Upgrading to Windows Server 2003 can be intimidating and time consuming, because you usually have to perform the installation manually. This is fine for small and medium-size organizations, but if you’ve got a really big organization, you probably don’t have the time to manually upgrade dozens or even hundreds of servers. Fortunately, there is an easier way to deal with large-scale migrations: use automated deployment.
Automated deployment? On Windows?
Windows Server 2003 is the first version of Windows to allow for large-scale automated server deployments. Unfortunately, though, there is some bad news. The techniques that I’m about to discuss will only work if you are running Windows Server 2003 Enterprise Edition or Datacenter Edition. These techniques will not work with Standard Edition.
The ability to automate large-scale deployments is not native to Windows Server. You will need an add-on module to facilitate automated deployments. Fortunately, this add-on is free and can be downloaded from Microsoft. The add-on is named Automated Deployment Services, and it’s one of the Windows Server 2003 Feature Packs. You can access this and other feature packs at Microsoft's Windows Server 2003 Feature Pack Web site.
Before you begin
Before you start the deployment, there are a few things that you need to have in place. The process that I am about to show you requires that you have at least three servers. One server should be your ADS controller. This is the Windows 2003 Server that you will download the ADS setup files to. A second server will act as a master destination device. T server will contain the image files used to deploy additional installations. The third required server will be a brand-new server with no operating system. This server should have similar hardware to your master destination device server. An additional requirement is that your empty servers must include a PXE-enabled NIC, and you must know the NIC’s MAC address.
All of these servers must belong to the same workgroup and must exist on the same network. The network must also include a DHCP server, although it’s perfectly acceptable to run the DHCP services on your controller server. I also recommend that your destination device server and your empty servers not contain an OEM partition, as this partition could accidentally be imaged and deployed along with the Windows operating system.
Downloading and installing the Automated Deployment Services Feature Pack
The Automated Deployment Services (ADS) Feature Pack consists of a 34-MB self-extracting executable. Download this executable file and place it in its own dedicated subfolder on either a Windows Server 2003 Enterprise Edition or Datacenter Edition server. Double-click on the file and you may see a warning message indicating that some files can harm your computer. Click Open to ignore this message. Windows will ask you where you would like to extract the installation files to. The default location is C:\ADS.
It only takes about 30 seconds or so for the files to unZip. After the extraction process completes, the ADS Setup screen shown in Figure A should open automatically. If it doesn’t, you can open it manually by opening My Computer, navigating to the folder that you extracted the files to, and double-clicking on the ADSSetup.exe file.
|This is the main ADS Setup screen.|
Creating an ADS controller
The controller is the machine that will run the ADS services. There are actually several different services that ADS depends on. These include the Controller Service, The Image Distribution Service, and the Network Boot Services (NBS). NBS is made up of three services of its own, including the ADS PXE service, the TFTDP service, and the Deployment Agent Builder service.
Begin the process by verifying that your controller server has at least 5 GB of available hard disk space. Now, return to the screen shown in Figure A and click the Install Microsoft SQL Server Desktop Engine (Windows) option. The installer will now install the SQL Desktop Engine. The process takes about two or three minutes to complete. You do not have to have a separate SQL Server license to perform this operation.
Once the SQL engine is installed, return to the screen shown in Figure A and click the Install Automated Deployment Services option. When you do, Windows will launch the Automated Deployment Services Setup Wizard. Click Next to bypass the wizard’s Welcome screen and you will see the end user license agreement. Accept the license agreement, click Next, and the wizard will ask you what type of installation you wish to perform. Select the Full Installation option and click Next.
At this point in my installation, I received a message saying that the Network Boot Service could not be installed if the TFTPD service has already been installed by another product. The TFTPD service refers to the Trivial FTP Daemon. In my case, this service was installed as a part of the Remote Installation Service. I uninstalled the Remote Installation Service and restarted the installation and the problem went away.
The ironic part was that this time when I tried to install the Automated Deployment Services Setup, I received a warning stating that the ADS PXE service could interfere with other PXE operations including the Remote Installation Services. Since the Remote Installation Services were already uninstalled, I can only assume that this refers to Remote Installation Services that are running on other servers.
