Front cover Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Learn Vista deployment using TPM for OS Deployment Experiment with cloning and unattended profies Learn best practices and tips Vasfi Gucer Dominique Bertin Richard Hine ibm.com/redbooks Redpaper International Technical Support Organization Vista Deployment Using Tivoli Provisioning Manager for OS Deployment March 2007 REDP-4295-00 Note: Before using this information and the product it supports, read the information in “Notices” on page v. First Edition (March 2007) This edition applies to Tivoli Provisioning Manager for OS Deployment Version 5.1. © Copyright International Business Machines Corporation 2007. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii The team that wrote this IBM Redpaper. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Become a published author . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii Comments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Chapter 1. Installing Vista systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 Why Vista . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Do I upgrade or replace. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.3 Creating an unattended Windows Vista profile . . . . . . . . . . . . . . . . . . . . . . 4 1.3.1 Profile creation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.3.2 WinPE software package creation . . . . . . . . . . . . . . . . . . . . . . . . . . 14 1.4 Creating a cloning Windows Vista profile . . . . . . . . . . . . . . . . . . . . . . . . . 19 1.4.1 Preparing the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 1.4.2 Capturing the system image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 1.4.3 Configuring the system profile. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 1.5 Deploying a Windows profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 1.5.1 Creating a deployment scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 1.5.2 Registering hosts in Tivoli Provisioning Manager for OS Deployment server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 1.5.3 Creating a new user through a software package. . . . . . . . . . . . . . . 47 1.5.4 Deploying a Vista profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 IBM Redbooks publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Other publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Online resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 How to get IBM Redbooks publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Help from IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 © Copyright IBM Corp. 2007. All rights reserved. iii iv Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Notices This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing, IBM Corporation, North Castle Drive, Armonk, NY 10504-1785 U.S.A. The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrate programming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. © Copyright IBM Corp. 2007. All rights reserved. v Trademarks The following terms are trademarks of the International Business Machines Corporation in the United States, other countries, or both: Candle® IBM® IMS™ MVS™ NetView® Redbooks™ Redbooks (logo) Tivoli® VTAM® ™ The following terms are trademarks of other companies: Aero, BitLocker, Microsoft, MS-DOS, Windows NT, Windows Vista, Windows, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others. vi Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Preface Tivoli® Provisioning Manager for OS Deployment provisions operating systems and applications to computers using the Pre-boot eXecution Environment (PXE) industry standard for bare-metal installation. A bare-metal installation eliminates the need for an operating system to be present on a local disk drive. Tivoli Provisioning Manager for OS Deployment is a turn-key solution to the most common provisioning issues and provides an easy to use, turn-key solution for education, SMB, or larger accounts. In this IBM® Redpaper, we discuss how to deploy Vista, Microsoft®'s newest operating system, using Tivoli Provisioning Manager for OS Deployment. Note that this IBM Redpaper is specifically geared to IT Specialists who will be working on Vista deployment projects. For a full discussion of Tivoli Provisioning Manager for OS Deployment, including installation, customization, and other product integrations, refer to Deployment Guide Series: Tivoli Provisioning Manager for OS Deployment V5.1, SG24-7397. The team that wrote this IBM Redpaper This paper was produced by a team of specialists from around the world working at the International Technical Support Organization, Austin Center. Vasfi Gucer is an IBM Certified Consultant IT Specialist working at the ITSO Austin Center. He worked with IBM Turkey for 10 years and has been with the ITSO since January 1999. He has more than 12 years of experience in systems management, networking hardware, and distributed platform software. He has worked on various Tivoli customer projects as a Systems Architect in Turkey and the United States. Vasfi is also a Certified Tivoli Consultant. Dominique Bertin holds a Technology Certificate in Electric Engineering from the University of Creteil, near Paris in France. He worked as an Honeywell Bull representative on different mainframe customers sites for seven years, and then started working as a Software Engineer in the National Software Center in the Bull company. After 12 years at Bull, he joined a software services company that was acquired by Candle® corporation five years later. After IBM acquired Candle, he moved to a Tivoli pre-sales position. He is currently assigned to the Tivoli Configuration Manager, Tivoli Provisioning Manager for OS Deployment, © Copyright IBM Corp. 2007. All rights reserved. vii and Tivoli Provisioning Manager for Software products within the Tivoli Business Automation segment. Richard Hine has a Bachelors degree in medical Science from the University of Manchester in the UK, and has worked for IBM since 1981. He worked with IBM Mainframes for 11 years, doing services and support roles, with MVS™, IMS™, and VTAM®, and took assignments to teach automation techniques and assembler programming. During this time, he also took a job supporting the IBM first Point of Sale deployment in Europe at Boots of Nottingham in the U.K. He moved to country technical