NT Rollout Options
Microsoft has aimed Windows NT at corporate environments since the product's inception. To Microsoft, a corporate environment includes everything from a small business with a handful of computers, to midsized companies with tens or hundreds of computers, to enterprise-level giants with thousands of computers. The first job NT administrators face in a corporate environment is installing and configuring NT. A common follow-on requirement is setting up individual users with the group of applications that are standard in the company's computing environment. These applications might include an office suite, an email client, and proprietary company tools.
The straightforward way to perform a mass installation (commonly referred to as a rollout) of NT and add-on software is to move from machine to machine, running NT Setup manually and executing the setup programs for each application. This method gets the job done, but it's time-consuming. Performing one full installation of NT takes from 20 minutes to an hour, and installing an additional large suite such as Microsoft Office can take a similar length of time. If you take 2 hours to install NT on each computer in your enterprise, you'll average four installations per day--a rate
that's not feasible for sites with 100 or more systems. Even spending 2 days of repetitive manual work installing NT on 10 computers is not efficient use of a systems administrator's time.
But you do have choices, and in this article I'll review the alternative rollout techniques of unattended installation and cloning. I won't provide a rollout recipe, but I will give you an overview of your options and the processes involved with different rollout methods. Cloning is the most time-efficient way to mass-install NT, but concern exists that cloning multiple machines on an NT network will distribute identical computer security IDs (SIDs). I'll clarify the issues cloning raises and present possible solutions to the problems cloning can cause. I'll also discuss Microsoft's stand on cloning NT (Microsoft's Ken Smiley, Program Manager of Enterprise Program Managers--EPMs--and Partner Program Managers--PPMs--provided me with valuable information and comments about this subject).
Preparing for Rollout
Before you can apply any NT installation method, your target machines must have a functional operating system (OS) and access to your network or a CD-ROM drive. You place the files for your particular installation on the network or in the CD-ROM drive.
For example, if you are implementing a setup-based rollout, the NT distribution CD-ROM will contain the required setup files. You place these setup files on a server with a network share, or you place the CD-ROM in a CD-ROM drive that the target computers can access.
If you are performing upgrades from a previous version of NT or have machines with Windows 95 installed, you probably have access to a CD-ROM drive, or a network. However, if any of your target computers have no OS, you must use a DOS boot disk to install NT. There are two ways to proceed in this case. First, if the target computer has a CD-ROM drive, you can use a CD-ROM with the NT installation files. Use the DOS boot disk to partition and format the computer's hard disks, then perform the NT install from the CD-ROM to the hard disks.
Second, if the target computers don't have a CD-ROM drive, or if you want to run a remotely managed installation with installation files on a central network-accessible drive, you must obtain and install DOS network drivers for the network cards on the target machines. Installing DOS network drivers usually means installing a protocol driver (e.g., TCP/IP) and a network interface card driver. Microsoft makes this process straightforward for most common network cards. Simply run the Network Client Administrator utility in the NT Administrative Tools program group, which enables you to create a Network Installation Startup Disk. A Network Installation Startup Disk is nothing more than a DOS boot disk populated with the correct protocol and network card drivers. With the Network Installation Startup Disk, you can boot your client machines and mount the network share point for access to installation files.
The Microsoft Windows NT Workstation 4.0 Resource Kit clearly describes the steps and options for creating Network Installation Startup Disks. Although the resource kit discusses the process of making startup disks in the context of rollouts based on NT Setup, you can create startup disks as part of a rollout based on cloning in which a cloned image is located on a network.
Another rollout option worth your consideration is the use of Systems Management Server. SMS is a BackOffice application that enables NT Server to remotely administer NT, Win95, and DOS clients. This facility is particularly useful in environments in which you want to push NT installation, rather than manually execute each install or have your users initiate installations. With SMS clients configured on target computers with network access, you can prepare installation files on a network share and then start the installation process remotely. If you're basing your remote rollout on the use of NT Setup, use unattended setup techniques, which I'll discuss shortly. You can learn more about the use of SMS in rollout situations in the resource kit.
