使用 SMS 2003 R2 大量部署 Windows Vista 顧武雄 Jovi Ku Microsoft特約資深講師 jovi@cogate.com.tw
講師介紹 高傑信公司 技術顧問 Microsoft CTEC 教育中心講師 Microsoft MVP & 特約講師 Windows &.NET Magazine –特約作者 Information Security Magazine -專欄作家 網路資訊、Run!PC、NetAdmin 電腦雜誌–專欄作家 旗標、文魁以及碁鋒圖書作者 個人著作 : Microsoft ISA Server 建置與管理 SharePoint Portal Server徹底研究 Microsoft Access Project with SQL Server ISA SERVER 2004 系統安全整合實務 Small Business Server 2003 系統整合管理實務 Microsoft Operations Manager 2005 IT智慧整合管理實務 SharePoint Portal Server 2003 技術問答精選實錄
預備知識 Level 200 Windows Server 2003 基礎概念 Active Directory 基礎概念 SMS 2003 功能與架構基礎概念 Level 200
講題大綱 Microsoft 部署工具介紹 Windows Vista部署前的準備工作 開始部署Windows Vista 資產管理 - 行動裝置篇 Q&A
企業IT對於OS部署工具的要求 簡易使用、集中化部署與管理、追蹤 各類作業系統的支援 彈性的部署機制 大幅降低IT管理成本(人力、預算) Windows 2000、Windows XP、Windows Vista、Windows Server 2003 彈性的部署機制 網路開機、CD、DVD 大幅降低IT管理成本(人力、預算)
映像技術的演進 WINNT32 SMS 2003 R2 RIS 伺服器 .wim 檔 .wim 檔 Windows 安裝光碟片 參考電腦 目標電腦 <SLIDETITLE INCLUDE=7>History of Imaging</SLIDETITLE> <KEYWORDS>history, imaging</KEYWORDS> <KEYMESSAGE>Imaging has become more simple since WINNT.</KEYMESSAGE> <SLIDEBUILDS>3</SLIDEBUILDS> <SLIDESCRIPT> Historically, Microsoft has always offered solutions for script based installation. For example, WinNT32 offers the ability to customize your installation via various answer files. However, Microsoft began to recognize that customers typically use this technology once to capture their system and then do mass deployments via images. [BUILD1] Then came the introduction of the Remote Installation Services or RIS Server, which supported script or file based deployment. The file-based images were managed on the RIS server. This worked with Windows 2000 to install a local copy of the operating system to other computers from remote locations. With RIS, a client computer would contact a DHCP server for an IP address and then contact a boot server to install the operating system. [BUILD2] Next, Automated Deployment Services or ADS introduced a sector based image format. ADS is add-on to Windows Server 2003 Enterprise Edition that provided a solution for deploying Windows server operating systems. With support for script-based mass server administration, ADS also enables administrators to administer hundreds of servers as if they were one. The ADS solution was administrator initiated; whereas, the RIS server deployment was user initiated. However, since ADS was for deploying server operating systems it was not compatible with the RIS server. Then Microsoft released the XP Embedded product, which was also sector-based but was specific to deploying embedded devices. [BUILD3] With the introduction of SMS Operating System Deployment or OSD, we saw the first release of the WIM format. As opposed to the other sector based formats, this WIM format was file-based format. However, this format was specific to the SMS Release and it didn’t work well across the other deployment solutions. </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=1>Microsoft then recognized the need to have a single deployment format with a single set of tools that can be used across all Windows deployment solutions.</TRANSITION> <TRANSITION LENGTH=2>Microsoft then recognized the need to have a single deployment format with a single set of tools that can be used across all Windows deployment solutions.</TRANSITION> <TRANSITION LENGTH=4>Microsoft then recognized the need to have a single deployment format with a single set of tools that can be used across all Windows deployment solutions.</TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM>http://technet2.microsoft.com/WindowsServer/en/Library/d24c91f2-80cd-4a60-98c0-4b9ad28f678a1033.mspx</ITEM> <ITEM>http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/depopt/remoteos.mspx</ITEM> <ITEM>http://www.microsoft.com/windowsserver2003/techinfo/overview/risvsads.mspx</ITEM> </ADDITIONALINFORMATION> .wim 檔 .wim 檔 WINNT32 Answer Files RIS 伺服器 RIS 用戶端 部署的共用資料夾
過去部署OS的工具 ADS( Automated Deployment Services ) 用來大量部署Windows Server 2000 、Windows Server 2003 部署方法: Image-based RIS( Remote Installation Services ) 主要用來部署用戶端Windows 2000 、Windows XP 部署方法: Script-based or file-based 可參考比較表 http://www.microsoft.com/windowsserver2003/techinfo/overview/risvsads.mspx 。
