Windows Tips &amp Tricks UPDATE, April 19, 2004, —brought to you by the Windows &amp .NET Magazine Network and the Windows 2000 FAQ site
http://www.windows2000faq.com


This Issue Sponsored By

Ecora Software

http://www.ecora.com/ecora/jump/pm37.asp

Windows Scripting Solutions

http://www.winscriptingsolutions.com/rd.cfm?code=fsep264xup

Sponsor: Ecora Software

Rely on our great reports to make your patch management headaches go away! Start automating your backlog of security patches today! Network Computing magazine has just named our previous version as the "Editor's Choice" tool for Patch Management. Our newest version is loaded with even more high-performance benefits, such as 500% faster scanning and analysis loading, cross-platform support, enhanced user interfaces, policy-compliance features, and our great admin and management reports. Go directly to our free trial page and see for yourself, first-hand, what our automated patch solution is all about. Special Bonus: The first 100 people to trial Patch Manager 3.1 from the link below will receive a FREE T-Shirt. Try us now-
http://www.ecora.com/ecora/jump/pm37.asp

FAQs

  • Q. How can I capture an Automated Deployment Services (ADS) image?
  • Q. How can I deploy an Automated Deployment Services (ADS) image on a target server?
  • Q. How can I create my own Automated Deployment Services (ADS) task files?
  • Q. How can I check or change the media access control (MAC) address for a Microsoft Virtual PC 2004 instance?
  • Q. When will Microsoft Virtual PC 2004 support a Preboot Execution Environment (PXE) boot?
  • Q. I'm having a problem demoting a domain controller (DC). How can I demote it?

Commentary
by John Savill, FAQ Editor, jsavill@winnetmag.com

This week, I tell you how to capture an Automated Deployment Services (ADS) image, deploy an ADS image on a target server, and create your own ADS task files. I also explain how to check or change the media access control (MAC) address for a Microsoft Virtual PC 2004 instance, tell you when Virtual PC will support a PXE boot, and provide a workaround for demoting a domain controller (DC) when Dcpromo fails.


Sponsor: Windows Scripting Solutions

Try a Sample Issue of Windows Scripting Solutions

Windows Scripting Solutions is the monthly newsletter from Windows & .NET Magazine that shows you how to automate time-consuming, administrative tasks by using our simple downloadable code and scripting techniques. Sign up for a sample issue right now, and find out how you can save both time and money. Click here!
http://www.winscriptingsolutions.com/rd.cfm?code=fsep264xup

FAQs

Q. How can I capture an Automated Deployment Services (ADS) image?

A. Before you can capture an ADS image (i.e., an image of a server OS), you must first perform the following steps on the installation you want to capture:

  1. Install the ADS Administration Agent from the ADS installation point (i.e., the server that has a copy of the ADS Management Agent).
  2. Create a Sysprep folder in the C drive's root directory by typing  mkdir c:\sysprep
  3. Copy Sysprep.exe and Setupcl.exe from the Windows Server 2003 CD-ROM deployment tools to C:\sysprep.
  4. Copy the relevant .inf file from C:\program files\microsoft ads\samples\sysprep on the ADS server to C:\sysprep on the computer to be imaged; rename the file sysprep.inf.

To capture the image of the computer, perform the following steps:

  1. Click Start, Programs, Microsoft ADS, ADS Management to start the Microsoft Management Console (MMC) ADS snap-in.
  2. In the Automated Deployment Services (&ltcomputer name&gt) directory tree in the left pane of the snap-in, click the Devices object.
  3. In the right pane, right-click the device (i.e., server) that you want to capture, click "Run job," then click Next.
  4. Select "Create a one-time job" and click Next.
  5. Enter an optional description and click Next.
  6. For the command type, select "Task sequence" and click Next.
  7. At Task Sequence File, click Browse.
  8. Navigate to c:\program files\microsoft ads\samples\sequences and select capture-image.xml (or capture-image-w2k.xml if you want to capture a Windows 2000 Server system). Click Next. You should create your own task sequence files based on the task sequence files that ADS supplies because you'll want to change the names of items in the files such as "imagename." (If you don't change the name "imagename," the captured image will be called "imagename.")
  9. Click Finish to start the image capture.

