G
Guest
OK,
I've read all the Microsoft online docs, perused the newsgroups, and looked
at several other websites for info on how one builds and mass deploys XPe (in
my situation, the target device is a thin client, and all clients are
configured *exactly* the same). The way I understand it is as follows:
1) Get the Windows XP Embedded Toolkit (which I did). I got the evaluation
version from the MS website. I *tried* to get a non-evaluation version via my
MSDN Universal subscription, but couldn't find it anywhere. A call to the
MSDN help line (and 10 min on hold *after* asking where I could get a
non-eval copy of XPe SP2) resulted in the rep saying the person she asked
thought it was available only as an eval copy, but the guy who would *really*
know didn't come in for another 45 minutes. She said she'd call back in about
an hour. It is now more than 24 hours later, and no return call (sigh).
Further probing by me on the MSDN Library site led me to the Windows Embedded
Developer Center, which revealed that the official process is to get the eval
version, do your evaulation, then "you should engage with a distribution
partner. The distribution partner will assist you in purchasing the full
packaged product (FPP) for either Windows CE or Windows XP Embedded tools."
Seems odd, but OK...
2) Install it on your development machine (XPe SP1, then SP2, blah, blah).
It makes things simpler if the dev machine has XP running on it.
3) Run TAP.EXE on the target device (via WinPE, which is on the 1st CD of
the Toolkit), which creates "Devices.pmq", which is an XML file containing
the configuration. Then (somehow) get this on your development machine.
4) Run Component Designer, which uses Devices.pmq from the previous step to
create a new component in a file called "Devices.sld". Save Devices.sld to
the Component Database.
5) Run Target Designer, using the component saved to the Component DB in the
previous step.
- Add other components (NTFS, etc.)
- Add System Cloning Tool (this is a key step for mass deployment)
- Update the configuration settings (menus, target disk)
- Check dependencies
- Generate the XPe image (in the run-time images build directory)
6) Somehow copy the image from the build directory to the target device
7) Run First Boot Agent (FBA) on the target device, but stop it before it
reboots
8) Run FBRESEAL.EXE on the target (IIRC, using, again, PE)
9) Save the image that now resides on the target device (which is referred
to as the "Master Runtime Image"), to a boot server enabled machine. We
accomplish this by booting WinPE & running the SDI Manager.
10) Deploy the image to other client target devices by using PXE to download
WinPE from the bootserver (to memory, and run it in memory), then use the SDI
Manager to download the XPE image to persitent storage on the target (flash
memory, in my case).
11) Reboot the client. FBA will now finish running (PnP, SID replacement,
computername, etc), and will reboot the system. When it reboots this time, it
will be running XPe, with an unique SID and computername. (Whew!).
I realize that, with thin clients, there will be issues with enabling and
disabling the write filter (EWF) to the flash memory. I'm not saying I
*fully* understand when to enable/disable, just that it has to be done. 8^)
So, why did I go through all this?
First, to see if I have the concepts down right. (Fire away...)
Next, allow me to describe what I'd like to do, and see what alternatives
others think may be possible.
What I'd really like to do:
A) Take a thin client that has a running version of XPe. This could be the
result of:
1) having gone through all of the above, or
2) having done a single "normal" installation without the extra steps
(add cloning, stop FBA, reseal, save, deploy) and just let FBA generate a
running XPe on the target thin client, or
3) using the config that came installed on the box from the factory.
B) Save that image to disk on another machine.
- I figure the 2 options are boot PE into memory and use SDI Manager, or
boot Linux into memory and use dd(1) and curl(1)
C) Reset all the "uniqueness" info (SID, computername, etc.). How? Good
question.
D) Put the resultant "golden" image on a boot server.
E) PXE boot the target client to either PE or Linux (into memory), which
would then lay down the golden image into the flash memory.
F) Reboot, and let FBA fill in the "uniqueness" info.
Problem with this is that FBA won't be on the image (having been removed
after creating the final (runnable) image on the device we are now using as a
source for the image), so I guess I'd have to put it on the image between
steps A) and B). Another problem is that Microsoft says that you can't run
FBA a second time, or you're likely to hose up some things. Has this proved
true in practice? If so, what does it mangle?
So, a second option would be to change step C) to "Put a tool like
Sysinternal's 'newsid' on the image, and do some sort of 'runonce' setup so
that it runs in step F), then goes away". But I've read that "newsid" hoses
up some registry setting for COM. True?
So much for what I'd really like to do. What may be acceptable:
I) Go through the "standard" process I outlined at the beginning of this
message, through step 8).
II) In my case, there may be advantages to using Linux in place of WinPE, so
I'd still do steps 9) through 11), but instead of using PE and the SDI tools,
I'd use Linux and dd(1)/curl(1).
So, other than "Am I nuts/full-of-beans?", I have a few questions (in
addition to the ones imbedded above):
Q1) Does the SDI Manager (either when saving a golden image or laying one
down on a client) do anything more just a straight bit copy of the "disk"
image to a file, or vice versa (like dd(1) under Linux)?
Q2) From a description of the Sytem Cloning Tool, it looks like the
following are the items that are "reset":
Computer SID
Computer Name
Automatic Logon Settings
Domain Participation
Network Settings
User Specific Settings
Mounted Devices (substituted drive letters, etc.)
Is this list complete? Also, since all my devices are identical, and all
the stuff after Computer Name will likely be identical in my case, it seems
like the only stuff that *has* to be changed are SID and computername. Right?
Note: I've also read that Norton Ghost and Altiris do SID/compname reset,
but they're not options for me.
Phew. OK. Fire away...