support in 1991 to support IBM network management tools on distributed systems, where he taught at the international education center in La Hulpe, and supported field services engagements for the NetView® automation family of products, both distributed and mainframe. During this time, Richard also did several international services engagements in the Middle East, and wrote an ANO based TCP/IP monitoring application that was used in IBM South Africa. Richard moved to Tivoli in 1996 when IBM acquired Tivoli. He worked in a pre-ales role for the UK, on all Framework products, while also leading the UK Advanced Technology Team. He was certified in 2002, and has been published in the Managed View and two other IBM Redbooks™ publications. Currently, he works with the Tivoli Performance and Business automation products in a pre-sales capacity for the UK Financial Services Sector. Thanks to the following people for their contributions to this project: Arzu Gucer and Wade Wallace International Technical Support Organization, Austin Center Dennis R Goetz, Peter Greulich, Hakan Thyr IBM USA David Clerc and Marc Vuilleumier Stueckelberg IBM Switzerland Become a published author Join us for a two- to six-week residency program! Help write an IBM Redbooks publication dealing with specific products or solutions, while getting hands-on experience with leading-edge technologies. You will have the opportunity to team with IBM technical professionals, Business Partners, and Clients. Your efforts will help increase product acceptance and customer satisfaction. As a bonus, you will develop a network of contacts in IBM development labs, and increase your productivity and marketability. viii Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Find out more about the residency program, browse the residency index, and apply online at: ibm.com/redbooks/residencies.html Comments welcome Your comments are important to us! We want our IBM Redpapers to be as helpful as possible. Send us your comments about this Redpaper or other IBM Redbooks publications in one of the following ways: Use the online Contact us review IBM Redbooks publication form found at: ibm.com/redbooks Send your comments in an e-mail to: redbooks@us.ibm.com Mail your comments to: IBM Corporation, International Technical Support Organization Dept. HYTD Mail Station P099 2455 South Road Poughkeepsie, NY 12601-5400 Preface ix x Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 1 Chapter 1. Installing Vista systems This chapter provides step by steps instructions for getting the Microsoft Vista operating system working on a bare-metal installation. It gives some guidelines regarding the different possibilities you have between upgrading or replacing your existing pre-Vista systems. We assume that you have a working Tivoli Provisioning Manager for OS Deployment environment. For information about how to install Tivoli Provisioning Manager for OS Deployment, you can refer to Deployment Guide Series: Tivoli Provisioning Manager for OS Deployment V5.1, SG24-7397. This chapter contains the following sections: “Why Vista” on page 2 “Do I upgrade or replace” on page 3 “Creating an unattended Windows Vista profile” on page 4 “Creating a cloning Windows Vista profile” on page 19 “Deploying a Windows profile” on page 37 © Copyright IBM Corp. 2007. All rights reserved. 1 1.1 Why Vista Microsoft Vista is here, and chances are, it is coming to your organization sooner than you think. Many organizations are expecting to make a move towards Vista within a year, with the larger the organization, the higher the probability that this will occur. The significant commitment in time and expense is driven by a variety of factors, which include much needed features introduced in Vista, and the realities of waning support for older versions of Windows®. While enhancements in the user experience, such as Vista's Aero™ Glass interface, have monopolized the marketing spotlight, it is enhancements under the covers that are motivating enterprise customers to upgrade. Vista introduces a new developer platform, .NET Framework 3.0, which will enable faster development of applications that will have better interfaces, better integration with other applications, and better code in general. The .NET Framework is comprised of key components that include the Windows Workflow Foundation (WWF), which makes Vista the first OS to embed a workflow development and runtime environment, and the Windows Communication Foundation (WCF), which dramatically simplifies the way connections between services are defined and managed. Perhaps the most important innovation driving enterprise adoption of Vista is enhanced security. Vista is the first operating system Microsoft has built from design to release using the Security Development Life cycle (SDL) under their Trustworthy Computing Initiative. Immediately beneficial security enhancements include User Account Control, which eliminates the need for average users to log in with Administrator privileges and by default grant that privilege to every application, virus, or other form of malware they intentionally or inadvertently launch. In addition, Vista introduces a multi-tiered rights management and encryption technology (BitLocker™) that will protect data on the disk, even if the disk is inside a stolen mobile computer. These are only a few of the security enhancements in Vista that represent the quantum leap in integrated client security for which the enterprise has been waiting. Beyond the innovations Vista offers as a motivation to upgrade, there is also the fact that older versions of Windows are becoming less supportable. With Windows 2000 already out of mainstream support and losing critical update support in 2010, and the launch of Vista starting the two year countdown to the end of mainstream support for Windows XP, an upgrade is inevitable. If your enterprise falls into this group, starting to plan and test now is your best defense against unmanageable complexity and unpredictable costs. 2 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 1.2 Do I upgrade or replace Microsoft offers different upgrade paths for licenses and software that are well documented at: http://www.microsoft.com/windows/products/windowsvista/buyorupgrade/upg radepaths.mspx We will not deal with license upgrade paths here, but take a look at upgrading the technology. The workstation options are summarized in Figure 1-1 on page 4. In the cases where people are upgrading from Windows NT®, Windows 2000, or some variants of Windows XP, they will have to install the Vista OS from scratch using the techniques mentioned in the chapters that follow. This process would typically involve: 1. 