So, Norton Ghost, what a great little proggy. For those of you who don’t know what that is, it basically takes an image of any hard drive or partition that you want. It also lets you write that image back to any drive or partition you like. Therefore, if you’d just spent hours configuring a PC, you could save a copy of the hard drive while the computer was in pristine condition, untouched by any spyware, so that if it ever did get infected, you could just restore the image and all would be well (assuming you didn’t inadvertantly over-write all your data, but the trick to avoid that is to keep data on a separate drive altogether).
Another scenario is if you have a lot of identical PC’s (such as for a school IT lab) that you want to all be configured in the same way, you only have to set one up, create an image, then write the image to all of the other PC’s. It’s very quick, only takes a few minutes for each PC and you’re done.
So far so good, but there’s an alternative to Ghost that’s much more flexible. Newer network cards support something called PXE boot, PXE stands for Preboot eXecution Environment, it’s called PXE because PEE would cause too many sniggers. Basically it means that PC’s can boot up off the network, much like they can boot up from a floppy disk or CD ROM drive. If a computer is configured to PXE boot then it will seek out a DHCP server, get itself an IP address, then have a look round for a RIS server. RIS stands for Remote Install Service, and it can push out an image of an operating system onto computers that are configured to PXE boot, the OS would be automatically installed and since it is preconfigured on the server, there doesn’t need to be anyone sitting by it to push any buttons during the install process, all that is needed is a user name and password to begin the process and away it goes.
However, once the OS is installed, there still need to be other programs installed too, so the RIS server has other tricks up it’s sleave. You can also push out .msi files and install programs with those. MSI files are created by taking a snap-shot of the hard drive, installing the program, then taking another snap-shot, anything on the drive that’s changed is chucked into an MSI file, it’s as simple as that. Some programs (such as Paint Shop Pro 9) come with MSI’s so that you don’t have to generate them yourself.
You choose what programs you want to install through an Active Directory server, you just put PC’s into groups and tell it what programs you want installed on the groups. Each time the computer is turned on, the Active Directory server will check that it has all the MSI’s it should have installed and no others. If it finds some that shouldn’t be there, it removes them, and if it finds that it’s missing some, they’ll be installed.
Also, if you decide to repurpose a machine, for example, if you were to take an old PC out of an IT room and move it to the library, then you can move that PC from the IT group and put it in a library group, any MSI’s that the PC has but doesn’t need will be uninstalled and any MSI’s that it is lacking will be installed. Therefore, using a RIS server is much more flexible than using Ghost, unfortunately though it does require a bit more of an overhead.
For starters, to install a RIS server, you first need an Active Directory server, since the Remote Installation Service is actually a componant for Active Directory server. But to have an Active Directory server, you first need a DNS server, because for computers to be controlled by an Active Directory server they all need to be on the same domain, which is why the DNS server is necessary.
Of course, RIS servers are not the only things that take advantage of Active Directory and DNS servers, it’s just that it my case it’s the only thing that I’ll be using. Active Directory is useful for all sorts of other things too, you can give users on the domain permissions, such as the ability to install programs, you can even configure what the OS looks like, such as whether users get the classic start menu or XP style start menu. Any setting that you can change on a stand-alone machine, you can over-rule with an Active Directory server and apply it to every computer on the domain if desired. You can also have roaming user profiles, so that no matter which PC a user logs onto, they still have access to all of their files. It really is a great application.
However, because RIS means installing programs rather than just dumping an image back onto the hard drive (like Ghost does), it’s much slower, but it has the great advantage of being extremely flexible. You can only use a ghost image on PC’s that have the same hardware as the PC used to make the image, and you can’t pick and choose which software you want installed and which you don’t. Another rather big disadvantage to Ghost is that it writes the data out in a large block, leaving no space for the master file table to expand into, therefore as soon as you start using the PC, the MFT gets fragmented which degrades performance.
Therefore I’ve decided that a RIS server would be better than using Ghost, despite the fact that it comes with a shed load of other stuff. So currently, my poor poor server has taken on the role of 6 servers. It’s a file server, remote access VPN server, Active Directory server, DNS server, DHCP server and WINS server. I haven’t actually got around to installing the RIS server componant yet, heh.
My router did function as a DHCP server, but I wanted to assign static IP’s to computers without having to fill in the external DNS servers on all the PC’s, so now the PC’s can be assigned static IP’s and the DNS server listed is the internal DNS server, which then points to the external BT DNS servers. I needed to point them to my internal DNS server so that I could join them to the domain.
A WINS server is a fairly simple thing, it basically just maintains a list of computer names and computer IP addresses, so that when one PC wants to connect to another computer, and it only has a name, it queries the WINS server for the IP, then finds the PC using that. I think that my router acted as a WINS server, but I decided that since I was running a DHCP server, I might as well run a WINS server too.
The reason for the VPN server (Virtual Private Network server) is because I want access to the network from outside. A VPN is like an encrypted tunnel through the internet to the network, like a really long network cable. It’s basically as if you were plugged into the switch, you have access to the same file shares as the other computers on the network would, except that because it’s through the internet the connection speed is a lot lower. I don’t really need a VPN server, it’s just really cool, so I want one. 😀
This is usually the part where a conclusion would go, but I’m really tired, so instead I’m going to bed. Feel free to draw your own, no doubt comical, conclusion. Whoever posts the funniest conclusion gets a million points and complete ownership of Disneyworld, California, subject to terms and conditions.
(Terms and conditions: You must be Walt Disney back from the dead.)