As a network administrator, one of the most common tasks is the deployment of various software, including system software and application software. In a wide range of network environment, the installation disk for the local installation method to deploy software, not only inefficient, impact work, and may be errors, so in this case the common installation method is to do network installation. However, the current network installation is generally installed using a shared installation disk, there are two main drawbacks to this installation: one is that the client must be networked with the server, otherwise it cannot access the shared resources, such as a new machine without any system, which cannot use the shared resource, or even after the client is connected to a server-side share, There is still the presence of an administrator involved in the installation process, or some installation options cannot be determined and the installation process cannot continue. So the administrator must master some effective methods in order to efficiently complete the day-to-day work of software subordinates.
To address the problem of deployment in a software network, Windows Server 2003 provides RIS and installer two technologies, the Remote Installation service, which provides remote installation of the operating system for clients on the network through Windows Server, The latter is specifically designed to address the need to publish applications in a Windows networking environment. In addition, Windows Server 2003 provides the ability to quickly deploy changes.
Remote Installation Services
Remote Installation Services (RIS) is a network service built into Windows Server 2003 that enables clients to access the server through the Boot Information Negotiation Protocol (BINL) in a domain environment and requests the server to provide the operating system for it, and the server responds to the request with the Simple File Transfer Protocol (TFTP) "The required installation files are passed to the client. At the same time, the RIS server uses "single Instance Storage (SIS)" technology to ensure that when handling a large number of customer installation requests, the system resources are not consumed too much, thus providing a system guarantee for the software deployment within the large network. The following describes the specific process.
1. Configuring the RIS server
As with other Windows services, the installation of the RIS service can be done through the Windows Components Wizard, which requires a system installation CD for Windows Server 2003.
2. Specify the rights of the user
In a security system such as Windows Server 2003, the completion of any work is subject to resource permissions and user rights, so after you install the RIS service, you should also define which users can use this service on the client to install the operating system, that is, you need to specify the rights of the user. There are two main powers: one is the power to add computers to the network, and the other is the power to bulk process the installation tasks. As shown in Figure 1, these two rights are assigned to users in the domain controller's Active directory Users and Computers.
(1) Specify the right to add a computer
First, in the Active Directory users and Computers manager, right-click the domain or organizational unit where you need to install the client, as shown in Figure 2, select Delegate Control (E) in the pop-up menu. Then, in the Delegate Control Wizard, specify the users who authorize the installation of the client and assign them the power to add computers to the domain, as shown in Figure 2, and follow the wizard's prompts to complete the operation.
(2) Specify the power to bulk process installation Tasks
After assigning the user the power to add a computer, return to the Active Directory users and Computers manager and continue to define the power to bulk process installation tasks. Again, as shown in Figure 1, right-click the desired domain or organizational unit, select Properties (R), and select Edit Group Policy in the Properties window of Figure 3.
When you edit Group Policy, the system opens the Group Policy Editor, and in the location shown in Figure 4, double-click Log on as a batch job to specify network users and define policy settings. You can add a user or group (U) ... button, and then follow the prompts to add the user who will be installing the system installation on the client to this policy.
3. Preparing to install the program
Before installing an operating system on a client computer, you must first prepare its system installer for the client on the RIS server so that the client can automatically obtain the required source files from the server at installation time. This work is done by the Risetup.exe Server Configuration Wizard provided by the RIS server, so that the required source files can be copied to the server and sent over the network when the client is installed. When you run the Risetup.exe program, the Remote Installation Services Setup Wizard starts. And then proceed to the next operation.
(1) Setting the client installation location, (2) specifying the response to the client, (3) defining the location of the source file to be replicated, (4) specifying the folder name, (5) Installing the description information.
4. Make a Startup disk
In addition to the hardware conditions of the operating system installed, the only requirement for RIS clients is that their network adapters support the pre-boot execution of PXE technology, which is compatible with the functions of RIS. So the network must choose such a client, there are generally three possible, one is supported by Windows Server 2003 NetPC, and the second is the ordinary PC installed a support for PXE technology network card, and the NIC with a supporting web boot chip, And the version of the chip is at least 1.0; The PC has a PXE technology card installed, but there is no NIC boot chip, or the chipset version is not supported by Windows Server 2003. For the first two scenarios, a client with a Windows Server 2003-supported NIC boot feature can start from the network and automatically request a system installation from the server as long as the RIS server is connected and turned on, and for the third client because it cannot be automatically started from the network, So the administrator must prepare a RIS boot installation floppy disk for them to use at boot time.
The process of making a RIS boot installation floppy disk is provided by the 3Com company, which mimics the boot process of the PXE chip. This program--rbfg.exe is included in the RIS server for Windows Server 2003. Access the shared installation folder Reminst for the RIS server, which can be found in reminst/admin/i386. Run Rbfg.exe and insert a floppy disk to create a boot disk specifically for PXE remote installation.
5. Client Installation
After these preparations, the client will be able to start the installation. The initial boot interface looks like Figure 5, and the PXE system automatically connects to the DHCP server and requests the client's network address. After a successful address request, the RIS server uploads the client installation file to the client via the TFTP protocol and the client enters the Client Setup wizard. After the authorized legitimate user enters the correct username and password to log in to the domain, you can select the desired system for installation. The installation process can typically choose automatic installation mode, which does not require the administrator's involvement to automate the next installation process.
It is also emphasized that the client's network card must support the pre-Boot execution PXE technology, otherwise the initial boot request cannot connect successfully and the installation cannot continue. If you want to see the type of PXE network card, you can check whether your PCI network card is in the supported list by pressing the "adapter list (L)" button during the Rbfg.exe program run.