2. 3. 4. Saving user files and settings of donor machine Assessing whether the machine is ready for an upgrade Upgrading the machine to Vista Restoring the user files and settings to the new operating system. Only in the case where the original machine was Windows XP Home or Windows XP Professional can the OS be upgraded in place. Chapter 1. Installing Vista systems 3 Figure 1-1 Technical upgrade options to Windows Vista™ Upgrading the operating system using an unattended profile will exploit the native function of the unattended installation process to migrate user settings and preserve user files. 1.3 Creating an unattended Windows Vista profile The main purpose of Tivoli Provisioning Manager for OS Deployment is to deploy an operating system on client computers by replicating a reference system. However, unattended installation of an operating system is also possible. If you decide to create an unattended Windows Vista installation profile, Tivoli Provisioning Manager for OS Deployment does not replicate a reference system. You will have to provide all of the details that the Tivoli Provisioning Manager for OS Deployment server would need to walk through an installation of a Windows Vista operating system. Note: Unattended installation effectively means native installation. 4 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment All the installation tasks are executed from the Tivoli Provisioning Manager for OS Deployment server. Creating unattended installation profiles is easier than cloning profiles. However, Tivoli Provisioning Manager for OS Deployment's native mode of operation is centered around cloning-mode system profiles, because this method of deployment is faster than unattended installation. When deploying computers on a large scale, unattended installation is not possible. We will cover the Windows Vista profile in two steps: Profile creation WinPE software package creation 1.3.1 Profile creation To create an unattended Windows Vista profile: 1. Launch the Tivoli Provisioning Manager for OS Deployment Web console (Figure 1-2 on page 6). It can be done in two different ways: a. Remotely from your Internet browser using the syntax http://TPM server name:8080. b. Locally from your from Tivoli Provisioning Manager for OS Deployment server by selecting Start → Programs → IBM Tivoli Provisioning Manager → Web console. Chapter 1. Installing Vista systems 5 If you are connecting to the Web console for the first time, take a few minutes to read important informations by clicking the First time console user link, as shown in Figure 1-2. Figure 1-2 Launching the Tivoli Provisioning Web console 2. Log on with the user ID and password that you have specified during the Tivoli Provisioning Manager for OS Deployment installation if you have not yet created another user ID. 6 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 3. Click OS Deployment and select Profiles. Then, click the New Profile button at the bottom of the window. You will get the window shown in Figure 1-3. A wizard will guide you through the different steps of creating a profile. We are going to explain all these steps in detail. Figure 1-3 Creating a new System profile 4. Select the type of profile to be created, an Unattended setup (scripted install) in our case, as shown in Figure 1-4, and click Next. Figure 1-4 Choosing the deployment mode Chapter 1. Installing Vista systems 7 5. Select the deployment mode, namely A Windows Vista system profile in our case, as shown in Figure 1-5, and then click Next. Figure 1-5 Choosing the operating system type 6. The wizard will ask you to specify the folder where the Windows setup files are located, as shown in Figure 1-6. In the example below, we copied all the CD content on disk in the C:\temp\Code-Vista directory. Click Next. Figure 1-6 Specifying where the Windows Vista setup files are located 8 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 7. Next, the wizard informs you which version was found in the directory you just provided. Click Next. See Figure 1-7. Figure 1-7 Version found 8. You must then specify a size for the Windows Vista partition. This can be done as a fixed MB size or as a percentage of the total disk space. In the example shown in Figure 1-8, we select a percentage. Figure 1-8 Partition sizes specification Chapter 1. Installing Vista systems 9 9. Figure 1-9 shows that you must select parameters for this new partition. Specify the format as FAT16, FAT 32, or NTFS, as well as the size, and click Next. Tip: If you choose a value of 100%, you will have the possibility to restore your profile on any kind of hard disk size. Figure 1-9 Selecting parameters for the partition 10 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 10.Click the radio button next to the partition you want to use as the target partition for Windows to complete the partition layout process (Figure 1-10). Figure 1-10 Selecting the partition 11.For a later fully unattended installation, you must enter a valid Windows Product Key, as shown in Figure 1-11, and click Next. Figure 1-11 Windows Product Key Chapter 1. Installing Vista systems 11 12.You can then configure some fixed properties, such as registered owner and time zone, as shown in Figure 1-12. Click Next. Figure 1-12 Fixed properties 13.The next window (Figure 1-13) allows you to specify a custom configuration file with custom settings that you would like to use in your system profile. Tivoli Provisioning Manager for OS Deployment will automatically patch this file with host-specific settings. If you do not need it, click Next to skip this step. Figure 1-13 Custom setup configuration file 12 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 14.Figure 1-14 shows that you will be asked to enter a description for your system profile, such as “Windows Vista Enterprise”. Figure 1-14 System profile description 15.Click Next to start the creation of the unattended setup profile. It might take a few moments for Tivoli Provisioning Manager for OS Deployment to create the archive containing all the files required