目前部署OS的最佳解決方案 SMS 2003 R2-OS Deployment Feature Pack 直接針對現有作業系統完成升級部署 針對Windows XP裸機的全新安裝 –結合RIS 針對Windows Vista裸機的全新安裝 –結合 BDD 關於BDD 2007(Business Desktop Deployment ) RIS的下一個版本,目前已經發行 支援Windows Vista部署 參考網址 : http://www.microsoft.com/technet/desktopdeployment/bdd/2007/default.mspx
WIM 映像的目標 <SLIDETITLE INCLUDE=7>Vista Imaging Design Goals</SLIDETITLE> <KEYWORDS>Vista, imaging</KEYWORDS> <KEYMESSAGE>Vista imaging format provides a single format across Windows deployment.</KEYMESSAGE> <SLIDEBUILDS>1</SLIDEBUILDS> <SLIDESCRIPT> There were various design goals around how to build an image format and what needed to be enabled within that format. First there needed to be a unified format that can be used across all Windows deployment solutions. [BUILD1] With this in mind, we developed the Windows Image Format. The WIM format eliminated the need to tie architecture with Windows Images. Historically you’ve had to manage multiple images across things like Processor types or Hardware Abstraction Layer, or HAL types. Although you still have to maintain separate images for different processor types, with the Windows Image format you can manage a single image across HAL types. There’s also been work to make sure the tools and technologies work across 32 bit and 64 bit systems. This means you can run a 32 bit pre-installation operating system and capture a 64 bit system and nothing is stored in the format itself that ties it to a specific architecture. Storing redundant data within an image uses up disk space, so the goal with the new Windows Image format was to reduce the need to store this redundant data. Ways were examined to consolidate the number of images that you’d have to manage and lower bandwidth cost associated with moving images. Finally, with the understanding that modification and servicing of images can be extremely costly, we developed tools for the Vista release to reduce these costs and allow you to modify the images without having to boot into them and recapture them. </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=1>The Windows Imaging format provides significant benefits over the more common sector-based image formats.</TRANSITION> <TRANSITION LENGTH=2>The Windows Imaging format provides significant benefits over the more common sector-based image formats.</TRANSITION> <TRANSITION LENGTH=4>The Windows Imaging format provides significant benefits over the more common sector-based image formats.</TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM>http://www.microsoft.com/technet/windowsvista/evaluate/keyreas.mspx</ITEM> </ADDITIONALINFORMATION> WIM 檔
WIM 格式的優點 WIM 檔 映像 #1 映像 #3 映像 #2 映像 #4 <SLIDETITLE INCLUDE=7>Benefits of WIM Format</SLIDETITLE> <KEYWORDS>WIM, Windows Imaging format</KEYWORDS> <KEYMESSAGE>Cover some key benefits of the WIM Format</KEYMESSAGE> <SLIDEBUILDS>3</SLIDEBUILDS> <SLIDESCRIPT> File-based means there isn’t any disk or file-system structure information stored within the imaging format. All interaction with the image, such as capturing and applying the image occurs through the physical disk’s file system. [BUILD1] The first benefit of the WIM format is it is hardware-agnostic. This means that if you have many different hardware configurations, you only need one image. [BUILD2] Second, the WIM image format can store multiple images within one file making image management easier and saving disk space. A situation where you might want to have multiple images would be if you wanted to have an image that contains the Windows Vista operating system and another image that contains the organization’s core applications. You can also mark one of the images as bootable, allowing you to start a computer from a disk image contained in a WIM file. [BUILD3] Additionally, the WIM image format enables compression and single instancing, thus reducing the size of image files. Single instancing is a technique that stores only a single instance of a file even though it may be used in multiple images or in multiple locations. It eliminates duplicate files by using SHA-1 hashing where all files are hashed and duplicate files are only stored once. Also, all file streams are either compressed with LZX compression which is a very tight compression algorithm, or Xpress compression, which