You can check the capture status by selecting the ADS snap-in's Running jobs object. Double-clicking the job name provides more detailed information about the job. The server being captured will boot from the network (make sure its first boot device is set to network Preboot Execution Environment--PXE). After the capture is finished, the source system displays the Deployment Agent screen until you manually restart the computer or send it additional commands. The figure at Figure shows the Deployment Agent screen. If you check your ADS image storage location, you should now see a new image file.

Q. How can I deploy an Automated Deployment Services (ADS) image on a target server?

A. To deploy a precaptured image on a target server, you first use the Microsoft Management Console (MMC) ADS snap-in to create a new device for the target server's media access control (MAC) address, then assign the target server a job to deploy the image. The ADS Help files explain the process of deploying an ADS image; however, I used the following process successfully:

  1. Click Start, Programs, Microsoft ADS, ADS Management to start the ADS snap-in.
  2. In the Automated Deployment Services (&ltcomputer name&gt) branch in the left pane of the snap-in, click the Devices object.
  3. In the right pane, right-click the device (i.e., server) that you want to target and click Properties.
  4. Click the User Variables tab and click Add.
  5. Enter values for the local administrator password, domain, domain password, domain administrator, machine name, and product key. (You must click Add after entering each value; thus, you'll have to repeat the Add step six times to enter all six values.) The figure at Figure shows the User Variables tab in which you enter the values.
  6. Select the check box that encrypts the passwords (the check box is displayed when you click Add) and click OK.
  7. Right-click the server that you want to target, click "Run job," then click Next.
  8. Select "Use an existing job template" and click Next. You'll see a screen like the one at Figure.
  9. Select "boot-to-da" and click Next.
  10. Click Finish.
  11. The target server should now be configured to boot from Preboot Execution Environment (PXE) and started. The target server will boot to the Deployment Agent and await further instructions from the ADS server.
  12. Right-click the server that you want to target, click "Run job," then click Next.
  13. Select "Create a one-time job" and click Next.
  14. Enter an optional description and click Next.
  15. For the command type, select "Task sequence" and click Next.
  16. Navigate to C:\program files\microsoft ads\samples\sequences and select a deployment file that's based on the ADS-supplied file da-deploy-image-domain.xml (or da-deploy-image-wg.xml if you're deploying an image in a workgroup instead of a domain). Click Next. (You should create your own template based on the appropriate ADS-supplied file and use your template instead of the ADS file because you'll need to modify items such as "imagename.")
  17. Click Finish to start deploying the image on the target server.

After the image is deployed, Sysprep.exe runs with the parameters you previously configured and the certificate copied over and reboots the server to the restored image. You'll notice items such as "networking installed" and "domains joined" (if you've set them) on the startup screen of the deployed OS. The administrator doesn't need to intervene at any point while Sysprep.exe is running.

Q. How can I create my own Automated Deployment Services (ADS) task files?

A. Creating an ADS task file is easy. In fact, on several occasions I just took one of the ADS-supplied files and removed steps from it. For example, when testing an image deployment, I originally omitted some of the variables required to set the target, which caused the third step of the sequence (which was based on da-deploy-image-domain.xml) to fail (i.e., the sysprep.exe part). I then copied the file I'd created to a new filename, opened the new file, and simply deleted the first two steps, as the figure at Figure shows. Then I submitted the revised sequence by using the process described in "How can I deploy an Automated Deployment Services (ADS) image on a target server?" to partition the disk and deploy the image (because these steps worked) and started from the sysprep.exe process, which worked this time.