for Windows installation (see Figure 1-15). Figure 1-15 Profile packaging in process Chapter 1. Installing Vista systems 13 16.The next window (Figure 1-16) displays a message indicating that the system profile has been successfully created. A WinPE Software Package is required to deploy a Vista profile. Click here in order to switch directly in the Software Package wizard, as shown in Figure 1-16. You do not have to worry If you have already clicked Finish; you still have the possibility to create this package from the Software packages link in your Web console, as described in 1.3.2, “WinPE software package creation” on page 14. Figure 1-16 Profile successfully created 1.3.2 WinPE software package creation If you had just created your Vista profile, you are probably just coming from the step described in Figure 1-16. In such a case, you just have to continue with this section and go through the next steps described in the following pages. In the opposite case, you just need to start the Software Package wizard by selecting OS Deployment → Software packages and selecting New software → Windows Vista → A custom action on the target computer → A WinPE 2.0 Ramdisk image. You can then continue with the same windows from Figure 1-18 on page 16 until the end of this section. 14 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 17.Read the information provided here about WinPE and click Next, as shown in Figure 1-17. Note: Microsoft Windows Preinstallation Environment (Windows PE) 2.0 provides preparation and installation tools for the Microsoft Windows Vista operating system. Microsoft WinPE is a minimal OS, based on the Windows XP kernel, that replace MS-DOS® during the initial OS installation stages beginning with Vista OS, which is known as Longhorn. It provides a GUI environment during the entire installation instead of the old text-based screen prompts that are common during the initial setup of earlier Windows installations. Figure 1-17 Information about WinPE 18.You need to specify where the Vista source code is located and then click Next, as shown in Figure 1-18 on page 16. This window shows different possibilities. Most of them will require the Web Interface Extension to be installed. Chapter 1. Installing Vista systems 15 Figure 1-18 Vista code location 19.A default description is provided by the product, as shown in Figure 1-19. You can modify it to fit with your naming conventions and then click Next. Figure 1-19 Description of the WinPE Software Package 16 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 20.A default name is also provided for your package as it will be stored on the server side. We modified it in a more meaningful name, as shown in Figure 1-20. Click Next. Figure 1-20 Naming the software package 21.The software package generation starts. It should take a few minutes, depending on your computer speed. Figure 1-21 WinPE package generation Chapter 1. Installing Vista systems 17 22.At the generation completion, you will get a window as shown in Figure 1-22 explaining how to bind this package to individual targets. Click Finish. Figure 1-22 Successful creation of the software package 23.Select OS Deployment → Software packages to see your new package, as shown in Figure 1-23 Figure 1-23 Control of the software package creation 18 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 24.To get detailed description of this package, double click it, and you will get the window shown in Figure 1-24. Figure 1-24 Detailed description of the software package 25.At this point, you have created an unattended Vista profile and a specific software package WinPE that has been requested for a deployment of a Vista operating system. Before you can deploy this new image on a target, you will have to configure it properly. Please refer to 1.4.3, “Configuring the system profile” on page 32. This section is useful for both the unattended and cloning installations. 1.4 Creating a cloning Windows Vista profile Tivoli Provisioning Manager for OS Deployment's native mode of operation is centered around cloning-mode system profiles. Deployment through the cloning method is faster than an unattended installation. The cloning-mode system profiles are more efficient for deployment than unattended installation system profiles. Cloning a Vista profile consists of taking an image of a computer containing a running and configured version of Windows Vista. Then, run the profile creation from the system to be cloned using a Tivoli Provisioning Manager for OS Deployment Administrative Toolkit that is distributed to the clone host by the Tivoli Provisioning Manager for OS Deployment server. Chapter 1. Installing Vista systems 19 This section will guide you through the three main steps to create a system profile based on the Windows Vista Client: Preparing the system Capturing the system image Configuring the system profile 1.4.1 Preparing the system Tivoli Provisioning Manager for OS Deployment does not perform any cleanup on your machine. Before you can clone your Vista machine, you need to make sure that the system is as clean as possible before you start. Typically, this means that you need to: Empty the machine recycle bin. Delete the Internet cached files (cookies and history). Delete your temporary directories and files. Disconnect any network shares and remote printers. Also be aware that the account named Administrator needs to exist in the machine to be cloned, but it will be disabled by Vista as a part of the deployment process, so you need to have an additional account belonging to the Administrator group in order for the deployment process to work properly. You will then be ready to run a Microsoft utility called Sysprep on this system, which will be considered your reference OS. Windows Vista only allows you to run Sysprep on the operating system three times. After that, the Sysprep tool refuses to start, so always start from your original reference image. 