How Pre-defined Computers Work in Deployment Solution 6.x and 7.1
This document is designed to provide insight into the changed processes surrounding how computers are pre-defined, imported, and used with Deployment Solution (DS) 6.x and 7.1 with focus on the DS for Dell add-on. This document is intended for audiences that are somewhat familiar with Deployment Solution. This document is not meant to provide a deep dive on how Deployment Solution works. For more information and to download a trial version of DS, please refer to the following website: http://www.symantec.com/business/deployment-solution
With DS 6.x, you are provided with a sample Excel spreadsheet named IMPORTCOMPUTERS55.XLS. The purpose of this spreadsheet is to pre-define many new computers slated for deployment with DS. Within the spreadsheet there are certain fields which allow an Administrator to pre-define primary lookup fields for the systems to be deployed such as the MAC Address, Serial Number (Dell service tag), and Asset Tag. Only 1 of 3 primary lookup fields is needed to associate the pre-defined configuration info with the actual system to be deployed. (See Figure 1). The primary lookup fields could be provided from the hardware vendor (for a fee) shortly after placing an order, manually collected from the side of the shipping box, or provided by the customer to the hardware vendor to be burned into each system during factory production such as asset tags, etc. For example, Dell’s Custom Factory Integration (CFI) department offers a per node, fee-based reporting service to customers which can provide detailed inventory of the systems to be received – shortly after the actual order is placed. For example, Dell Service Tags, MAC Addresses, Asset Tags, UUID, etc. For more information, please contact a Dell sales representative.
Figure 1: Portion of IMPORTCOMPUTERS55.XLS spreadsheet showing the primary lookup fields: MAC Address, Serial Number, and Asset Tag. Only 1 of 3 fields is mandatory in DS 6.x.
Once a primary lookup field has been identified and entered into the spreadsheet, the next step is to provide the configuration info of a system such as the hostname, IP address info (up to 8 IP addresses), workgroup/domain names, etc. (See Figure 2). Each field of data represents a token (similar to an NT event variable) that can be plugged into individual tokenized tasks that make up for example, a bare metal to OS deployment job. (See Figures 3 and 4). When the job is executed, the tokens are replaced with actual fields of data from the database thereby allowing the DS job to be used as a 1:many application to all computer models instead of just one particular system. This eliminates the need to hard code static configuration info into the actual job thereby allowing greater flexibility and scalability.
Figure 2: Portion of spreadsheet showing NIC1 IP address fields. It’s possible to provide IP address info for up to (8) different NIC’s associated with a system. Could be used for in-band NIC’s or out-of-band NIC’s such as a DRAC on a Dell server.
Figure 3: Bare metal to OS job provided with the Deployment Solution for Dell Servers 3.2 add-on. Tokenization is built in to the job by default.
Figure 4: Capture of a system config from a Dell PowerEdge R610 Server. Instead of defining static IP address info in the config file and using as a 1:1 application, tokens are used for greater flexibility and scalability.
In addition to providing system config info, you could also provide other fields of data such as network credentials, Administrator contact and locale information, and even specify a pre-defined DS job to be executed when the systems are eventually connected to the network and thereby connected to the Deployment Server. (See Figure 5). After the spreadsheet has been filled out with all the pertinent data, it then needs to be exported to .CSV format. The file is then imported from within the DS console in which the pre-defined computers are now displayed. As long as there is a DS job scheduled against that computer, it will be deployed when it connects to DS and matches 1 of the 3 primary lookup fields.
Figure 5: Portion of spreadsheet showing network credentials, contact, locale, and scheduled DS jobs to be executed. Event start times set in the past are designed to run immediately after the system first connects to DS.
The ability to pre-define computers is very helpful for Administrators in particular that have Jr. Admins working for them. It allows them to pre-define the role and scope of a computer and import into the database before the systems ever arrive at the customer’s site. When the systems eventually arrive, a Jr. Admin could then un-box the systems, rack them, and boot them using PXE or using network boot media to get the systems on the network and connected to DS. When DS matches a primary lookup field (MAC, Service Tag, or Asset Tag) provided in the spreadsheet, it then executes the pre-defined DS job associated with that system. The other config info is then leveraged through the series of tasks that make up the comprehensive DS job and the system is deployed from bare metal, completely hands-free and through automation. This is very beneficial for Administrators because the Jr. Admins never have to touch the DS console, never have to enter the BIOS of each system, and more importantly; never have to manually deploy the system by shuffling CD’s/DVD’s and manually configuring the system. You essentially have a cookie cutter approach to systems deployment across the board while maintaining consistency in the computer builds.
Now that you have an understanding of how computers are pre-defined in DS 6.x, let’s look into how they are imported in DS 7.1. The pre-defined computer import process has significantly changed due in fact to DS 7.1 being built on a web-based platform called the Symantec Management Platform (SMP) vs. a Windows 32-bit console. Here are some of the major differences:
- DS 7.1 still provides a sample file to assist with the importing of pre-defined computers. The file is named PRE-DEFINEDCOMPUTERS.CSV and is in comma delimited format instead of .XLS format. The file can still be imported into Excel for easier input if desired. (See Figure 6).
Figure 6: PRE-DEFINEDCOMPUTERS.CSV file provided with DS 7.1.
