Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Ghost Solution Suite and Windows licensing

Created: 04 Feb 2014 | 9 comments

Hello,

My company intends to deploy DELL laptop computers which are purchased with Windows 7 Pro installed. Each laptop has its own Windows license.

Typically, a ghost image will be applied to 50 laptops; These laptops are leased, and will be returned. After their return, they will be ghosted with another client-specific image, and then re-deployed.

 

My question is simple: as each laptop already has its own Windows license, is it sufficient to sysprep each system and activate it with its own Windows key, each time it is re-ghosted ? These machines come back every three months or so.

 

Looking forward to your informed answers !

Marc

Operating Systems:

Comments 9 CommentsJump to latest comment

Terry BU's picture

Do you have a KMS server?  this would be the best way to do this.  just let the laptops contact that server and authenticate against it.

or does each "client-specific image" also go to a totally different company then the previous user?

EdT's picture

Yes, if you create a single image for your laptops without Windows License information included in the sysprep.ini, you will be prompted for the serial number when mini setup runs during the first boot post imaging.

I am assuming your machines arrive with a standard vendor licensed edition of Windows 7 Pro, so you will need to use the vendor's windows source disks to create your Ghost image if creating it from scratch as vendor specific editions of windows are given OEM license keys that will not work with retail editions of Windows.

Most manufacturers provide you with the ability to create recovery DVDs when the machines are first commissioned. Perhaps this would be a simpler route to generate the starting image for future rebuilds.

You need to bear in mind that rebuilding a machine after three months will require an additional time overhead to install the various windows and application updates that have been released since the original ghost image was created.

If your issue has been solved, please use the "Mark as Solution" link on the most relevant thread.

miacubin's picture

Thank you for your answers; At this stage, perhaps I need to add some information;

Our core image has a set of protections implemented, such as special group policy, customized LUA, and it is stripped of anything that could "distract" users (games, Internet browsing is filtered...). As for Windows updates, validation of the apps we install requires that we freeze the feature. Insofar as these systems do not interact with the outside world (or very little), this is a calculated... risk.

This core image is simply modified with the moment's requirements (other apps) and then deployed. We've been using GSS for some time, very efficiently, but (imagined?) Windows licensing concerns have momentarily pushed us towards SCCM... which I find cumbersome and slow, compared to GSS. In fact we have lost our capacity to respond quickly to new requests - Which is why I'd like to go back to GSS, in the most legitimate and efficient manner possible.

 

EdT's picture

Windows licensing gets more elaborate with each version but frankly it has nothing to do with the deployment mechanism. Windows 7 activation locks itself to a specific machine by noting things like the bios serial number and the MAC address plus amount of memory, etc.  Running sysprep strips out any activation but the sysprep.ini can then be programmed with a serial number if you have a volume license MAK key, or just left blank in the licensing parameters if you want to enter it manually.

SCCM has always been a slow cumbersome and inefficient tool and I'm not convinced anything has changed in recent releases, so I can understand your reluctance to use it instead of Ghost. Looking back at your original question, I'm pretty sure you can just do what you are proposing as I've seen nothing in your postings so far that would present a problem.

If your issue has been solved, please use the "Mark as Solution" link on the most relevant thread.

miacubin's picture

Thank you both for your answers... I'm getting there.

I toyed with sysprep a bit, just succeeded in "breaking" my nice master image (it diced my administrator, screwed up my layout, and a few other niceties). I have no doubt it all hinges on using a good answer file... but for the moment, we are pressed for time.

I've found an interesting method which I think allows me to stay legitimate AND preserve my work, I'd like to have your feedback:

My master image was made from DELL E5530 laptop, windows is activated

I replicate/clone another E5530

On it, from an admin command prompt, I run slmgr.vbs -ipk [product key] - where the product key belongs to the clone (the key is labeled on the underside of each machine). The tool informs me all's well, and indeed, properties shows that Windows has been activated...

To be safe, I run slmgr.vbs -ato and it responds "product activated successfully."

 

Am I within Microsoft Windows licensing boundaries, by using this method ? Or should I expect problems down the road ?

 

 

 

 

EdT's picture

I can't think of any reason why this solution should get you into trouble, but then I cannot speak for Microsoft's licensing department who most likely have a very anal approach to these matters.

One thing that might be able to help automate this is to check whether the DELL bios on your systems has an asset tagging capability, and whether or not you could write the product key into the asset tag register on each system.  You could thereafter use WMI code to read the product key and run slmgr.vbs to enter the code and activate automagically.

I've done something similar with Lenovo machines but for the machine name/asset tag  rather than the windows license key.

If you want to got his route and can verify that the asset tag option will hold the serial number I can find the WMI code which reads the machine information.

If your issue has been solved, please use the "Mark as Solution" link on the most relevant thread.

Terry BU's picture

the switches for slmgr are listed here:

http://technet.microsoft.com/en-us/library/dn50254...

i would imagine this could get annoying if every machine needed its own product key that you had to always run against it.

 

As for SCCM, we use that to push software, and it works great for that.  GSS is nice for OS deploy since it starts the task so quickly

miacubin's picture

Again, thank you both, really :)

EdT, yes, I believe the DELL computers have that feature... At least I know I can read their serials from WMIC ("getserial" I think).

To respond to Terry: If we can get GSS back on track, we'll probably end up using a mix of SCCM to push updates/apps and the likes + GSS to deploy. 

Terry BU's picture

I will just say that we are evaluating SCCM for OS deployment now too since we are receiving hardware that does not have VISTA drivers.  I wrote some articles on how to fake this so you can keep doing your thing, but i dont want to be constantly messing with those files.

It also doesnt help that eventually that may not work either