20 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Microsoft Sysprep for Windows Vista is available on every installed Vista OS. The following steps will allow you to start the Sysprep utility: 1. Close all the open applications and run the Sysprep executable file located in the C:\windows\system32\sysprep directory. Windows Vista asks for your permission to continue. Click Continue. See Figure 1-25. Figure 1-25 User Account Control Chapter 1. Installing Vista systems 21 2. In the System Preparation Tool pop-up, select the following options, as shown in Figure 1-26: a. Select Enter System Audit Mode from the System Cleanup action drop-down menu. b. Select the Generalize check box. c. Select Shutdown from the Shutdown Options menu. d. Click OK. 3. The Vista system should shut down automatically and become ready to capture the image. Figure 1-26 System Preparation 1.4.2 Capturing the system image 1. You now need to start your reference Windows Vista system and boot it to the network so that the Tivoli Provisioning Manager for OS Deployment server can discover and manage it. When you boot your computer, the BIOS looks for the boot priority in the configuration. If it is configured to boot first on disk, it must be overridden simply by pressing the F12 or ESC keys just at the beginning of the boot sequence. 22 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Once the Tivoli Provisioning Manager for OS Deployment server catches the system, a window appears on the Vista machine, as described in Figure 1-27. Figure 1-27 Boot in the network 2. After the Tivoli Provisioning Manager for OS Deployment server identifies the computer and writes a basic hardware scan data into the Tivoli Provisioning Manager for OS Deployment database, the guest will display a window, as shown in Figure 1-28. Note: If you have several PXE servers in your architecture, you must verify if the IP address displayed in the upper right part of the window matches the PXE server you expect to use. Figure 1-28 Guest identification Chapter 1. Installing Vista systems 23 3. You now need to log on to your Tivoli Provisioning Manager for OS Deployment Web console from a Web browser using the syntax http://TPM server name:8080 or from your from Tivoli Provisioning Manager for OS Deployment server by selecting Start → Programs → IBM Tivoli Provisioning Manager → Web console. 4. Select OS Deployment and then Host Monitor in the left pane, as shown in Figure 1-29. Figure 1-29 Access to the targets 5. Select the newly discovered system in the Host Monitor view and choose Start admin toolkit from the left margin menu, or right-click the discovered host and select Start admin toolkit from the pop-up menu, as shown in Figure 1-30. Figure 1-30 Launching the admin toolkit 24 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 6. The window shown in Figure 1-31 will be displayed. If you want to bind the Administrator Toolkit to the template server, you can do so by checking Bind the Administrator Toolkit to selected hosts. This has the effect of causing the admin toolkit to launch on the Tivoli Provisioning Manager for OS Deployment client whenever the network boots from the Tivoli Provisioning Manager for OS Deployment server. This might be useful if you need to perform extra work on the template server. Otherwise, you will need to download the admin toolkit to the client each time you need to adjust the profile. Uncheck the option Try to wake-up hosts currently powered off and click OK. Figure 1-31 Start Admin Toolkit Chapter 1. Installing Vista systems 25 7. Go back to your reference Vista machine. You should see the window shown in Figure 1-32. Select the Make a new image icon. You can also, in this window, modify the disk partition or restore an image that has been previously saved. Figure 1-32 Image creation 8. The Image Creation menu is then displayed (Figure 1-33). Click the icon to select the Create a System Profile. Figure 1-33 System profile creation 26 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 9. In Description field, press the Esc key to erase its content. Then type “Windows Vista” and click Next. (Figure 1-34). You can enter a description of your profile in the Comment field. Figure 1-34 Naming your profile 10.The “Model name” field is automatically populated. For screen capture purposes in this IBM Redpaper, you can see that we are working with VMWare tools. Tivoli Provisioning Manager for OS Deployment has automatically populated the Model name. You can leave it as is if you want to deploy the profile only on this particular model. You can also erase this if the image has to be installed on different kind of material without any verifications. Chapter 1. Installing Vista systems 27 Click Next, as shown in Figure 1-35. Figure 1-35 Model name specification 11.Review your profile parameters and click Next, as shown in Figure 1-36. We have modified the Model name to deploy only the profile on a specific model. Figure 1-36 Verification 28 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 12.The building of the image will take several minutes and will depend on the speed of your network, the size of the image, and if any similar images have already been created. See Figure 1-37. Figure 1-37 Image building Chapter 1. Installing Vista systems 29 13.If you look at the bottom of the window, you will see a Tivoli icon, as shown in Figure 1-38. This icon hides some very useful features. You can either launch a console locally to check the different steps for image cloning. All these detailed messages can also be uploaded on the server by selecting the Upload console option. This log can be useful for analysis purpose. You can access the log from your Web console. a. Select OS Deployment → Host Monitor → Host details. b. Click the Logs tab and select the log corresponding to your image cloning. c. The download option gives you the possibility to save this log where you want. Figure 1-38 Checking the image building 14.You will then be able to verify the successful creation of your image, as shown in Figure 1-39. Click OK. Figure 1-39 Successful creation of an image 30 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 15..Click Exit Administrator Toolkit, as shown in Figure 1-40. Figure 1-40 Main functions menu 16.To exit from the Administrator Toolkit, select one of the options that is the most convenient for you. Figure 1-41 shows that you can either turn off the computer or reboot it with the possibility to enforce a boot on Vista. Figure 1-41 Exit menu Chapter 1. Installing Vista systems 31 17.Now, go back to your Tivoli Provisioning Manager for OS Deployment Web console and select OS Deployment → Host Monitor, as shown in Figure 1-42. You will see a green color for your host, which means that your OS capture is successfully completed. Different colors can be seen here depending on the activity. Figure 1-42 OS capture is successfully completed 1.4.3 Configuring the system profile A profile needs to be configured before it can be deployed on a target. This is true for both the Unattended and Cloning profiles. 