Ghost Solution Suite

Hi,
Ive just upgraded to Ghost 2.5.1. Im trying to image a computer lab. I have my golden image created. I have the ghost client installed on the lab computers and the bios is set to boot to the nic with pxe. I can image the lab, it works great, but I want to know how to make the computers retain their original names and domain association. I know I can make a configuration template to add the computers to a domain and rename them after imaging, but thats not really what Im looking for.

People keep talking about sysprep on here. I dont know if thats how I would do this. I have no idea how sysprep works.



Any help would be excellent.

Best,
Lou

I don't know how much you know about operating system deployment, but in a domain environment, each machine has a workstation account in the domain, linked to the computer SID (security ID).  When you create a standard image, the purpose of Sysprep is to "strip out" the build information that makes the machine unique, removing the computername, and all domain credentials. Then, when the image is loaded on a machine, and booted for the first time, mini setup runs and asks for some basic information such as the machine name. The purpose of mini setup is to create a machine with a unique identity that can then be joined to the domain and for which a unique workstation account is then created.
When you refer to having created a "golden image" - it cannot be considered as a golden image unless it has been sysprepped, as deploying a single image that has been given a computername and has an existing machine account, will just create a bunch of identical machines that will not be able to maintain a unique workstation account in a domain as their SIDS will all be identical.
So your plan requires you to take one of two paths - you must either run sysprep on your golden image to create a deployable image which can then be tailored during mini setup to create unique machines, or you need to set up the entire lab, giving each computer a unique name and joining it to the domain, and then create a separate image of each machine which can be restored to it at a later date.
Just one final thing. If you choose to create an image of each machine, then you need to make a registry change here:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon\Parameters
Locate the value "DisablePasswordChange" and set it from 0 to 1.
This stops the workstation account changing its internal password on the server, which otherwise gets changed every few days. If you don't do this, the workstation, when reimaged, will no longer have a workstation account that is "in sync" with the server, and so will need to be rejoined to the domain.
Of course, if you image both the server and the workstations at the same time, and then reimage them together at a later date, then this should not be an issue.

You could use a configureation task set to use the default computer information.    The order would be like this. 

You have an image of a machine that is either off the domain or has been syspreped like EdT suggests.  

• You can in the console in the new image create task use a check box with sysprep to be used but this will require some prework and sysprep research. 
• Or you can tell ghost to remove the machine from the domain using a check box on the image create task that removes it from the domain.

Before you send out your images and use ghost to rename back to the domain the information about the clients needs to be refreshed in the database.

• Run a configureation refresh task on the group of computers that are to be imaged.  
• Make sure it is a refresh configureation.   This is just updateing the ghost database on what these computer's names are and what domain they are on. 

Now that you have an image of a machine off the domain you can use a clone task to deploy the image.  

• If you have used sysprep then it can take care of the SID change. 
• If you didn't use sysprep then choose the option on the clone task to use ghost walker to change the SID.

In addition to the clone step in your task  you will need to do a configureation step as well. 

• The configureation task is dependant on the console service account being set up.  
• It is also dependant on the clients that are to be joined back to the domain having been joined by ghost in the first place.
• If you didn't use the ghost console to join your computer in the first place then you will need to remove the computer accounts from the Domain controller manually the first time, and then ghost will rejoin them because it's database thinks they are still on the domain.
• Don't use the domain admin account because ghost will hijack the account that is used for the console service account
• If you computers are in OUs other than the root OU you willneed to provide rights to the console service account to each computer OU starting at the root.  If you don't then they the computers will be joined to the root Computers group.

If you need to deal with driver change from one computer to another then you can set the task to also run deployanywhere to deal with NIC and Mass storrage drivers.

In the configureation task you will select the default computer info since we just want to use what is in the database already.  

• If computers are not on the domain you can change from useing default to setting up each computer to be configured the way you set it in the config task.

After the clone portion is ran then the ghost walker will change the SID and then the configuration task will rename the computer, create a computer account on the domain,  then it will join the computer to the domain using this account. 

Hope this helps.   It takes some practice and trial and error to get it all working but once you have it set up it can be a real time saver. 

Cheers.