Click OK to acknowledge the warning and click Next. You will now see a screen asking which SQL database engine and which ADS database you want to use. Since this is the first ADS Server in your organization, accept the default options that tell ADS to use the SQL Server Desktop Engine, to Create a New ASS Database, and to Create a Self Signed Certificate. You can see an example of this screen in Figure B.
|Accept the default database options.|
At this point, Setup asks for the path to the Windows Setup files. However, since you are installing ADS from a downloaded copy on your hard disk, select the Prompt For The Path When Required option and click Next. The wizard will now ask you for a path where you would like to store server images. Any path where there is adequate disk space is acceptable. The default is C:\Images. Click Next followed by Install to begin installing the ADS Service. The process takes a few minutes, so now would be a good time to go take a break. When you come back, just click Finish to complete the installation process.
Building an image file
Now that your controller is set up, it’s time to configure the master destination device. Begin by completely blanking the system and removing all partitions. Now, regardless of the size of the hard drive, create a partition that is 3 GB in size. The reason for doing this is to limit the size of the image file and to reduce the installation time.
The image file can always be placed on a larger partition on the empty server. The only time that you would want to use a partition size larger than 3 GB on your master destination device would be if you were planning to also install and deploy some server applications.
The next thing that you need to do is to return to your controller server and copy its digital certificate to a floppy disk for later use. You can find the certificate in the Program Files\Microsoft ADS\Certificate folder. The file name is ADSROOT.CER.
Once you have a copy of your controller’s certificate, return to your master destination device, install the ADS setup file in the same way that you did on the other server and then extract the contents of the compressed archive. When decompression is complete, run the ADSSETUP.EXE file to access the screen shown in Figure A. Now, click the Install ADS Administration Agent link.
When you click on the link, Windows will launch the Administration Agent Setup Wizard. Click Next to bypass the Wizard’s welcome screen and you will see the end user license agreement for the agent. Accept the license agreement, click Next, and the wizard will inform you that it will be unable to communicate with the controller unless it has a copy of the controller’s certificate. The wizard will then go on to ask if you would like to install the certificate now or later. Choose the Now option. Before clicking Next, insert the floppy that you created earlier and enter A:\ADSROOT.CER into the space provided and click Next.
At this point, the wizard will ask you for a set of login credentials that the administration agent can use. Enter a user name and password into the place provided and click Next followed by Install to install the agent. The entire process only takes about a minute to complete. Click Finish to close the wizard.
Adding the device to the controller
Now that you have created the destination device, you must tell the controller to take control of it. To do so, return to the server that’s acting as the controller and enter the ADS.MSC command at the Run prompt. This will launch the ADS console.
Navigate through the console tree to Console Root\Automated Deployment Services\Devices. Now, right-click on the Devices container and select the Add Devices command from the resulting shortcut menu. When you do you will see the Add Device dialog box. Enter the name of the device into the space provided and click OK, followed by Cancel.
At this point, the device name that you have specified should appear in the Devices container. Right-click on the device and select the Take Control command from the resulting shortcut menu. When you do, the device’s state should change to Connected To Windows and the Control field should be set to Yes. You can see an example of this in Figure C.
|The device’s state should change to Connected To Windows.|
The next step is to create a template for the device by using the ADS management system. From within the console, right-click on the device and select the Properties command from the resulting shortcut menu. When you do, you will see the device’s properties sheet. It takes a little while for this properties sheet to be displayed, but when it finally does come up, locate the Default Job Template drop-down list on the properties sheet’s General tab and then select the Boot-To-Da option, as shown in Figure D.
|Select Boot-To-Da from the Default Job Template drop-down list.|
Create a server image
Now it’s time to create an image of your destination device. To do so, go into the BIOS on the destination device and change the boot order so that it boots from the network. When the boot order has been changed, boot the destination device.
When you boot the destination device, it will send a PXE message across the network. The ADS PXE service will then intercept the message and send the destination device’s MAC address to the controller. The controller then goes through the list of devices that you set up and finds which device has a matching MAC address.
When a match is found, the controller check’s the device’s profile. In the profile, you selected the Boot-To-Da option. This tells the system to boot to the distribution agent. Therefore, the controller sends the destination device instructions to boot to the deployment agent. The controller builds the deployment agent image and then tells the destination device to download it. When this process completes, the screen on the destination device should show the deployment agent with a Connected status.
