktop Administration Chapter 12 Administer Printing.
June 6 th – 8 th 2005 Deployment Tool Set Synergy 2005.
Security Planning and Administrative Delegation Lesson 6.
Case Study: DirXML Implementation at Waste Management Rick Wagner Systems Engineer Novell, Inc.
SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.
Workstation Imaging Process Overview Thomson Reuters –Manoj Shah –Mike Bowers –Curt Ricard –Sangkhone Stoltz –Joe Ness March 26 th, 2009.
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
Windows NT Chapter 13 Key Terms By Bill Ward NT Versions NT Workstation n A desktop PC that both accesses a network and works as a stand alone PC NT.
National Center for Supercomputing Applications NCSA OPIE Presentation November 2000.
NAL and ZEN: Drew’s history of application and computer management Mike Richichi, Director of Computing and Network Services Paul Coen, Manager of Systems.
UNITED STATES. Understanding NDS for Directory- Enabled Solutions Ed Shropshire, NDS Developer Program Manager Novell, Inc.
Computer Emergency Notification System (CENS)
Active Directory Harikrishnan V G 18 March Presentation titlePage 2 Agenda ► Introduction – Active Directory ► Directory Service ► Benefits of Active.
Avira Endpoint Security. Introduction of Avira Management Center (AMC)
NiceFC and CMF Introduction Ivan Deloose IT-IS Custom Windows Services for Controls Applications.
A Networked Machine Management System 16, 1999.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
FSU Metadirectory Project The Issue of Identity Management Executive Overview.
Samba – Good Just Keeps Getting Better The new and not so new features available in Samba, and how they benefit your organization. Copyright 2002 © Dustin.
T4L – NSW DET SOE. NSW DET SOE SOE was developed in open consultation with TAFE, Schools, Other personnel Developed to provide single BASE image across.
Module 5: Creating and Configuring Group Policies.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Core 3: Communication Systems. Network software includes the Network Operating Software (NOS) and also network based applications such as those running.
Microsoft Management Seminar Series SMS 2003 Change Management.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Microsoft Windows XP Professional MCSE Exam
Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.
Integrating Active Directory with eDirectory ™ Using Novell Account Manager Reid Oakes Technical Team Manager Novell, Inc.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
HNC COMPUTING - Network Concepts 1 Network Concepts Network Concepts Network Operating Systems Network Operating Systems.
Automating Installations by Using the Microsoft Windows 2000 Setup Manager Create setup scripts simply and easily. Create and modify answer files and UDFs.
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Planning Server Deployments Chapter 1. Server Deployment When planning a server deployment for a large enterprise network, the operating system edition.
Berkeley Lab Software Distribution Site NLIT Dan Pulsifer - Engineering May 11 th, 2008.
Scientific Linux Inventory Project (SLIP) Troy Dawson Connie Sieh.
Chapter 2 Operating Systems
Windows interoperability with Unix/Linux
NAL and ZEN: Drew’s history of application and computer management
Create setup scripts simply and easily.
A Network Operating System
Lesson 6: Configuring Servers for Remote Management
File System Implementation
Networks Software.
A Network Operating System Edited By Maysoon AlDuwais
ACTIVE DIRECTORY An Overview.. By Karan Oberoi.
Presentation transcript:

eXtreme Deployment Distributing and Configuring 450 Student Notebooks in Five Hours E. Axel Larsson & Russell Sprague Drew University

Drew University Computer Initiative Started 20 years ago in Started 20 years ago in First liberal arts university to give all students computers. First liberal arts university to give all students computers. Switched to laptops in Switched to laptops in Around 600 computers purchased per year. Around 600 computers purchased per year. Computers a major part of the curriculum. Computers a major part of the curriculum. Educational software delivered over the network. Educational software delivered over the network. Laptops often brought to class. Laptops often brought to class.

Campus Networking A residential network drop was not in all student rooms until Fall A residential network drop was not in all student rooms until Fall Students accessed , campus directory, and other services on a central VMS machine via a digital phone system. Students accessed , campus directory, and other services on a central VMS machine via a digital phone system. “Client software” consisted of MS Kermit / Kermit 95. “Client software” consisted of MS Kermit / Kermit 95. Campus networking extended to “one port per pillow” from Campus networking extended to “one port per pillow” from

Campus Networking (cont’d) Novell eDirectory is the primary campus directory service. Novell eDirectory is the primary campus directory service. Single-password access to most services. Single- sign-on when possible. Single-password access to most services. Single- sign-on when possible. File/print, , web proxy, etc. File/print, , web proxy, etc. Novell iChain for web applications (webmail, Blackboard, etc.) Novell iChain for web applications (webmail, Blackboard, etc.) Identity-based services. Identity-based services. Departmental space. Departmental space. Space for courses, based upon enrollments. Space for courses, based upon enrollments.

Campus Networking (cont’d) Clients prior to 2002 Clients prior to 2002 Win 9x clients only. No support for Win NT, 2K on end-user machines. Win 9x clients only. No support for Win NT, 2K on end-user machines. Novell Client software only. Novell Client software only. No need to join workstations to a Windows domain. No need to join workstations to a Windows domain. No need to manage local accounts on the workstations. No need to manage local accounts on the workstations.

Campus Networking (cont’d) Management of workstations Management of workstations Novell ZENWorks for Desktops Novell ZENWorks for Desktops Application launcher delivers apps to users “on demand”. Application launcher delivers apps to users “on demand”. “Force run” apps deliver needed patches and updates. “Force run” apps deliver needed patches and updates. Limited use of user policies and 95/98 workstation policies. Limited use of user policies and 95/98 workstation policies. Limited deployment of Win2K in labs Limited deployment of Win2K in labs ZENWorks “dynamic local user” feature to manage local user accounts. ZENWorks “dynamic local user” feature to manage local user accounts. Limited ability to manage DLU on a per-workstation basis. Other deployment difficulties. Limited ability to manage DLU on a per-workstation basis. Other deployment difficulties.

First use of Windows XP August of 2002 on student laptops August of 2002 on student laptops Used a local administrator account. Used a local administrator account. Students logged in as “Drew User” in Windows. Students logged in as “Drew User” in Windows. Students logged in as themselves in Novell eDirectory. Students logged in as themselves in Novell eDirectory. Machines weren’t customized to the student owner. Machines weren’t customized to the student owner. Very similar to the way a 9x machine is set up. Very similar to the way a 9x machine is set up.

Problems with this setup Lack of security. Lack of security. Users unintentionally locking themselves out. Users unintentionally locking themselves out. Not using the same name for both logins. Not using the same name for both logins. Not in domain. Not in domain. Harder to manage. Harder to manage. Cannot utilize all features of Windows XP. Cannot utilize all features of Windows XP. File sharing. File sharing. Separate user profiles for separate users. Separate user profiles for separate users.

Active Drew First campus Active Directory domain in First campus Active Directory domain in Mirrors eDirectory tree. All users and groups (except course groups) synchronized between eDir and AD using Novell DirXML. Mirrors eDirectory tree. All users and groups (except course groups) synchronized between eDir and AD using Novell DirXML. Password synchronization provided by Novell DirXML Windows Password Sync product. Password synchronization provided by Novell DirXML Windows Password Sync product. Windows XP workstations created in the domain. Windows XP workstations created in the domain. Users log into eDirectory and an AD domain account when logging into XP workstations. Users log into eDirectory and an AD domain account when logging into XP workstations.

Initial use of Active Directory Microsoft’s Sysprep tool. Microsoft’s Sysprep tool. Used with faculty/staff desktops and updated laptop configuration. Used with faculty/staff desktops and updated laptop configuration. Machines run through mini-setup. Machines run through mini-setup. Process executed by CNS staff, not the end user. Process executed by CNS staff, not the end user. Configuration found to be far superior than using a generic account. Configuration found to be far superior than using a generic account.

Problems with using Sysprep for student handout Required a level of access to domain. Required a level of access to domain. No enforceable way to mandate naming convention. No enforceable way to mandate naming convention. Needed to give the owner administrative access and Administrator password. Needed to give the owner administrative access and Administrator password. While user-friendly, a manual process susceptible to user error. While user-friendly, a manual process susceptible to user error.

Alternatives considered Manually provisioning every machine. Manually provisioning every machine. Using Altiris Deployment Solution. Using Altiris Deployment Solution. Using ZENworks. Using ZENworks. Other commercial imaging packages. Other commercial imaging packages. Having vendor customize each machine. Having vendor customize each machine.

Our conclusion: rolling our own solution Requirements: Requirements: Standard image placed on every machine by the vendor. Standard image placed on every machine by the vendor. “Just in time” personalization for every user. “Just in time” personalization for every user. User friendly, wizard based. User friendly, wizard based. Reproducing at least all that Sysprep does. Reproducing at least all that Sysprep does. Modular and re-usable. Modular and re-usable. Integrates with uTrack, our existing home-grown asset tracking package (SQL Server based). Integrates with uTrack, our existing home-grown asset tracking package (SQL Server based).

