Ghost Solution Suite

I have used version 8.0 of Ghost Console (on Server 2003) in a workgroup for a few years and even though I'm no expert, I have managed to work with it to push images to computers in a student lab that are members of the same workgroup.

Now I'm checking out the trial version of GSS 2.5 running Ghost Console version 11.5.1.226.  I'm trying it out on a Server 2008 R2 system that is also an AD domain controller.

After figuring out the proper PreOS option, I was able to pull an image (implementing Sysprep) from a test computer running Windows 7 Pro.  The problem I'm having now is pushing the image back to the same test computer.  I want to be able to have Ghost Console move it from a Workgroup member to a AD domain member.  But I keep getting an error about "unknown username or bad password" when the process is finished.  When I go to the test unit, it is still a workgroup member and Windows has been deactivated indicating I have 3 days to provide a product key.  I'm using a volume licensed copy and the information was entered into Sysprep.  Why is the OS now deactivated?

The odd thing is, that when I go to the AD domain controller, the client computer is shown in the Computers container.  Even though it was not present before.  Another weird thing that happened is the client computer had none of the active accounts from the image.  Is this something that has to do with Sysprep?  I had to boot it into Safe Mode to enable the admin account.  Don't ask me how I was able to boot into safe mode with a disabled account though.

I've scoured the internet for a solution and have yet to find one.  Several posts mention that often the problem has to do with DNS or some security issue but give no more information.  I've given the Ghost account full control of the Computer container in AD.  Based on another post, I looked into some NT4 cryptography thing and enabled that policy.  Neither of which resolved the problem.

It seems to me that this is a common problem among people trying to use Server 2008 R2.  If it can't be resolved, wouldn't Symantec put out some kind of paper indicating that?

Here's a section of the Console Log Report.

Task Name: Restore Image to SPH-MASTER
User: CLASS\sph-admin <--------- This is a legitimate AD user account
Execution Time: 6/12/2014 10:17:09 AM
Number of client machines: 1
Clients finished OK: 1

Task warnings:1

Task process listing
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 Updating PreOS files 6/12/2014 10:17:55 AM Success
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 Create machine account 6/12/2014 10:17:55 AM Success
Details for: Create machine account
SPH-MASTER, LDAP://SPH-LAB1.class.local//DC=class,DC=local
Computers
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 Prepare configuration 6/12/2014 10:18:15 AM Success
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 To Virtual Partition 6/12/2014 10:18:44 AM Success
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 Clone 6/12/2014 10:44:01 AM Success
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 Configuration 6/12/2014 10:44:20 AM Success
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 To target operating system 6/12/2014 10:54:06 AM Success
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 Configuration 6/12/2014 10:54:06 AM WARNING
Details for: Configuration
Failed to join domain class.local: Logon failure: unknown user name or bad password. <----- What username is being referred to here?
SPH-MASTER - sph-admin C8-1F-66-37-A6-B6 Finish 6/12/2014 10:54:06 AM Success

Is anyone able to help out?  I'm upgrading the student lab with new computers and I'dd to have it done within the next couple of weeks.

Thanks for you time.

What you have to bear in mind is that the Ghost development team was disbanded a few years ago and consequently only small patches were released for the version of Ghost that you are working with. There is no one really to write about such issues other than users, so feel free to contribute an article in this forum, assuming you have searched and there isn't one there already.

As for Windows 7, please do not confuse volume licensing with activation. Running sysprep explicitly removes product activation - this is by design (by Microsoft). Assuming you are using a volume MAK key (which is a MULTIPLE ACTIVATION KEY), this permits you to use a single serial number and activate it multiple times. It is the serial number that is entered into Sysprep.ini, and the activation process needs to run again when mini setup runs. If you use a KMS server then rather than being activated, a token is issued to the workstation from a pool maintained on the KMS server.

The error you are getting appears to be when the workstation is trying to join the domain and would suggest that the account being used to join the domain is not valid.

Thansk for the info EdT.  No I was not away the Ghost development team was disbanded.  Kind of seems counter productive since it's such a widely used application.  Or is that no longer the case?

As for Sysprep, I used the old Ghost Corporate 8.0 with Windows XP Pro and never had to reactivate when I used Sysprep.  But I can deal with that later.  There are other issues that are more important.  Like why is it when I push an image to a client, all user accounts are stripped?  The strangest thing occurs.  What I'm left with is a logon prompt without the silhouette.  It's just blank and what appears to the Default Administrator account underneath.  But when I try to use the previously configured password, it fails.  I have to boot into Safe Mode first.  And here's where it really gets weird.  In Safe Mode, the logon image silhouette is present.  Not only that, I can log on with the admin account.  Stranger still,  when I go to Computer Management, it shows that the built-in admin account is disabled.  So how was I  able to logon?  So I enable it again, reset the paswword and reboot.  Then I can logon normally.

I think what I'm trying to do is pretty straightforward.  I don't think it's tricky.  I just want to be able to create an image based on a Master System and push that image out to 25 clients and add them to an Active Directory domain.  Pretty simple.

But it just doesn't seem to be that simple.  With the amount of time I have invested so far, it would almost be faster to have about 5 drives that have been cloned from the Master, use a SATA to USB interface and boot 5 computers from a CD and manually clone them.  Then manually add them to the AD domain.  Then just repeat that 5 more times.

I just thought an updated version of Ghost would speed things up.

Ghost is still being used, but once again, there have been limited updates from the support team in Pune India and no real updates. There is a Ghost 12 that ships with Altiris DS server but again there are limited updates in it.

As to your problems with Windows 7 - it's not really an issue with Ghost, but an issue with the changing security model that Microsoft are implementing with each new operating system release. Win 7 introduced encryption of the serial key making it nigh on impossible to run those little shareware utilities that can retrieve license codes from the registry for windows and office. Also, sysprep does strip out activation of the product and realistically, stripping out user accounts is also a security measure.  If you don't have a copy of the Windows 7 AIK (automated installation kit) - or whatever the current name is, I would recommend downloading it and getting a bit more familiar with the sysprep options and the general build process. Yes, Ghost is intended to simplify build deployment, but it has to work within the parameters of each operating system release, and these do change at regular intervals. For example, Win 7 makes driver libraries easier to manage as the Win 7 build process will iterate through an entire driver library looking for a matching INF, whereas with XP you had to explicitly name each driver directory in a long string.

Incidentally, the AIK includes all the necessary apps to create your own WinPE 5 boot environment, and with that, you also get the imagex utility which is not unlike Ghost as it deploys images. In a small environment it is certainly much quicker to boot WinPE locally off a USB hard disk or flash drive, and run imagex to write your sysprepped image to the local HD.