Now, go back to the controller and change the default template for the destination device from Boot-To-Da to Boot-To-HD. When you’ve made the change, select the console’s Job Templates container. When you do, you will see a list of jobs appear in the column to the right. Right-click on the Reboot Job template and select the Run Job command from the resulting shortcut menu. A wizard will ask you which device you want to run the job on. Select your destination device and click Finish. This will reboot the destination device.
After the destination device reboots, go to it and create a folder named SYSPREP and another folder named \SYSPREP\I386 on the system drive. Now, open the Windows 2003 installation CD and copy the files SYSPREP.EXE and SETUPCL.EXE to the SYSPREP\I386 folder. These files are compressed within the DEPLOY.CAB file contained within the CD’s \SUPPORT\TOOLS folder. Now, copy the SYSPREP-WG-W2003.INF file from the \PROGRAM FILES\MICROSOFT ADS\SAMPLES\SYSPREP folder to the \SYSPREP folder. Rename the file to SYSPREP.INF.
Next, enter the SEQED command at the Run prompt. This will open the ADS Sequence Editor. Use the Open command on the Sequence Editor’s File menu to open the \PROGRAM FILES\MICROSOFT ADS\SAMPLES\SEQUENCES\CAPTURE-IMAGE.XML file.
From within the console, click Capture Image. Enter the name of the image into the Image Name box on the Properties tab. Now, save your changes and close the Sequence Editor.
Return to the controller console and select the Job Templates container. Now, right-click on the Capture Image template and select the Run Job command from the resulting shortcut menu. This will launch the Run Job Wizard. Click Next and you will see the Destination Device Selection screen. Select your destination device and click Next, followed by Finish. The controller should now start capturing an image. You can monitor the progress by selecting the controller console’s Running Jobs container. When the task completes, select the controller’s Images container and you should see the newly created image listed.
Deploying an image
Now that you have created an image, let’s deploy it. The first step is to create a device listing for the new machine that doesn’t have an operating system. To do so, go to the controller console and right-click on the Devices container and select the Add Device command from the shortcut menu. When you do, you will see the same Add Device dialog box that you saw earlier. Enter a name and the MAC address of the new device. MAC addresses should be entered in the form of 00-C8-F4-B2-48-56.
After you have created the device, right-click on the device and select the Take Control command from the resulting shortcut menu. Now, just as you did before, right-click on the new device, select the Properties command from the shortcut menu to reveal the device’s Properties sheet, and then select the Boot-To-Da option and click OK
Make sure that the blank system has its boot order configured through the BIOS to boot first to the network and then to the hard disk. Boot the system and you should see the deployment agent start to do its thing.
Now, go back to the controller and load the Sequence Editor. Open the file \PROGRAM FILES\MICROSOFT ADS\SAMPLES\SEQUENCES\DA-DEPLOY=-IMAGE-WG.XML. Within the console, click Download Image and then enter the name of the image that you created earlier. Save your changes and close the Sequence Editor.
Creating device variables
Now, you must create some device variables for every system that you want to deploy Windows to. Return to the controller console and right-click on the device that you are about to deploy to. When you do, you’ll see the device’s properties sheet. Select the User Variables tab and click the Add button. In the space provided, add variables named ProductKey, adminpassword, and machinename. You must also enter the appropriate values for these variables. You can see an example of this in Figure E.
|You must enter these user variables.|
Now you’re ready to run the new job. Select the Job Templates container and then right-click on the DA-DEPLOY-IMAGE-WG template and select the Run Job command from the resulting shortcut menu. This will open the now familiar job wizard. Click Next and then select the name of the new device and click Next and Finish. The job should begin running. You can watch the job’s status through the Running Jobs container. When the job completes, reconfigure the new server to boot from the hard disk and reboot the system. The server should now be running Windows Server 2003!
A lot of work but worth it
As you can see, automatic deployments of Windows Server 2003 can be tedious to set up. You probably don’t want to go through such an effort where you have only a few servers to deploy. However, in large organizations with dozens or hundreds of servers, automated deployment can be a huge time-saver.