2. There are (4) mandatory fields of data instead of just 1 of 3 as compared to DS 6.x. The (4) mandatory fields are:
- MAC Address
- Serial Number
UUID (Universally Unique Identifier)
The UUID is a newly introduced field to Deployment Solution and consists of 32 hex digits. There was speculation as to Dell CFI being able to provide the UUID field of data as part of their reporting services, but we’ve been able to confirm it’s available. *It’s worth noting that the MAC Address entry in DS 7.1 now requires dashes after each set of (2) hex digits. With DS 6.x, dashes are not required and all (12) hex digits can be entered together.
Figure 7: MAC Address entry from DS 7.1 (on left). MAC Address entry from DS 6.x (on right).
3. There are 28 ignored fields of data as compared to the IMPORTCOMPUTERS55.XLS file found in DS 6.x. The removed fields affect such functions as being able to automatically schedule a DS job against a computer, provide network credentials, contact info, locale info, Netware info, etc. The comprehensive list of discarded fields are as follows:
- Computer Name
- Domain Flag
- Domain Controller Name
- Use Preferred Tree Flag
- Preferred Server
- Preferred Tree
- Netware User
- NDS Context
- Run Scripts Flag
- Password Never Expires Flag
- Cannot Change Password Flag
- Must Change Password Flag
- Full Name
- Computer Group
- Event Start Time
Everything else pertaining to the pre-defined import of computers, for the most part, has remained the same. For example, it’s still possible to leverage the fields of data imported from the spreadsheet as tokens in DS 7.1. The token names and the way they are invoked have changed slightly. For example, in DS 6.x, the “Computer Name” token was invoked as %COMPNAME% in such tasks as: Capture Personality, Copy File, Create Image, Prepare Image task, Scripted OS Install, and the Run Script tasks. In DS 7.1, the “Computer Name” token is invoked as a SQL query and looks like the following. (See Figure 8).
Figure 8: Screenshot of pre-defined tokens in DS 7.1. It’s worth noting that you are not limited by the pre-defined tokens listed here. You can create custom tokens from just about any field of data in the Altiris database or third party database.
Just like with the DS 6.x process, after the file/spreadsheet has been filled out with all the pertinent data, it then needs to be exported to .CSV format, if applicable. The file is then imported from within the DS console in which the pre-defined computers are now displayed. Since the ability to pre-define a DS job in the spreadsheet has been removed with DS 7.1, you now have to manually schedule a job or task against the pre-defined computers in order for it to be deployed.
Importing Pre-Defined Computers with the Deployment Solution for Dell Servers 7.1 Add-on
A feature of the DS for Dell 7.1 add-on is the ability to import computers based solely on the Dell service tag without requiring the (4) mandatory fields described earlier. You have the option of importing from an .xml formatted file or by manually entering the Dell service tag as a one-off. It does not however provide a means to pre-define the configuration of the server (hostname, IP info, etc.) provided with the DS core and described earlier in this document. The configuration of the server can still be performed with a combination of options such as dynamically configuring the NIC’s via DHCP, randomly generating hostnames during Windows scripted OS installations, hard coding static configuration info in individual tasks for 1:1 deployments, and even configuring post-OS via the Symantec Management Agent.
Using this feature is a bit of a trade-off from what the DS core offers with respect to being able to pre-define the configuration info of computers. Its sole purpose is to give an Administrator the choice to deploy against a list of authorized Dell Service Tags and to assign a pre-defined DS job against each Dell Service Tag imported.
In the screenshot below (see Figure 9), I’ve configured Dell Server Provisioning to perform a couple of functions:
- Dell service tag# BWHYSJ1 has been imported and configured to run a pre-defined DS job which will perform a bare metal to scripted Windows Server 2008 Enterprise deployment leveraging the built-in Lifecycle Controller as the driver repository.
- For newly discovered Dell servers with Integrated Dell Remote Access Controllers (iDRAC’s), I’ve configured the default behavior to deploy the Dell WinPE PXE image file and sit in that environment waiting for a job or task to be deployed to it. The way this works, without going too technically deep, is the DS for Dell 7.1 add-on provides a web provisioning service. When the iDRAC first boots to the network, it sends a hello packet in which the provisioning service answers, matches the provided credentials, and directs the system to execute the pre-defined DS job as depicted in Figure 9.
Figure 9: Screenshot of Dell Server Provisioning settings thereby giving an Administrator the option to import an .xml formatted file containing pre-defined Dell service tags, import them manually, and configure the behavior in which Dell systems are deployed.
Figure 10: Screenshot of the Jobs and Tasks page from the Symantec Management Console depicting the individual tasks that make up the custom built bare metal to Windows Server 2008 job leveraging the Lifecycle Controller as the driver repository.
The DS for Dell add-on provides an Administrator another choice when pre-defining Dell servers for deployment from bare metal without requiring the DS core mandatory fields. The trade-off however is not being able to pre-define the configuration of the computer. There are many other advantages to using the DS for Dell add-on which are out of scope for this document. If you deploy and manage Dell servers within your environment, it’s in your best interest to download and install this solution. It’s free of charge to existing Deployment Solution customers. For more information and to download the Deployment Solution for Dell Servers add-ons for either Deployment Solution 6.9 SP4 or Deployment Solution 7.1, visit the following websites: http://www.altiris.com/download/dell.aspx and http://dell.symantec.com/delldeploy-tech.
Hopefully this document has educated you on the choices available when pre-defining computers with respect to both versions of Deployment Solution and the DS for Dell add-on. It’s worth noting that any customer that purchases Deployment Solution 7.x is entitled to Deployment Solution 6.9.x licenses as well. This gives the end user even greater flexibility to decide which version is right for their environment.