gives you a faster compression. You should determine which compression to use by deciding whether time or size is important. If you boot the image you probably want to use LZX compression because the tighter compression helps in situations where there are memory or bandwidth constraints [BUILD4] With a Windows XP image, you must boot the master image, add the patch, and then prepare the image again. The WIM image format allows you to service an image offline. You can add or delete certain operating system components, patches, and drivers without creating a new image, which could save hours updating an image. Additionally, unlike sector-based image formats, the WIM image format lets you install an image to partitions of any size. Windows Vista provides an API for the WIM image format called WIMGAPI that developers can use to work with WIM image files. Finally, the WIM image format allows for non-destructive deployment. This means that you can leave data on the volume to which you apply the image because the application of the image does not erase the disk's existing contents. </SLIDESCRIPT> <SLIDETRANSITION> <TRANSITION LENGTH=1>By looking at the structure of the WIM format we will show how to optimize your image files.</TRANSITION> <TRANSITION LENGTH=2>By looking at the structure of the WIM format we will show how to optimize your image files.</TRANSITION> <TRANSITION LENGTH=4>By looking at the structure of the WIM format we will show how to optimize your image files.</TRANSITION> </SLIDETRANSITION> <COMMENT></COMMENT> <ADDITIONALINFORMATION> <ITEM>http://www.microsoft.com/technet/windowsvista/expert/ximage.mspx</ITEM> </ADDITIONALINFORMATION> 映像 #1 映像 #3 映像 #2 映像 #4
WIM 映像檔案格式 標頭 檔案資源 Metadata 資源表 XML 資料 WIM 檔案 Slide Title: WIM Image Format Overview Keywords: header, file resources, metadata, resource table Key Message: There are five sections of the WIM file structure. Slide Builds: 4 Slide Script: [BUILD4] The last section of the format is the image info descriptor. This contains XML data which allows you to customize the image information using APIs. There is a default set of XML data generated and stored after the resource table in the WIM file. Slide Transition: ImageX is a command-line tool that allows you to do basic operations and manipulate a WIM file. Slide Comment: Additional Information: WIM 檔案 Metadata 資源表 XML 資料
WIM檔案部署效益總結 一個WIM檔可以包含多個不同的映像檔 搭配回應檔案的設定即可 同一個映像檔可以部署在不同的硬體規格電腦上 搭配SMS 2003 R2簡化WIM檔案管理的複雜度
講題大綱 Microsoft 部署工具介紹 Windows Vista部署前的準備工作 開始部署Windows Vista 資產管理 - 行動裝置篇 Q&A
SMS 2003 R2部署OS必備套件 OS Deployment Feature Pack Image capture management OS package management User state migration Image deployment Reporting
SMS 2003 OSD 部署流程 2/28/2019 3:54 PM Image File Image Package “規劃” “部署” 來源電腦 SMS 2003 目標電腦 Image File Image Package “規劃” “部署” “追蹤” Status Reports “擷取” “安裝” © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 15 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Windows User State Migration Tool 部署作業系統升級的必要搭配工具 遷移使用者設定與檔案 來源系統支援: Windows 2000 、 Windows XP 、 Windows Vista 目的系統支援: Windows XP 、 Windows Vista 最新USMT 3.0下載網址: http://www.microsoft.com/downloads/details.aspx?familyid=799AB28C-691B-4B36-B7AD-6C604BE4C595&displaylang=en。
USMT安裝設定 安裝後共用路徑中的BIN資料夾 預設在C:\USMT 賦予Administrator擁有完整權限
下載安裝OSD套件
參照電腦 至少必須是Windows 2000 不需要加入與登入Active Directory 開機磁碟必須是C:代號、NTFS格式 將支援工具中的Sysprep複製到C:\Sysprep 需要安裝SMS 2003代理程式
參考電腦注意事項! 請勿修改本機系統預設的管理員帳戶名稱(Administrator) Sysprep工具可從http://www.microsoft.com/downloads網址去搜尋與下載(Windows XP) Windows Vista中的Sysprep資料夾系統預設則是置放在C:\Windows\System32
安裝代理程式
目標電腦 網路環境中必須有DHCP伺服器 全新安裝: 升級安裝: Windows XP - 結合RIS網路卡開機連線安裝 Windows Vista – 使用SMS 2003產生的 WINPE安裝光碟檔案(ISO) 升級安裝: 至少是Windows NT 4.0 SP6以上 需已經安裝SMS 2003 SP1代理程式
如何安裝RIS元件 直接由控制台中的[新增或移除程式]來勾選Remote Installation Services元件即可 不建議與DC或DHCP伺服器安裝在同一部 RIS主機上必須有第二個非系統開機的磁碟分割區來儲存部署檔案
設定PXE網路卡開機
中場休息時間
講題大綱 Microsoft 部署工具介紹 Windows Vista部署前的準備工作 開始部署Windows Vista 資產管理 - 行動裝置篇 Q&A
準備映象檔開機擷取光碟 請在[Image Package]節點上按下滑鼠右鍵選取[All Tasks]\[Operating System Create Image Capture CD] 在[Create CD Image]頁面欄位中輸入所要產生的映象路徑與檔名 最後將此ISO燒錄成CD片至來源參考電腦上
進行映象檔擷取作業 將映象檔擷取CD放入參照電腦中 設定WIM映象檔UNC位置與帳戶資訊 設定執行Sysprep程式的帳戶資訊 由擷取光碟重新開機
設定過程可能遭遇的錯誤 出現Unable to stop service CCMEXEC訊息 解決方法 – 預先手動停止SMS Agent Services服務
完成擷取!