Regards,
Gerry Green
Win XPe Newbie
I've read all the Microsoft online docs, perused the newsgroups, and looked
at several other websites for info on how one builds and mass deploys XPe (in
my situation, the target device is a thin client, and all clients are
configured *exactly* the same). The way I understand it is as follows:
1) Get the Windows XP Embedded Toolkit (which I did). I got the evaluation
version from the MS website. I *tried* to get a non-evaluation version via my
MSDN Universal subscription, but couldn't find it anywhere. A call to the
MSDN help line (and 10 min on hold *after* asking where I could get a
non-eval copy of XPe SP2) resulted in the rep saying the person she asked
thought it was available only as an eval copy, but the guy who would *really*
know didn't come in for another 45 minutes. She said she'd call back in about
an hour. It is now more than 24 hours later, and no return call (sigh).
Further probing by me on the MSDN Library site led me to the Windows Embedded
Developer Center, which revealed that the official process is to get the eval
version, do your evaulation, then "you should engage with a distribution
partner. The distribution partner will assist you in purchasing the full
packaged product (FPP) for either Windows CE or Windows XP Embedded tools."
Seems odd, but OK...
2) Install it on your development machine (XPe SP1, then SP2, blah, blah).
It makes things simpler if the dev machine has XP running on it.
3) Run TAP.EXE on the target device (via WinPE, which is on the 1st CD of
the Toolkit), which creates "Devices.pmq", which is an XML file containing
the configuration. Then (somehow) get this on your development machine.
4) Run Component Designer, which uses Devices.pmq from the previous step to
create a new component in a file called "Devices.sld". Save Devices.sld to
the Component Database.
5) Run Target Designer, using the component saved to the Component DB in the
previous step.
- Add other components (NTFS, etc.)
- Add System Cloning Tool (this is a key step for mass deployment)
- Update the configuration settings (menus, target disk)
- Check dependencies
- Generate the XPe image (in the run-time images build directory)
6) Somehow copy the image from the build directory to the target device
7) Run First Boot Agent (FBA) on the target device, but stop it before it
reboots
8) Run FBRESEAL.EXE on the target (IIRC, using, again, PE)
9) Save the image that now resides on the target device (which is referred
to as the "Master Runtime Image"), to a boot server enabled machine. We
accomplish this by booting WinPE & running the SDI Manager.
10) Deploy the image to other client target devices by using PXE to download
WinPE from the bootserver (to memory, and run it in memory), then use the SDI
Manager to download the XPE image to persitent storage on the target (flash
memory, in my case).
11) Reboot the client. FBA will now finish running (PnP, SID replacement,
computername, etc), and will reboot the system. When it reboots this time, it
will be running XPe, with an unique SID and computername. (Whew!).
I realize that, with thin clients, there will be issues with enabling and
disabling the write filter (EWF) to the flash memory. I'm not saying I
*fully* understand when to enable/disable, just that it has to be done. 8^)
So, why did I go through all this?
First, to see if I have the concepts down right. (Fire away...)
Next, allow me to describe what I'd like to do, and see what alternatives
others think may be possible.
What I'd really like to do:
A) Take a thin client that has a running version of XPe. This could be the
result of:
1) having gone through all of the above, or
2) having done a single "normal" installation without the extra steps
(add cloning, stop FBA, reseal, save, deploy) and just let FBA generate a
running XPe on the target thin client, or
3) using the config that came installed on the box from the factory.
B) Save that image to disk on another machine.
- I figure the 2 options are boot PE into memory and use SDI Manager, or
boot Linux into memory and use dd(1) and curl(1)
C) Reset all the "uniqueness" info (SID, computername, etc.). How? Good
question.
D) Put the resultant "golden" image on a boot server.
E) PXE boot the target client to either PE or Linux (into memory), which
would then lay down the golden image into the flash memory.
F) Reboot, and let FBA fill in the "uniqueness" info.
Problem with this is that FBA won't be on the image (having been removed
after creating the final (runnable) image on the device we are now using as a
source for the image), so I guess I'd have to put it on the image between
steps A) and B). Another problem is that Microsoft says that you can't run
FBA a second time, or you're likely to hose up some things. Has this proved
true in practice? If so, what does it mangle?
So, a second option would be to change step C) to "Put a tool like
Sysinternal's 'newsid' on the image, and do some sort of 'runonce' setup so
that it runs in step F), then goes away". But I've read that "newsid" hoses
up some registry setting for COM. True?
So much for what I'd really like to do. What may be acceptable:
I) Go through the "standard" process I outlined at the beginning of this
message, through step 8).
II) In my case, there may be advantages to using Linux in place of WinPE, so
I'd still do steps 9) through 11), but instead of using PE and the SDI tools,
I'd use Linux and dd(1)/curl(1).
So, other than "Am I nuts/full-of-beans?", I have a few questions (in
addition to the ones imbedded above):
Q1) Does the SDI Manager (either when saving a golden image or laying one
down on a client) do anything more just a straight bit copy of the "disk"
image to a file, or vice versa (like dd(1) under Linux)?
Q2) From a description of the Sytem Cloning Tool, it looks like the
following are the items that are "reset":
Computer SID
Computer Name
Automatic Logon Settings
Domain Participation
Network Settings
User Specific Settings
Mounted Devices (substituted drive letters, etc.)
Is this list complete? Also, since all my devices are identical, and all
the stuff after Computer Name will likely be identical in my case, it seems
like the only stuff that *has* to be changed are SID and computername. Right?
Note: I've also read that Norton Ghost and Altiris do SID/compname reset,
but they're not options for me.
Phew. OK. Fire away...
Regards,
Gerry Green
Win XPe Newbie