Q. How can I check or change the media access control (MAC) address for a Microsoft Virtual PC 2004 instance?

A. Virtual PC creates a new MAC address each time you create a new Virtual PC instance (the software stores the instance in the .vmc file). To check which MAC address Virtual PC is currently configured to use for a specific instance, open the .vmc file in a text editor and look for the ethernet_card_address entry:

&ltethernet_card_address type="bytes"&gt0003FF4D4F50<br>&lt/ethernet_card_address&gt

To change the MAC address, simply edit the ethernet_card_address value when the Virtual PC instance isn't running and save the edited .vmc file.

Q. When will Microsoft Virtual PC 2004 support a Preboot Execution Environment (PXE) boot?

A. Microsoft has stated that it will add PXE support in the version after Virtual PC 2004.

Q. I'm having a problem demoting a domain controller (DC). How can I demote it?

A. If you run Dcpromo on an existing DC to demote it and Dcpromo fails because of a problem with your network, name resolution, authentication, or replication, you should resolve the problem and then restart Dcpromo. If you try to resolve the problem and Dcpromo still fails, you can still demote the DC by running Dcpromo with the /forceremoval switch, which tells Dcpromo to ignore errors. The /forceremoval switch is a last resort that you should use only when absolutely necessary. If you use the /forceremoval switch, make sure you perform the following tasks after the DC is demoted:

  • Use the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in to remove the computer account from the domain.
  • Verify that DNS records, including A, CNAME, and SRV records, have been removed. If the records still exist, use the MMC DNS snap-in to remove them.
  • Verify that File Replication Service (FRS) member objects (FRS and DFS) have been removed; if they still exist, use the DNS snap-in to remove them.
  • If the demoted DC is a member of any security groups, remove it from those groups.
  • Remove any DFS references to the demoted server (i.e., links or root replicas).
  • If the server held any Flexible Single-Master Operation (FSMO) roles, make sure that another DC explicitly takes these roles.

Announcements
(from Windows &amp .NET Magazine and its partners)

  • Complimentary eBook--"The Expert's Guide for Exchange 2003: Preparing for, Moving to, and Supporting Exchange Server 2003"

  • This eBook will educate Exchange administrators and systems managers about how to best approach the migration and overall management of an Exchange 2003 environment. The book will concentrate on core issues such as configuration management, accounting, and monitoring performance with an eye toward migration, consolidation, security, and management.
    http://www.WindowsITlibrary.com/ebooks/exchangeserver2003/index.cfm

  • Events Central--a Comprehensive Resource for the Latest Events in Your Field

  • Looking for one place to find the latest Web seminars, roadshows, and conferences? Events Central has every topic you're looking for. Stay current on the latest developments in your field. Visit Events Central and find answers now!
    http://www.winnetmag.com/events

    Events Central
    (A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events )

  • New--The Exchange Server Seminar Series

  • Simplify your life with Windows Server 2003 and Exchange Server 2003. Learn the advantages of migrating to an integrated communications environment, consolidating and simplifying implementation of technology, and accelerating worker productivity. Coming to your city soon. Register now for this free event!
    http://www.winnetmag.com/roadshows/exchange2003

    Sponsored Links

  • Argent

  • Comparison Paper: The Argent Guardian Easily Beats Out MOM
    http://ad.doubleclick.net/clk;6480843;8214395;q?http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNTTextLink

  • Javelina Software

  • Award-Winning Tools for Active Directory Management. Free Trial!
    http://ad.doubleclick.net/clk;7833443;8214395;p?http://www.javelinasoftware.com/winnetmag5.html

  • Microsoft Security

  • Knowledge Improves Security. Visit www.securitywhitepaper.com.
    http://ad.doubleclick.net/clk;7836244;8214395;r?http://ad.doubleclick.net/clk;7812558;9026172;o?http://www.securitywhitepaper.com

    Contact Us
    Here's how to reach us with your comments and questions:

    Contact Our Sponsor
    Primary Sponsor:

    Ecora -- http://www.ecora.com -- 1-877-92-ECORA

    This weekly email newsletter is brought to you by Windows &amp .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
    http://www.winnetmag.com/sub.cfm?code=wswi201x1z

    Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
    http://www.winnetmag.net/email