Installing the client through the RIS technology has a wide range of features that are fast. If, in addition to automatically installing system files for the client, you want to install some applications to the client when you prepare for the RIS server, you will need to install the appropriate operating system and application software on one client computer prior to running the Reminst/admin/i386/riprep.exe program, this file is also a similar Risetup.exe wizard, it will be through the network of the client's system and application software as a mirror, saved to the RIS server Reminst share. Mirroring is the same as the system in the original client, but removes some settings that represent the identity of the original client, such as the security identifier SID, the hardware driver settings, and so on. This way, when other clients install this mirror through RIS, based on the actual situation of the machine to regenerate the SID and the corresponding hardware settings information, the system is not only installed the operating system will also include replicated applications, so that applications and systems installed together, this method for the requirements of the unified desktop Environment network applications is helpful.
rapid deployment of new applications
In addition to having the required application software ready for RIS installation, in most cases, a specific client application is not necessarily determined when the operating system is installed, but rather based on the actual requirements that the user uses, so administrators should also have another way to automate the installation of applications over the network. To solve the problem of rapid deployment of software applications in daily work. Windows Server 2003 is a practical installation tool that is supported by installer.
Windows Installer uses real-time installation technology to push software to the client through a domain environment, enabling automatic installation of applications. Installers that use Windows Installer technology first require packaging into an MSI format to be supported by Windows Installer. Most software installation files for Windows now have this format, and this packaging tool can be found in Microsoft's Server Resource Kit to solve the packaging problems of other software. The installer is to be copied to a network shared folder on the server. The installation steps are described below.
1. Specify Configuration
In Active Directory users and Computers manager, right-click the domain, select Properties (R), and in the Domain Properties window shown in the previous Figure 3, select Edit Group Policy to open the Group Policy Editor. As shown in Figure 6, there are "Software Installation" entries in the Computer Configuration and user configuration that are used to deploy software within the domain. If the software is to be deployed to a computer in a domain, it is defined in the configuration of the computer, and if the software is to be deployed to users in the domain, it is defined in the user's configuration.
2. Specify how to deploy
Right-click Software Installation, select New package, and follow the System wizard prompts to set it up. First, you specify an MSI file that is prepared in a network shared folder on the server by using my "My Network Places". The system then asks how the software is deployed, and Windows installer provides both "Publish" and "assign" deployment methods. The "Publish" mode does not automatically install the software for the customers in the domain, but puts the installation option in the client's "Add or Remove program" for the user to choose the installation when needed; the "assign" method directly installs the software to the Start menu program group of the domain user. "Publish" mode is generally used to provide users with a variety of software tools, by the user on-demand installation or not install, "assigned" mode can be used for the mandatory installation of software, users do not have the right to uninstall the software.
For software that has already been deployed, you can also modify the settings with advanced options. If the administrator wants to cancel the deployment of the program, as long as in the Group Policy Editor to remove the corresponding software has been deployed, you can prevent customers to continue to install the software, or even choose the user has installed the software automatically removed.
3. Client Configuration
After the deployment is complete, the "Assigned" software, the user can find and use it directly in the Start menu when they log in to the domain, and the user will see the "Add New program (N)" option in Add or Remove Programs if you want to install it.
In addition, Windows Server 2003 provides the ability to quickly deploy changes.
There are many reasons why programs need to be changed, such as security upgrades and service packs, upgrades and enhancements, or enterprise-wide version synchronization.
In general, managing updates is a costly and error-ridden job. Upgrading a shared component requires that the existing programs be aborted because their operation depends on the DLL being upgraded. Before. NET appears, there is no way to install multiple versions of the same DLL in one system type. In addition, the Web program cannot be upgraded while it is running, which requires shutting down the service or even restarting the computer when an upgrade is installed.
Windows Server 2003 provides sophisticated change management and deployment features. These simple techniques, such as file copying, can be used to update the entire program or simply update part of the program. While the technology is more complex, it is still very simple to use, such as Windows Installer and applications that can be upgraded automatically to allow users to adjust the change management process as needed.
In the simplest case, if you upgrade a private component on a single computer, you can use FTP or xcopy or any other file management tool to copy the upgrade component to a private directory. Unlike the entire system, which shares the same DLL, private programs (private assemblies), such as net DLLs, can be placed in a local folder where the application resides and are accessed by the application alone. The program list is typically generated when you compile the exe file, and you can tell the runtime to search the folder that contains the EXE file itself. You do not need to register an upgraded private component in a Windows group meter or in the global program cache (Assembly CACHE,GAC). In any case, installing an upgraded private program does not interfere with the operation of other programs.
You can even deploy shared programs to clients or servers without interfering with the executable files that depend on them or multiple versions of the same DLL. The GAC is a centralized repository (EXE and DLL) for the program pieces. Because each program has a clear version of the name, the GAC can contain multiple versions of the same piece of program. You can use Windows Installer to upgrade the programs in the GAC and the entire application.
The. NET framework has a shell cache view (Shell cached views) extension installed in Windows Explorer so that the GAC can be browsed and edited. Windows Server 2003 also includes a command-line tool (Gacutil.exe) that you can use to edit the GAC.
Upgrades can also be done from the client, because Windows Server 2003 architecture allows you to create windows and other applications that are automatically updated. You can have your program automatically download program components from Windows Server 2003 the next time it runs. Alternatively, the program can periodically check the publisher's policy file on the server to see if an updated version of the program is available.
The network administrator applies the above technology, can realize the convenient and quick software management deployment, this method superiority is especially obvious in the node more network. This can guarantee the progress of work, reduce the cost of configuration, do not affect the quality of work, avoid errors, and the entire network of system software and application software can be in the control of administrators, so that administrators efficiently and securely implement the management of Windows Server 2003 network applications.