Windows Deployment Services and DHCP server on Linux + a couple of features
Hi Habro-people!
As a novice administrator, I strive to learn everything new and how to absorb information in a sponge. I also appreciate the order in the company's IT infrastructure, consistency, accessibility and versatility. Trying to achieve the latter (to use the nix-novy DNS - BIND for Active Directory) not so long ago failed, but I do not stop there. I would like to share with you information regarding the role of Windows Deployment Services in Windows Server 2012 and how to configure it to work with a third-party DHCP server on Ubuntu Server.
The entire network in our organization is built on UNIX systems, and for, even a modest, by the standards of IT, car fleet of 50 pcs. still I want to use all the modern benefits and convenience of administration. The question arose: how to deploy Windows to users' PCs over the network when the TFTP server is located separately from DHCP? The task, although simple, made me quickly study the operation and configuration of the DHCP server on Ubuntu. Versatility is important to us. :) Do not raise for the sake of this "screw" DHCP.
All that was required, when describing the network, was to indicate with the next-server command that the TFTP server was on a different host. I will give a fragment of the DHCP config on the example of the network 192.168.1.0/24:
That, in fact, is all. /etc/init.d/isc-dhcp-server restart . We proceed to configure WDS.
One can hardly say anything about the installation of the role. It is simple, does not require a reboot and asks to indicate which components should be installed. We need both components: Deployment Server and Transport Server .
After the role is installed, its console will be available in the Administration list of the Windows Server Control Panel and is called Windows Deployment Services .
Initially, the server needs to be configured. RMB on the server on the left and select "Configure Server". Setting up is not difficult, I’ll only talk about important, in my opinion, points:
If your network uses Active Directory Domain Services, then when configuring the server you can specify whether the server will be isolated or add it to AD. It will be much more important to note later that the DHCP server is in a different place and there is no need to listen to the connections on the ports of our WDS server.
If we limit ourselves to just installing the system, you can select the “Answer all ...” item, because installing Windows will require a login / password pair from the server from which the download is being made. Unauthorized installation of "Windows on the grid" will not work.
I want to draw your attention to the DHCP Protocol tab of the server properties.
Here you just need to remove the birds if you use a third-party DHCP server. And on the “Client” tab, you can specify whether to create new users in the domain.
As you know, Windows images are added to the WDS server in two stages: adding a boot image (boot.wim) and an installation image (install.wim). Here I noticed a small and interesting feature. Our company uses Windows OS, starting with Windows 7, Server 2008R2 and ending with Windows 8.1 and Server 2012. As you know, the contents of boot.wim is what we see when starting the installation of Windows from disk. And if only drivers on the HDD controller are important when installing from a disk, then drivers for a network adapter are also important for network installation. In this articleThe way to implement drivers into the distribution using WAIK is well described. But when I added the boot image from the Windows 8.1 distribution and checked it, I noticed that the base of drivers for network adapters was expanded. But this is not the main feature. :) Using one, the most recent Windows boot image (even if you personally built it using WAIK), you can install any edition of Windows, starting from Windows Vista, ending with Windows Server 2012R2. You do not need to add a bunch of images to download - choose one, universal and modern. You can add only installation images (install.wim), choosing which editions of Windows you need.
You can create image groups in the WDS management console ...
... and as a result, during installation, get a list of all OSs from the Desktop and Servers groups, select the necessary one and install it. Do not forget , for installation you need to enter the login / password of the server administrator.
The contents of the directory where the installation images are stored will look like this:
Despite the banality of what is happening, this will not prevent you from installing any of the Windows you added to the server.
That, in fact, is all that I wanted to share with you. If you want to expand possibilities of WDS, on a habr there is an article "We Add WDS of universality", where there is an even greater fan of this very “universality”, it tells how to force WDS to use GRUB2, and hence the installation of Linux and the resuscitation utility ... In general, everything is necessary so that the modern admin does not carry a flash drive with him.
I am for sharing Windows and Linux. Thanks for attention!
As a novice administrator, I strive to learn everything new and how to absorb information in a sponge. I also appreciate the order in the company's IT infrastructure, consistency, accessibility and versatility. Trying to achieve the latter (to use the nix-novy DNS - BIND for Active Directory) not so long ago failed, but I do not stop there. I would like to share with you information regarding the role of Windows Deployment Services in Windows Server 2012 and how to configure it to work with a third-party DHCP server on Ubuntu Server.