1. Select the profile you want to configure and click the Configure link, as shown in Figure 1-43. 32 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Figure 1-43 Profile selection for configuration 2. Select the Edit link in the Fixed host properties section, as shown in Figure 1-44. Chapter 1. Installing Vista systems 33 Figure 1-44 Fixed host properties access 3. You can enter different regular expressions or provide variable substitution here. For example, the [IP] variable in the Hostname field automatically inserts the machine assigned IP address. You can also concatenate a fixed field with these variables. Examples: Vista-[IP] could give Vista-9.1.2.3. In the section "Setting up profile configurations and fixed common parameters", in Tivoli Provisioning Manager for Operating System Deployment Guide (Fix Pack 1), SC32-2582, you will see that you can also use the [MAC], [SN], [AT] keywords for the MAC address, Serial Number, and Asset Tag to identify your target. A range extension is also supported by each of these keywords. Moreover, if you need more flexibility, you can create different kinds of associations through a feature available in the Tivoli Provisioning Manager for OS Deployment. To do this task, select OS Deployment → Host Monitor and launch the Export hosts feature at the bottom of the window to export 34 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment your existing hosts definitions to a .csv file. You can use this file as a model to create your own .csv file and then import a list of new hosts using the Import hosts function. An example could be to create a list with only the SN and the IP fields. In our example, we selected the following parameters, as shown in Figure 1-45, and clicked OK. – Host name: Vista-[IP] – TCP/IP mode: Use a dynamic IP address (DHCP) Figure 1-45 Fixed host properties info Chapter 1. Installing Vista systems 35 4. Then select the Edit link from the Windows-specific section. Enter your product key, Network type, and Administrator name, and click Ok, as shown in Figure 1-46. The values specified for window resolution are given in Figure 1-46. Figure 1-46 Windows-specific information 36 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 5. Select the Edit link from the Fixed user properties section. Figure 1-47 gives you an example of how the form can be filled. There are also four freely configurable user categories that can be used to store information regarding the user (such as position, department, and location), and that can be used in the software matching mechanism (automatic binding rules). Click Ok. Figure 1-47 Fixed user properties 1.5 Deploying a Windows profile Before deploying a profile on a target computer, you will have to specify how your profile is going to deployed. In Tivoli Provisioning Manager for OS Deployment, this is done through a deployment scheme. The following sections will describe how to create a deployment scheme, how to register new target hosts in your Tivoli Provisioning Manager for OS Deployment server database, and will also show an example of Vista deployment. Chapter 1. Installing Vista systems 37 1.5.1 Creating a deployment scheme Deployment schemes allow an administrator to create different deployment methods. For example, you can ensure that the deployment user must specify the host name for each deployment: 1. Select OS Deployment → Deployment schemes in the left pane of the window, as shown in Figure 1-48. Figure 1-48 Creating/Browsing the deployment schemes 2. Select New scheme at the bottom left hand side and enter a name for this new scheme. Click Next, as shown in Figure 1-49. 38 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Figure 1-49 Naming your deployment scheme 3. Even if we are deploying an unattended profile, we can still ask to edit the host-specific parameters (such as the host name, user name, and so on) interactively at the time of the deployment. Indeed, the typical use of Tivoli Provisioning Manager for OS Deployment involves configuring the target hosts to boot from disk first: occasionally, you will press F12 at startup to boot from the network when a deployment is needed. You should select the Always edit host-specific parameters interactively option to avoid repeated deployments of the OS on your machine that will happen without any user option to halt this looping process. If you do not want to follow the typical way described above and you prefer configuring your hosts to always boot first from the network, you must activate the Boot on hard-disk option in the Boot settings of your host definition after the deployment is completed. If this is not done, these hosts will return to the window that prompts you to deploy the image again, giving us a loop in the process. In this case, you should choose the Never edit parameters, run the deployment unattended option. This will then give you a zero touch installation scenario. Select Always edit host-specific parameters interactively and then Next, as shown in Figure 1-50. Chapter 1. Installing Vista systems 39 Figure 1-50 Unattended deployment 40 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 4. Now, you can get Tivoli Provisioning Manager for OS Deployment to do Hardware and Software inventory on the target. You have many different ways to decide when it must be performed and what level of information you want to collect. See Figure 1-51 for an example and click Next. Figure 1-51 Hardware and Software inventory parameters 5. You can also decide whether a few tasks must be done by the user and manage the state of your target at the end of the deployment. The window in Figure 1-52 shows the default options. Click Next. Chapter 1. Installing Vista systems 41 Figure 1-52 Controlling the target after deployment 6. Tivoli Provisioning Manager for OS Deployment allows you to control the network bandwidth when you deploy your profiles, as shown in Figure 1-53. Chapter 11, “Customizing deployment schemes”, in Tivoli Provisioning Manager for Operating System Deployment Guide (Fix Pack 1), SC32-2582 gives you all the details about these options. Figure 1-53 Networking mode 42 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 7. This window gives you the possibility to enable the Redeployment feature of Tivoli Provisioning Manager for OS Deployment on your target. In our example, we leave the option unchecked and we click Next, as in Figure 1-54. Figure 1-54 Redeployment feature implementation 8. You will then get the last window saying your deployment scheme is now set. Just click Finish to close the wizard. 