Using Existing Skills Experience with web-based applications. Experience with web-based applications. Lots of experience developing database driven web applications in PHP, Perl, and Python. Lots of experience developing database driven web applications in PHP, Perl, and Python. Very little in house experience with Windows application development. Very little in house experience with Windows application development. Limited time-frame mandated skill reuse. Limited time-frame mandated skill reuse. 3 weeks to design and develop the complete solution. 3 weeks to design and develop the complete solution. Decided upon a web based client. Decided upon a web based client.

Backend Tech. Requirements Had to talk to an existing database for computer inventory tracking (uTrack) Had to talk to an existing database for computer inventory tracking (uTrack) MS SQL Server based. MS SQL Server based. ODBC accessible. ODBC accessible. Active Directory Active Directory Accessible via LDAP, but some of the attributes are really only usable via Microsoft’s ADSI (i.e. ntSecurityDescriptor) Accessible via LDAP, but some of the attributes are really only usable via Microsoft’s ADSI (i.e. ntSecurityDescriptor) Result: Windows server backend. Result: Windows server backend.

Deployment Server Tech. Windows Server 2003 Windows Server 2003 Apache web server exposing an XML-RPC interface (SSL wrapped) to deployment clients. Apache web server exposing an XML-RPC interface (SSL wrapped) to deployment clients. XML-RPC methods written in PHP. XML-RPC methods written in PHP. PHP ODBC support to talk to the uTrack inventory database. PHP ODBC support to talk to the uTrack inventory database. PHP COM bindings enabled the use of ADSI for talking to AD from within PHP scripts. PHP COM bindings enabled the use of ADSI for talking to AD from within PHP scripts.

Deployment Server Tasks Provides updated versions of the XD client components to clients. Provides updated versions of the XD client components to clients. Provides an XML-RPC interface to the clients in order to: Provides an XML-RPC interface to the clients in order to: Query the inventory database for computer ownership. Query the inventory database for computer ownership. Query AD for information about computer objects. Query AD for information about computer objects. Securely store workstation Administrator passwords. Securely store workstation Administrator passwords. Provides a web-based admin interface to the helpdesk. Provides a web-based admin interface to the helpdesk. Add and remove PCs from the domain and deployment database. Add and remove PCs from the domain and deployment database.

Client Technology Presents a browser based interface. Presents a browser based interface. Full screen IE browser. Full screen IE browser. Local self-contained Apache serves up the UI. Local self-contained Apache serves up the UI. Just presents the UI. No ActiveX controls. The PHP scripts (under Apache) actually touch the PC. Just presents the UI. No ActiveX controls. The PHP scripts (under Apache) actually touch the PC. Local self-contained Apache/PHP Local self-contained Apache/PHP Use a combination of COM and simple command line utilities to configure the PC. Use a combination of COM and simple command line utilities to configure the PC. Local Apache serves up pages to the local PC only, and only runs during deployment (Apache runtime). Local Apache serves up pages to the local PC only, and only runs during deployment (Apache runtime).

Client Tasks Use the BIOS asset tag information to query the deployment server for owner information. Use the BIOS asset tag information to query the deployment server for owner information. Set the computer name. Set the computer name. Change the SID. (calls Sysinternals NewSID) Change the SID. (calls Sysinternals NewSID) Join the domain. Join the domain. Add the computer owner’s domain account as a local administrator. Add the computer owner’s domain account as a local administrator. Setting the Administrator password; escrow. Setting the Administrator password; escrow.

The Process Most students receive their notebooks at an annual computer handout event. Most students receive their notebooks at an annual computer handout event. One day event computers distributed in 5 hours. One day event computers distributed in 5 hours. Up to six stations operating at once accessing a web- based application. Up to six stations operating at once accessing a web- based application. Notebook and printer serial numbers are barcode scanned into the form. Notebook and printer serial numbers are barcode scanned into the form. Inventory database is updated. Inventory database is updated. Computer object created in Active Directory. Computer object created in Active Directory. Contract printed and signed. Contract printed and signed. Student returns to their room and boots their PC for the first time… Student returns to their room and boots their PC for the first time…

eXtreme Deployment in action User is prompted with data about the computer from the database.

eXtreme Deployment in action (cont’d) User is prompted to join the computer to the domain.

eXtreme Deployment in action (cont’d) User is presented with the Administrator account’s password.

Results 2003 handout a success 2003 handout a success Students deployed from dorms or the lounge Students deployed from dorms or the lounge Over 450 computers deployed in 5 hours Over 450 computers deployed in 5 hours

Continued use of eXtreme Deployment Used with all Windows XP configurations Used with all Windows XP configurations Helpful ability to update layers Helpful ability to update layers Ease of obtaining Administrator password securely Ease of obtaining Administrator password securely

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.