Part 1. Configuring a DHCP server
The entire network in our organization is built on UNIX systems, and for, even a modest, by the standards of IT, car fleet of 50 pcs. still I want to use all the modern benefits and convenience of administration. The question arose: how to deploy Windows to users' PCs over the network when the TFTP server is located separately from DHCP? The task, although simple, made me quickly study the operation and configuration of the DHCP server on Ubuntu. Versatility is important to us. :) Do not raise for the sake of this "screw" DHCP.
All that was required, when describing the network, was to indicate with the next-server command that the TFTP server was on a different host. I will give a fragment of the DHCP config on the example of the network 192.168.1.0/24:
shared-network 2_Users {
subnet 192.168.1.0 netmask 255.255.255.0
{
range 192.168.1.2 192.168.1.254;
default-lease-time 3600;
max-lease-time 7200;
option domain-name "test.jp";
option domain-name-servers 192.168.1.1;
option routers 192.168.1.1;
next-server 192.168.2.2; #Вот как раз строка, которая сообщает клиентам DHCP, что TFTP-сервер с PXE-загрузчиком находится на другом сервере. Он может находиться даже в другой подсети, главное, чтобы был туда маршрут.
option tftp-server-name "addc1.test.jp"; #DNS-имя нашего сервера с ролью WDS. Указываем на всякий случай, лишним не будет.
option bootfile-name "boot\\x86\\wdsnbp.com"; #Указываем, где на нашем сервере лежит файл для сетевой загрузки.
}
That, in fact, is all. /etc/init.d/isc-dhcp-server restart . We proceed to configure WDS.
Part 2. Configuring the Windows Deployment Services role
One can hardly say anything about the installation of the role. It is simple, does not require a reboot and asks to indicate which components should be installed. We need both components: Deployment Server and Transport Server .
After the role is installed, its console will be available in the Administration list of the Windows Server Control Panel and is called Windows Deployment Services .
Initially, the server needs to be configured. RMB on the server on the left and select "Configure Server". Setting up is not difficult, I’ll only talk about important, in my opinion, points:
If your network uses Active Directory Domain Services, then when configuring the server you can specify whether the server will be isolated or add it to AD. It will be much more important to note later that the DHCP server is in a different place and there is no need to listen to the connections on the ports of our WDS server.
- You will need to indicate whether to integrate the server into AD
- Specify where to store installation images
- Select a response policy for clients. Here is a little more detail.
If we limit ourselves to just installing the system, you can select the “Answer all ...” item, because installing Windows will require a login / password pair from the server from which the download is being made. Unauthorized installation of "Windows on the grid" will not work.
- At the end, you will be prompted to add the first image
I want to draw your attention to the DHCP Protocol tab of the server properties.
Here you just need to remove the birds if you use a third-party DHCP server. And on the “Client” tab, you can specify whether to create new users in the domain.
Part 3. Interesting
As you know, Windows images are added to the WDS server in two stages: adding a boot image (boot.wim) and an installation image (install.wim). Here I noticed a small and interesting feature. Our company uses Windows OS, starting with Windows 7, Server 2008R2 and ending with Windows 8.1 and Server 2012. As you know, the contents of boot.wim is what we see when starting the installation of Windows from disk. And if only drivers on the HDD controller are important when installing from a disk, then drivers for a network adapter are also important for network installation. In this articleThe way to implement drivers into the distribution using WAIK is well described. But when I added the boot image from the Windows 8.1 distribution and checked it, I noticed that the base of drivers for network adapters was expanded. But this is not the main feature. :) Using one, the most recent Windows boot image (even if you personally built it using WAIK), you can install any edition of Windows, starting from Windows Vista, ending with Windows Server 2012R2. You do not need to add a bunch of images to download - choose one, universal and modern. You can add only installation images (install.wim), choosing which editions of Windows you need.
You can create image groups in the WDS management console ...
... and as a result, during installation, get a list of all OSs from the Desktop and Servers groups, select the necessary one and install it. Do not forget , for installation you need to enter the login / password of the server administrator.
The contents of the directory where the installation images are stored will look like this:
Despite the banality of what is happening, this will not prevent you from installing any of the Windows you added to the server.
That, in fact, is all that I wanted to share with you. If you want to expand possibilities of WDS, on a habr there is an article "We Add WDS of universality", where there is an even greater fan of this very “universality”, it tells how to force WDS to use GRUB2, and hence the installation of Linux and the resuscitation utility ... In general, everything is necessary so that the modern admin does not carry a flash drive with him.
I am for sharing Windows and Linux. Thanks for attention!