Windows Desktop Automated Installations

Date June 24, 2009

Over the past couple of weeks, I've had the idea in the back of my mind to build an infrastructure for automated Windows installs, for my users' machines. I've been doing some research (including on ServerFault), and have created a list of software that seems to attempt to fill that niche.

First up is Norton Ghost. From what I can tell, it seems to be the standard image-creating software around. It's been around forever, and according to a slightly skeptical view, seems to be the equivalent of Linux's 'dd' command. It's a piece of commercial software that seems primarily Windows based, but according to the Wiki page supports ext2 and ext3. It does have advanced features, but it looks like you need one license per machine cloned (Experts-Exchange link: scroll to the bottom), and I'm not into spending that sort of money.

Speaking of not spending that sort of money, Acronis True Image has some amazing features. Larger enterprises should probably look into it if they aren't already using it. Just click the link and check the feature set. Nice!

Available for free (sort of) is Microsoft Deployment Services, courtesy of Windows 2008 Server. It's the redesigned version of Remote Installation Services in Server 2003. Word on the street is that it's going to be the recommended way to install Windows 7, winner of the "Most likely to be the next OS on my network when XP is finally unsupported" award. The downside is that I don't currently have any 2008 servers, nor do I plan on upgrading my AD infrastructure. I suppose I could use Remote Installation Services, but eventually I know that I'll upgrade, and then I'll be left learning the new paradigm anyway.

So lets examine some free opensource offerings.

It seems like the most commonly recommended software has been Clonezilla so far. Based on the Diskless Remote Boot in Linux (DRBL), along with half a dozen other free softwares, it seems to support most filesystems capable of being mounted under Linux (including LVM2-hosted filesystems). It comes in two major releases. Clonezilla Live, able to be booted from a CD/DVD/USB drive, and Clonezilla Server Edition, a dedicated image server. If I were going to implement it, I think I'd keep one of each around. They both sound pretty handy for different tasks.

Next up is FOG, the Free Opensource Ghost clone. I haven't come across a ton of documentation for it, but it sounds intriguing. Listening to Clonezilla -vs- FOG peaked my interest, and this is on my list to try. Feel free to drop feedback if you've used it.

Ghost4Linux exists. That's about all I've found. If you know anything about it, and it's good, let me know.

What I've been considering most heavily, Unattended seems very flexible and extensible. It seems to primarily consist of perl scripts, and instead of dealing with images, it automates installs. This has several advantages, mostly that instead of maintaining one image per each model of machine, I can save space by pointing an install to specific drivers necessary for an install, and keep one "base" set of packages.

As soon as I have time, I'm going to start implementing some of these, and I'll write more about them. If you have any experience with this stuff, I'd love to hear from you.

  • Anonymous

    Deployment services (it was Windows Deployment Services (WDS) - did they change that?) can be installed on 2003, so dont discount that. We've used it to deploy XP and Vista.

    I seem to remember mumblings of it being bundled into the Windows Automated Installation Kit (WAIK). Worth a google at least :)

  • md

    I'm a big fan of Unattended. We chose it over cloning at a university department where I previously worked. We picked Unattended because of the configuration diversity of our installations. But it will require you to have mature automated software deployment practices in place. We found Active Directory and packaging together to not be enough for some annoyances and ended up relying on AutoIt, which is also a great tool. Additionally, we found it advantageous to control our maintenance of both Unattended configs and code using subversion as well as certain release management practices.

    However, I don't think Unattended is right for every scenario. If you're managing a large number of hosts but a small number of configs, I think cloning is probably the way to go. It also has a lower barrier to entry, which helps if you are extremely time-starved or anticipate personnel with less experience taking over those responsibilities.

  • Steve.Lippert

    Matt,
    I use the Clonezilla Live CD to image my machines with an USB hard drive holding my images. The majority of my older machines are all the same make / model and are used in exactly the same way, so I really only have two or three different images for 50+ desktops.

    All of the PCs I purchase now are the same make and model and again I am able to use one base image for them.

    Since all of my users have nothing personal on their PC except maybe a background, I simply re-image machines if they have a software problem or virus. Fifteen minutes later they have a brand new PC.

    Keep us updated with what you find out, as I am still interested in finding a better way. Most of my machines are 4-5+ years old, and while they work now things have been dying quickly around here.

  • augmentedfourth

    I've used Ghost a lot in a past job... don't know about licensing specifics, but we didn't seem to be tracking individual images, so there must be some sort of enterprise license available. It's very easy, especially with network booting, but if you've got a lot of disparate hardware it'll be less helpful. We had different images for particular Dell models, so the clones would have the correct drivers and such loaded by default.