9. You can still verify your new deployment scheme (do not forget to select it in the list), and eventually edit parameters before using it in a deployment. If you wish to do so, go to OS Deployment → Deployment schemes in the left pane of your console, as shown in Figure 1-55. Chapter 1. Installing Vista systems 43 Figure 1-55 Viewing and modifying Deployment schemes 1.5.2 Registering hosts in Tivoli Provisioning Manager for OS Deployment server If your target is already known to Tivoli Provisioning Manager for OS Deployment server, you can skip directly to 1.5.4, “Deploying a Vista profile” on page 50. Otherwise, Tivoli Provisioning Manager for OS Deployment offers different techniques to register new hosts (targets) in your server database: Boot the target in the network to automatically register it. 44 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment To boot in the network, press the F12 or ESC keys just at the beginning of the boot sequence. Chapter 1. Installing Vista systems 45 Manually register a host or a range of hosts from the Web console. Select OS Deployment → Host Monitor and click Register new hosts at the bottom of the page to get the window shown in Figure 1-56. You can specify either the MAC address, IP address, Serial number, UUID, or any combination of them. Figure 1-56 Registering a host manually Tip: When can it be useful to manually register a new host? This situation may arise when automatic registration does not work with some type of hardware. Some older versions cannot support some new features, such as the Enhanced PXE feature. You can disable this feature once you have manually registered your new host and before you start the deployment. Select OS Deployment → Host Monitor, select your host in the Host Monitor list, select View host details, edit the Boot Settings, and check the Disable enhanced PXE access option. 46 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment To register hosts as an IP range, click the appropriate link, as shown in Figure 1-57. Specify a starting address and a Count. Click Register. You will get nine new hosts registered from IP address 9.3.4.120 to 9.3.4.128. Figure 1-57 Registering hosts as IP range Import a list of hosts from a .csv file. You need to know the format of the file recognized by Tivoli Provisioning Manager for OS Deployment. Select OS Deployment → Host Monitor and click Export hosts at the bottom of the page. You will be allowed to save a hostexport.csv file where you want to save it. Analyze this file as a template before creating your own .csv file. To import it, click Import hosts at the bottom of the page. Tip: When can it be useful to import a list? You can parse the hostexport.csv file with a script and create a new .csv to industrialize your deployments by, for example, specifying an association between Serial Number and Hostnames. 1.5.3 Creating a new user through a software package At the end of the deployment of the Vista profile on your new target, you can expect to have an additional local user created with the standard Administrator account. You can manage this requirement by creating a software package before proceeding to the deployment phase. 1. Select OS Deployment → Software packages → new software. Chapter 1. Installing Vista systems 47 2. Check the following options in the Software Package Wizard: – Windows Vista. – A custom action on the target computer. – A configuration change to perform on the target computer (a registry patch, a command to execute, and so on). – Execute a single command. 3. Enter a name and a description for your new software package, as shown in Figure 1-58. Figure 1-58 User creation through a software package 48 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment 4. Specify when you wish to execute your software package and enter the exact command line entry to create your local user, as shown in Figure 1-59. Click Next, and you will get a window saying that your software package has been successfully created. Figure 1-59 User creation command line 5. Click Finish to exit the software wizard. Now you will be able to see your new software package in the “Software packages” list, as shown in Figure 1-60. Figure 1-60 New software package created 6. In order to get this user created at the end of the Vista profile deployment, just remember we will have to bind this new software package during the next phase, which is described in “Deploying a Vista profile” on page 50. Chapter 1. Installing Vista systems 49 Important: The method shown above is one way of creating a user, in order to fulfill this Vista requirement. There is also an alternative way to create a user with the Tivoli Provisioning Manager for OS Deployment. To use this method, do the following: Open a Vista profile, then open the associated configuration page. You will see an option called "Create a local account for the user". If you set this option, a user will automatically be created, using the field "Full Name" as the username. 