建立Windows Vista作業系統封裝 在[Image Packages]節點上按下滑鼠右鍵點選[新增]\[Operating System Image Package] 設定封裝名稱 輸入WIM檔案位置 設定封裝檔案儲存路徑
新增派送站台 展開所建立的封裝節點,然後在[Distribution Points]上按下滑鼠右鍵新增派送的SMS站台
新增封裝程式 請在[Programs]上按下滑鼠右鍵點選[新增] \[Operating System Program] 產品序號、授權方式設定 設定加入網域資訊
進階設定封裝程式(1/3) 設定作業系統部署公告 設定允許使用者延遲部署的期限 設定接收通知後回應的過期時間長度
進階設定封裝程式(2/3) 設定SMS用戶端代理程式連線站台
進階設定封裝程式(3/3) 設定作業系統部署階段中的工作 Validation State Capture Preinstall Postinstall State Restore
Phase 設定注意事項 升級安裝部署必須至少設定State Capture、State Restore。 來源資料夾必須指向USMT分享資料夾 State Capture部分還必須新增USMT分享資料夾中的Sysfiles.inf 、 Miguser.inf 、 Migsys.inf 每一參數最後還必須加入 /all
製作安裝光碟 請在[Image Package]節點上按下滑鼠右鍵點選[All Tasks]\[Create Operating System Image Installation CD]項目 設定是否允許使用者變更電腦名稱 指定SMS派送站台 設定安裝光碟ISO檔儲存位置 將ISO檔燒錄成光碟
使用安裝光碟
如果要升級現有的SMS用戶端… 確認SMS用戶端代理程式正常連線中 準備好目標電腦的集合(Collection) 使用OSD軟體派送功能完成部署
開始派送升級安裝(1/3)
開始派送升級安裝(2/3)
開始派送升級安裝(3/3)
可能遭遇的問題 完成了封裝程式(Program)的初步建立之後,後續如果有進行任何修改時,請務必記得完成相關更新 Update Operating System Package Files Update Distribution Points
講題大綱 Microsoft 部署工具介紹 Windows Vista部署前的準備工作 開始部署Windows Vista 資產管理 - 行動裝置篇 Q&A
Device Management Feature Pack Hardware inventory Software inventory File collection Software distribution Settings management Password policy management
DMFP支援的系統 Windows CE (3.0 or later) Pocket PCs (2002 or later) Windows Mobile 5.0
DMFP伺服端安裝對象 影響的元件 SMS 2003 Administrator Console Site Server Management Point
DMFP安裝後相關設定 設定Device Client Agent 設定Management Point Software Distribution Software Inventory Hardware Inventory File Collection
安裝行動裝置的SMS Agent 安裝資料夾下的\DeviceClientDeployment\1028路徑中複製DeviceClient_ce5.0_arm.CAB、DmInstaller_ce5.0_arm.exe、DmCommonInstaller.ini到裝置記憶卡中 建立一個名為ClientSettings.ini檔案 從DmCommonInstaller.ini檔案內容中,複製適合的行動裝置版本的設定到[Settings]段落之下 執行DeviceClient_ce5.0_arm.CAB安裝程式
行動裝置的SMS Agent測試
相關資產資訊檢視
密碼原則設定與各項裝置設定
測試階段建議 可以使用Microsoft Virtual Server 2005 R2 下載網址: 支援了虛擬機器以PXE開機 http://www.microsoft.com/windowsserversystem/virtualserver/software/default.mspx
Q&A
For More Information… TechNet中文網站 SMS中文官方網站下載電子檔 http://www.microsoft.com/taiwan/technet SMS中文官方網站下載電子檔 http://download.microsoft.com/download/5/e/c/5ec84313-c5b1-419a-ae61-e08fe426843d/SMS_2003_R2.zip 中文System Management Server 官方網站 http://www.microsoft.com/taiwan/smserver SMS Technet Resource http://www.microsoft.com/technet/prodtechnol/sms/default.mspx