Hi,
Al of our computers are given a name depending on where they are in the building. This name never changes.
When we re-image machines we have been deleting them from the AD first and then moving them back into the correct group once completed.
Is this necassary? If we dont delete them from the AD and then reinstall and join will all the GPO's including the software installation GPOs be applied again?
Many thanks.
Dan
No. We don't do that; we use WDS and when re-imaging it just puts the computer back in the right place with AD so it's hands free. All the GPO stuff gets applied and stuff gets installed. This works for a new PC replacing an older one with the same name; it overwrites the entry. Has its uses, but can be dangerous as you can knock a PC off the domain if you use the name of another machine by mistake.
Pete
speckytecky (2nd September 2012)
Oh yeah, that can provide lots of fun!Originally Posted by FragglePete
Rob
No you do not need to delete from AD
Nick
Thanks all,
We have accidently not deleted one or two before and it seemed ok but didnt know if the server logs whats been installed on a computer.
Will save me some time.
Just need to get WDS sorted now, guessing you can specify a name before it installs and joins.
Yes - After the initial PXE boot you get to choose the image you want and then it will ask you for computer name. Walk away and come back later when it should all be done for you. We have the restart option on as well so after the final clear up phase machine is about ready to use.
Have been meaning to look at 'Zero Touch' solutions for WDS, things like Spec-Ops deploy which I've seen demo'd by another School - you just right click a machine in AD and select re-deploy and it restarts, PXE boots and deploys automatically with being no where near it.
Pete
You can if you do it by MAC address, which we find cumbersome at our site to do the traditional way in WDS. So we did it a less traditional way!
We use a script that stores the computer's name in a text file on the WDS server, the name of which is its MAC address. The startup command to run the script is executed as a domain user who is the only one who can read or write to that folder. The script itself is a batch file converted into an EXE using the freeware tool available at f2ko.de. This is because it offers encryption of the target file, prompting for a password on execution (so the pupils can't randomly re-image our machines, which are all set to WDS network boot by default and prompt for F12). What's actually executed when the boot environment starts is a different script (plain old batch file) that's used as a wrapper, to make sure you can't just close the password prompt and bypass the protection.
The encrypted name-recording script checks first to see if this computer's MAC address entry already exists. If it does, it doesn't prompt for the name. So if I do want a computer with a certain MAC address to become something else, I just change the name in the text file or delete it.
Once the new workstation has rebooted for the first time, there's another script within the image that checks this file and sets the computer name accordingly, THEN joins the domain manually from the command line (so we have WDS set to not automatically join the domain).
We did this because it was previously the last thing we couldn't completely automate in a satisfactory manner about the imaging process.
I used to use Fog which was zero touch deploy. Build an image and upload to fog server. As long as the machines r set to pxe boot. The fog agent will restart the machine and install to the image selected from the Fog server. Join to ad etc etc
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks