Monday, November 19, 2007

Deploying Vista with WDS

I've just finished rolling out Vista workstations with WDS (Windows Deployment Services) an I ran into a couple of problems which were easy to fix. All in all I have to say it's a big step up from RIS, especially the way you can manage your drivers.

WDS will support Windows XP clients in the mixed mode, but then you are stuck with the old RIS and RipRep methods. The new method is Vista only!

Installing WDS:
You will need a Windows 2003 server to run WDS. If you have already installed RIS on this server you need to install the WDS update. You can find the Windows Deployment Services hotfix in the WDS folder of the WAIK download image.

WDS is a part of Windows 2003 SP2 so for a clean install you will install Windows 2003 SP2 and select WDS in Add/Remove Windows components.

WDS supports two modes:
- Mixed. Supports RIS-style images and WIM image formats using both the old OSChooser-style boot menu and Windows Preinstallation Environment (WinPE).
- Native. Supports WIM images only via PE boot OS.

Open the WDS console and right click on your server, choose configure server and you will be presented with a wizard which will set up the path to store files and the DHCP options.

Add the first Windows image:
After installing WDS you will need to add the first Windows image. To add a new Vista image, expand the server in the WDS console window, right-click on Install Images and select Add Install Image. If there are no Image Groups defined, you’ll be prompted to create one.

WDS looks for a .WIM file which contains the version of Windows you want to install. On the Vista DVD you can find the file in \SOURCES\INSTALL.WIM. Browse to this file and select the verstion you want to deploy:

Now you need to add a Boot Image. Right click on Boot Images and select Add Boot Image. Choose the \SOURCES\BOOT.WIM file as the image source. Right click on the server in the WDS console and click Properties. Select the Boot tab and choose select the boot image and click OK. Don't forget to restart WDS.

That's it! Start a PC with PXE (Most PC's use [F12] to select this mode.) and choose the image you want to install in the PE shell. In my next post I will be discussing customization of the Windows images and creating answer files.

More info:
Deploying WDS Update on Windows Server 2003
Deploy Vista from WDS

New name and logo...

You may have noticed I've changed the name of my blog and added a new logo. You can now also reach my blog via:

Thursday, November 1, 2007

Restrict your server to specific countries...

I'm running a SSH server at home to allow me to connect to my computers when I'm away from home. This server is attacked regularly and I don't like it!

Even though I use keys based authentication and no one has successfully compromised my server I'd like to see what can be done about this.

I'm thinking about only allowing IP's from my country (the Netherlands) to connect. Using this site I was able to download a list with all the netblocks in NL. Surprise! There are so many small netblocks in there setting them all up is out of the question.

When I would allow 24.x.x.x, 62.x.x.x-93.x.x.x and 129.x.x.x-217.x.x.x I would allow most of the internet again.

An interesting blog post on NEOHAPSIS.

I'll let you know when I know more.