    In addition, I've used the unattended install method Windows provides to good effect. That's the standalone unattended install, not the remote installation services. The downside here is that you'll still need to install software on the machine when the installation is finished (unless you've got GPOs set up for that sort of thing).

    I've never used FOG, but there was an interview with the project leaders on FLOSS Weekly that's definitely worth a listen... sounds like it could be a great solution.

  • Anonymous

    Our company only purchases Dell Computers, so we use Dell ImageDirect to make Images that are Hardware Independant among their main lines (Optiplex, Latitude, Precision).

    We then use FOG to host the images, and boot over PXE to the FOG server to download the Images. FOG takes a little bit to get setup, but it's not that bad. We have been very impresssed with FOG thusfar.

    In the end, it's quite the best FREE end to end solution we know of.

  • the_angry_angel

    Contrary to the above Anonymous poster, I kind of felt a bit empty when I used FOG, but I could never pin down why.

    I've previously used Ghost and I fear that I'd been heavily comparing the two - probably in a most unfair fashion.

    Much like md, I'm a fan of manually setting off an unattended installation for desktops (although I'm yet to try the unattended.sf.net project), mostly because of the varying hardware we have deployed at our various customers. In this situation cloning just doesn't make sense and the cost vs benefit for a full RIS setup for the smaller customers I support at work (outsourced IT) just doesn't pay off.

    However, as always I'd love to see and hear where you end up going :)

  • Anonymous

    can consider going straight into VDI... unless you have laptops to worry about...

  • chankster

    Matt! Discard those. Look into Microsoft Deployment Toolkit, MDT 2008.1.

    Lots of tips and tricks at deployvista and no, its not all vista. XP and onwards.

  • prae

    I used to use GHOST because on my previous job it was already in place, but apart from the price that you pay and the licensing to be able to deploy software, I do not like to spend time trying to find the right network drivers for it to work over the network.

    To solve the dislike, I used Clonezilla witch is really handy as you can run it from a Live CD as well as through the network, but I am actually using FOG and I am really happy with it, as in 5min you can have the image deployed. However I have groups of computers of the same model, and as @the_angry_angel said if you are going to have different hardware on each laptop/desktop, normal imaging wouldn't be a proper solution.

    Then to deploy software, I basically create some scripts to do it for me and if needed, they'll check the computers to uninstall the previous versions for maintenance.

  • Roland

    You should definitely look into the Microsoft Deployment Toolkit. It lets you install do unattended installs of Windows clients starting from XP and gives you the option of taking an image (in WIM format, IIRC) for faster deployment in the future. It lets you deploy clients from PXE, USB, CD/ISO's.

    You wouldn't need Server 2008 unless you want to pair it up with Windows Deployment Services (PXE/multicast/etc). I also managed to get it working with a linux-based tftp and dhcp server.

  • GregoryO

    We've used Unattended for about four years, very happy with it. There's always more to automate, but I've got most of it covered these days.

    Windows XP clients (laptops, brand name desktops and white boxes), and a Linux Samba fileserver at the back end.

  • John M.

    I just completed a deployment of 200+ PC's with Symantec's replacement to Ghost, Altiris. It did a good job with the four different models or PC, and two models of laptops.

    I am not sure of the cost. I work for a global corp, and they have had the Altiris installation for a few years.

    If you are looking for an imaging and software installation application, that works with Active Directory, and you have a lot of PC's that you are working with, take a look at Altiris.

  • Sam Powers

    We're a school district, so most of our machines are donations. This means we have at least a dozen different kinds of computer, and we're expected to make use of all of them in a network of about 1500-2000 computers in 10 schools.

    Our process goes something like this:
    * Driver Magician (slurp up all the drivers from the vendor default installs, to cut down on time spent hunting drivers)
    * Unattended (to build up new images using the drivers from driver magician. also good for one-off deployments like getting xp onto newer laptops that ship with vista)
    * FOG (To register labs and classroom computers and blow out images. Works great once you set up groups)

  • Saint Aardvark

    One more vote for unattended. This was at my last job, where I had a small number of workstations to (re)install XP on. The hardware was fairly heterogeneous -- say three separate purchases of identical workstations -- which meant tracking down drivers for newer Intel chipsets for the ethernet could be a bit painful. That, combined with wpkg, made things very nice.

  • Terry

    FOG - all the way.