1.5.4 Deploying a Vista profile To be ready to be used by a user, a computer must have the operating system installed at the end of the deployment, as well as the required applications and drivers. Deployment is a process of installing a profile on a computer. When the deployment is complete, the operating system is installed and ready to be used by the user defined for this host in the database. In addition to the operating system, Tivoli Provisioning Manager for OS Deployment allows you to install the required application packages and drivers as part of the initial deployment. We will use the automatic registration technique of a new target in the following example: 1. To register your new target host, you first need to boot it in the network (by pressing the F12 or ESC keys just at the beginning of the boot sequence, as shown in Figure 1-61). You will see a new entry in the Host Monitor list. You just have to select it, right click, and select Deploy now. 50 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Figure 1-61 Starting the deployment from the Web console Chapter 1. Installing Vista systems 51 2. You will get the window shown in Figure 1-62. a. Select the Deployment scheme that you created earlier in 1.5.1, “Creating a deployment scheme” on page 38. b. Select the profile you want to deploy on the target. c. Remember that we also want to install a WinPE software package and create a customer user on this target. Click the Edit manual software binding link, and you will get the window shown in Figure 1-63. d. Select the software packages you wish to deploy along with the OS and click OK to come back to the Start deployment window. e. Click OK to start the deployment. Figure 1-62 Selecting deployment scheme, profile, and software packages 52 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Figure 1-63 Selecting the software packages to deploy 3. Now, you will be able to see the window shown in Figure 1-64 on your target computer. It will take several minutes and several boots before you see Vista running on your target. Some times, this may take little more time. You can access the same features here as previously described during the cloning profile creation in Figure 1-38 on page 30. You will have to remember the following features: Click the red Tivoli icon at the bottom left hand corner of the window. You can launch a console locally to see what is happening after selecting the Show Console option in the menu. This does not affect the deployment process. You can also upload all this detailed information about the server by selecting the Upload console option. You will then have the ability to access the log from your Web console. a. Select OS Deployment → Host Monitor → Host details. b. Click the Logs tab and select the log corresponding to your image deployment. c. The download option allows you to save this log where you want to save it. Chapter 1. Installing Vista systems 53 Figure 1-64 Unattended Vista profile deployment 54 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Related publications The publications listed in this section are considered particularly suitable for a more detailed discussion of the topics covered in this IBM Redpaper. IBM Redbooks publications Deployment Guide Series: Tivoli Provisioning Manager for OS Deployment V5.1, SG24-7397 Other publications These publications are also relevant as further information sources: Tivoli Provisioning Manager for Operating System Deployment Guide (Fix Pack 1), SC32-2582 Online resources These Web sites are also relevant as further information sources: Upgrade paths for Vista: http://www.microsoft.com/windows/products/windowsvista/buyorupgrade/ upgradepaths.mspx How to get IBM Redbooks publications You can search for, view, or download IBM Redbooks publications, IBM Redpapers, Technotes, draft publications and Additional materials, as well as order hardcopy IBM Redbooks publications, at this Web site: ibm.com/redbooks © Copyright IBM Corp. 2007. All rights reserved. 55 Help from IBM IBM Support and downloads ibm.com/support IBM Global Services ibm.com/services 56 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Index Symbols .NET Framework 3.0 2 A attended installation profile 5 B O older versions of Windows 2 P preserve user files 4 Profile creation 5 locally 5 remotely 5 BitLocker 2 C cloning advantages 19 versus unattended installation 5, 19 Windows Vista 19 cloning-mode system profiles 19 cookies 20 creating a cloned profile Windows Vista 19 creating an unattended profile Vista 19 E empty the recycle bin 20 R Redbooks Web site 55 Contact us ix S Security Development Life cycle (SDL) 2 Software Package WinPE 19 Software Package wizard 14 Sysprep executable file 21 Sysprep tool 20 Sysprep utility 21 System Image 20 T install the Vista from scratch 3 integrated client security 2 Internet cached files 20 temporary directories 20 Tivoli Provisioning Manager for OS Deployment 4–5, 12–13 native mode of operation 19 Web console 5 Trustworthy Computing Initiative 2 M U I Microsoft 3 Microsoft Vista 2–3 license upgrade path 3 multi-tiered rights management 2 N native installation 4 network shares 20 © Copyright IBM Corp. 2007. All rights reserved. unattended installation Vista 5 unattended installation profile Vista 5 V Vista 1–2, 4 Vista upgrade paths 3, 55 Vista's Aero Glass interface 2 57 W Windows 2000 3 Windows Communication Foundation (WCF) 2 Windows NT 3 Windows Vista Client 20 Windows Vista profile 5 Windows Workflow Foundation (WWF) 2 Windows XP 3 Z zero touch installation 39 58 Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Back cover Vista Deployment Using Tivoli Provisioning Manager for OS Deployment Learn Vista deployment using TPM for OS Deployment Experiment with cloning and unattended profies Learn best practices and tips Tivoli Provisioning Manager for OS Deployment provisions operating systems and applications to computers using the Pre-boot eXecution Environment (PXE) industry standard for bare-metal installation. A bare-metal installation eliminates the need for an operating system to be present on a local disk drive. Tivoli Provisioning Manager for OS Deployment is a turn-key solution to the most common provisioning issues and provides an easy to use, turn-key solution for education, SMB, or larger accounts. In this IBM Redpaper, we discuss how to deploy Vista, Microsoft's newest operating system, using Tivoli Provisioning Manager for OS Deployment. Note that this IBM Redpaper is specifically geared to IT Specialists who will be working on Vista deployment projects. For a full discussion of Tivoli Provisioning Manager for OS Deployment, including installation, customization, and other product integrations, refer to Deployment Guide Series: Tivoli Provisioning Manager for OS Deployment V5.1, SG24-7397. ® Redpaper INTERNATIONAL TECHNICAL SUPPORT ORGANIZATION BUILDING TECHNICAL INFORMATION BASED ON PRACTICAL EXPERIENCE IBM Redbooks are developed by the IBM International Technical Support Organization. Experts from IBM, Customers and Partners from around the world create timely technical information based on realistic scenarios. Specific recommendations are provided to help you implement IT solutions more effectively in your environment. For more information: ibm.com/redbooks REDP-4295-00