Ghost Solution Suite

 View Only
Back to discussions
Expand all | Collapse all

Ghost Enterprise 8.0 Sysprep or GhostWalker

  • 1.  Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 01, 2007 01:11 PM
    I have read through a few related forum topics and searched the internet to death and all I think I am doing is making my situation worse.   In about a month we will be adding a domain controller and using active directory at my work.  We use Ghost (Enterprise 8.0) to deploy images.  I understand it is VERY important that we make sure the SID is unique on the machine after the image is deployed.   Some people say to use Ghostwalker and others say to use Sysprep because Ghost Walker has issues on version 8.0.   Seeing as I have never tried either I need a little more info than what I am getting from the tech docs I have been reading.
     
    All of our computers will be running Windows XP Pro and in the past we just made a bunch of images for each machine type and I have no problem doing that, I just need to know a little more details what I should do before I upload the image.   Looking through the Ghost Console I see they have some options relating to sysprep that can be run on an Image Create task.  If so do I do it that way or do I do it manually.    Or should I just create the image like I have in the past and perform ghostwalker after a machine has been cloned?   Also once a machine has been cloned what (if anything) do I need to make sure of so I do not get duplicate entries on the domain controller.   If anyone has any pointers or links to better articles because the stuff in Symantec help and Microsoft just ended up confusing me more you can email me direct here.  Or just post the information in the forum as maybe other people are confused too.   I am sure I am just making it harder than it needs to be.
     
    PS.  I apologize that is an older version of Ghost but they will not allow me to upgrade due to cost. :smileysad:  Maybe next year or in the fall if there are extra funds.
     
    Sincerely
    Bob Wilkerson


  • 2.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 01, 2007 01:54 PM
    I have over 1600 PC's that use a SINGLE image that has never had sysprep run on it and 4 different hardware types to boot.  I do not use ghostwalk or any other sid generator either.  The only real purpose resetting the local SID serves is if you use local accounts (other than admin of course).  Domain level accounts will always have a different SID.  Local accounts on the other hand when generated will have similar SID even if the name is different.  So PC A has Joe User A as the first set SID and PC B has Joe User B as the first SID set, the SID's could be the same and  then Joe User A could connect to PC B with his credentials but appear to be Joe User B to PC B.  Hopefully that is not too confusing.  I don't rely on the ghost method of joining the domain because it is unreliable when your talking about the scale I am.  We run scripts after the machine is imaged that remove the entry from the domain completely then use NetDOM to rejoin the domain and put the entry in the proper OU.
     
    Bottom line, if you are backing up each machine to itself, the best bet is to just unjoin the domain.  Then when you clone the machine back, rejoin.  Netdom Can do both those functions, so can GSS.  Netdom runs in to issues if the account already exists.  Netdom Can resync accounts but again for reliability purposes we just remove the machine from the AD then rejoin.

    Message Edited by David.Poprik on 05-01-200710:55 AM



  • 3.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 01, 2007 03:09 PM
    Well the company that is helping us through the Migration from Novell to Microsoft and Groupwise to Exchange seem to think it is very important each machine has a unique SID otherwise some services like WSUS will not operate properly.


  • 4.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 01, 2007 03:32 PM
    They are welcome to their opinion, but we use WSUS without difficulty on those machines.
     
    To be hones the only things we have to do that are special involve SMS and norton antivirus.  We use the Enterprise version of NAV the clients have a GUID. We have to remove a reg entry so it creates a new ID or else we see one client in the enterprise console because they all have the same GUID. 
     
    With SMS we reassign the prior GUID from the SMS database for a given machine name so that we have history etc... on that machine name and its properly assigned in SMS.


  • 5.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 01, 2007 04:58 PM
    Forgive me, I am not trying to be arguementative, however I am still being told that the SID change must happen to avoid problems with our Active Directory.   So has anyone used Ghostwalker with success and if so is there anything I need to do to an image before I upload it to the ghost server?


  • 6.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 01, 2007 10:53 PM
    Pretty much it's just a case of ticking the Ghost Walker tickbox in the console and it should just run and change the SIDs. You can use Sysprep if you prefer, but it's a lot slower. There is also the "newsid" utility from SysInternals which you can configure to run as part of the tasks, so there are plenty of solutions for this and all of them should work just as well.

    Since 8.0 there have been a few bugfixes to a couple of odd issues that would happen in Walker (it caused the system to create new copies of the user profile directory), and if you ran a single large task (a few hundred machines at a time) with Walker there was a slight weakness in the random-number generation which meant that it was possible for two instances of Walker to pick the same SID. I'd be happy to send you the GSS2 version of Walker to avoid running into these.


  • 7.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 01, 2007 11:44 PM
    yeah, if the GSS2 version of Ghost walker can be integrated into my current set up you can email it to me here.  Just tell me how to install it on my ghost server.   I am going to try and add a machine to the domain as we have the domain controller set up now so I can do some testing of ghost walker.  I greatly appreciate any advice anyone can give as I know I am not using Ghost to its fullest potential and I would like to.


  • 8.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 02, 2007 09:12 AM
    Bob, if you just wanted it for testing I am sure you can just DL the trial of GSS 2 and copy over the ghostwalk.exe after you install it on some random test box.
     
    I don't think you are being argumentative, I just think you are being given info that may be unecessary.  I am not in your shop, and don't have all the facts.  All I can say is 1600 PC's don't run ghostwalk, join a domain and work perfectly with WSUS and other things.


  • 9.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 02, 2007 01:06 PM
    While I agree that changing the SID isn't all that Microsoft has hyped it up to be there is a big picture problem with all machines having the same SID. Any future issue you encounter with the machines which could possibly be tied to a lack of unique SID will immediately be dismissed by Microsoft (or 3rd party vendor) because the machines aren't configured to recommended standard.

    It is easy enough to set a unique SID with several tools (as mentioned) so it should be done if at all possible.


  • 10.  RE: Ghost Enterprise 8.0 Sysprep or GhostWalker

    Posted May 02, 2007 02:56 PM
    If you don't tell them then they don't know and you can get passed the blow off factor easy enough ;)
     
    To be honest having the number of machines we do I have rarely had a problem getting support.  It seems if you tell the sales that you wont by your next 500 machines or site license to their software they tend to motivate support really quickly.  I have actually had Dell Gold tech support call me to offer their assistance on a problem after regular support screwed around for a week then said "I don't know, sorry we can't help you".