Setup-based NT Rollouts
You can perform a setup-based rollout in a variety of ways. I've mentioned the most basic method: moving physically from machine to machine, running NT Setup and installing individual software applications. Although Microsoft approves this approach, installing NT this way is not an efficient use of your time, unless you're installing a small number of machines.
The resource kit documents methods for rolling out NT and add-on software. It describes an efficient NT installation procedure that is based on an automated form of NT Setup known as unattended installation. You use the same NT Setup program for unattended installs as you use for manual installation, but a file that contains answers and entries for the questions and forms that the Setup program presents during the install process guides the unattended installation setup. The answer file is divided into sections such as [UserData] and [Network] that you configure with elements such as computer name, domain or workgroup selection, and network card configuration.
In an unattended installation, instead of writing an answer file, you start with a template, called unattend.txt, on the NT distribution CD-ROM under processor-specific directories (e.g., \i386, \alpha). To specify to NT Setup that you want to use an answer file, run the NT Setup program (winnt from DOS, or winnt32 from Win95 and NT) with the /u switch followed by the path of the file. For instance, entering
winnt32/u:c:\install\unattend.txt
tells NT's Setup to use the unattended answer file C:\install\unattend.txt. Figure 1 shows the sample answer file the resource kit provides.
One answer file probably won't be appropriate for all the computers you are configuring; each computer can require a different computer name, network adapter identifier, and other identifiers. Fortunately, unattended installa-
tion provides a mechanism--Uniqueness Database Files (UDFs)--for coping with these differences without forcing you to write a custom unattended answer file for each computer. UDFs are structured in much the same way as answer files, with sections containing settings that address specific configuration options for NT Setup. UDFs are different from answer files in that, at the top of the UDF in a section called [UniqueIds] you define unique identifiers that are related to specific computers or groups of computers at your site. To the right of each identifier you list the sections specific to that identifier, as this example shows:
[UniqueIds]
Mark = UserData,Unattended
Fred = UserData,KeyboardDrivers
The remainder of the file consists of the sections you referenced under [UniqueIds]. You can name these sections with titles that match those in the answer file, or you can name them in the form sectionname:identifier, in which identifier is one of the identifiers you specified in the [UniqueIds] section. To tell NT Setup that you want it to use answers included in a UDF, you give Setup one of the uniqueness identifiers. As Setup runs, it checks for answers associated with the uniqueness identifier in the UDF and overrides the corresponding answers in the answer file.
For instance, say that a UDF contains the identifiers from the previous example and a section called [Mark:UserData] that has the value MarksComputer for ComputerName. If NT Setup uses the Mark ID and the UDF during setup, NT Setup will override the computer name in the answer file with MarksComputer. This procedure lets you assign each system a different name and enter all the system names you've assigned in the same UDF file.
The syntax for NT Setup's UDF command-line switch is /UDF:ID,UDF Filename. For example, you might enter
winnt32/u:n:\unattend.txt /udf:mark,n:\udf.txt
Specifying the UDF filename and path is optional. If you omit the UDF filename, NT Setup will look for a file named $Unique$.udf on a disk in the machine's 3.5" disk drive and use that file as the UDF. Setup will prompt you to insert a disk containing the $Unique$
.udf file during the install and will resort to using the answer file only if the UDF is unreadable or not present.
Add-on Application Rollouts
You can roll out NT with unattended installation and UDFs, but how do you install your company's add-on software efficiently, preferably at the same time you install NT? If the add-on products support scripted setup, you can integrate their installation into part of the unattended NT installation. To do so, place the add-on application's install files in a directory named $OEM$\drive letter, in which drive letter represents the drive on the target computer where you want to install the add-on program. For example, if you want to install Microsoft Office in C:\MSOffice, place the installation files in $OEM$\C\MSOffice.