Problem with the System Cloning Tool

[Guest]

I’m using the System Cloning Tool to name my machines, now I seal the image,
clone the drives and put the drives in our terminals. However, on a sample of
only 80 images we’ve had about 15 network name clashes. Is there a setting
that I have to have change, or is there a top limit that the machines will
safely clone to?

My concern is that we are toying with the idea of using remote boot systems
that will have in the order of a 1000 units. Will we end up in the situation
where large numbers of our terminals will have name clashes?

Thanks for any information you might have.
Rob

 

[KM]

Rob,

Was the cmiGenerateComputerName advanced property of the "System Cloning Tool" component set to "1" in your Configuration?
Are you sure those 15 terminals were cloned properly? (did you see the FBA blue screen on the first boot after the cloning)?
Do you use EWF and if you do - do you commit after the seal?

--
Regards,
KM, BSquare Corp.

PS. Are you planning on remote booting the 1000 terminals with MS RBS? Please be aware that it only supports unicast TFTP and
wouldn't be a good solution for booting > 10 devices (this certainly depends on network environment, capacity, etc.).

 

[Guest]

The cmiGenerateComputerName is set to 1, there is an ewf, but prior to
cloning it is not enabled (this is done via calls to ewfdll.dll and then the
ewfmgr at a later date). There were no blue screens or anything that looks
wrong. The names are generated, they just seem be generated the same, also
this morning I noticed yet another name clash. How is the name generated? Is
it based on the MAC address, or does it just use the random number generator
in windows? My concern is that if it uses the windows random number
generator, then all the machines will have the same seed and the same entropy
sources, which will never allow a random enough number.

Also, the machine name, how does it work in a remote boot environment, is
there any kind of arbitration, or does the remote boot manager set them as it
sends the image out?

Cheers,
Rob

Rob,

Was the cmiGenerateComputerName advanced property of the "System Cloning Tool" component set to "1" in your Configuration?
Are you sure those 15 terminals were cloned properly? (did you see the FBA blue screen on the first boot after the cloning)?
Do you use EWF and if you do - do you commit after the seal?

--
Regards,
KM, BSquare Corp.

PS. Are you planning on remote booting the 1000 terminals with MS RBS? Please be aware that it only supports unicast TFTP and
wouldn't be a good solution for booting > 10 devices (this certainly depends on network environment, capacity, etc.).

 

[Guest]

Rob,

There were no blue screens or anything that looks
wrong.

If you are doing the cloning procedure properly this is what you should see.
FBA begins, restarts, FBA continues, you should get a message that says
reseal is complete. At this point you should restart the system but power
down before the BIOS gives command to the OS. Add your cloning software, and
now your ready to make clones. When you first turn on your target device
with a cloned image it should look like FBA is starting again "Windows is
Starting" should be displayed.

How is the name generated? Is
it based on the MAC address, or does it just use the random number generator
in windows?

Slobodan helped me understand this part a little better. When you clone the
last part of the cloning phase randomly generates a SID. This is similar to
running FBA on every machine.

Well this is the most i can comment on this I have no solution as to why the
same names would be generated. Hope this helps and is not redundant
information for you.

cal4

The cmiGenerateComputerName is set to 1, there is an ewf, but prior to
cloning it is not enabled (this is done via calls to ewfdll.dll and then the
ewfmgr at a later date). There were no blue screens or anything that looks
wrong. The names are generated, they just seem be generated the same, also
this morning I noticed yet another name clash. How is the name generated? Is
it based on the MAC address, or does it just use the random number generator
in windows? My concern is that if it uses the windows random number
generator, then all the machines will have the same seed and the same entropy
sources, which will never allow a random enough number.

Also, the machine name, how does it work in a remote boot environment, is
there any kind of arbitration, or does the remote boot manager set them as it
sends the image out?

Cheers,
Rob

 

[Guest]

So, what's the process that generates an SID? Also, since i don't really need
machine names in the image, could i just remove the componet that brings in
machine names? If so which componet should i remove to not have machine names?

 

[Slobodan Brcin \(eMVP\)]

Rob,

If you do not need machine names then why do you concern yourself with SID
changes and changing default machine name?

Regards,
Slobodan

 

[KM]

Rob,

During the cloning you should see the FBA blue screen with some information on it regarding the system preparation (progress bar
text).

Even if you happen to have the same MAC address on all machines (very unlikely) and the same seed for generator there is a bunch of
other parameters involving in the generating unique SIDs (time, etc.) and I doubt you are going to get 15 machines with the same
names out of 80 (the probability of the same values would probably be very very less).

--
Regards,
KM, BSquare Corp.

PS. By blue screen I don't mean BSOD screen but just a blue screen with some text on it.

The cmiGenerateComputerName is set to 1, there is an ewf, but prior to
cloning it is not enabled (this is done via calls to ewfdll.dll and then the
ewfmgr at a later date). There were no blue screens or anything that looks
wrong. The names are generated, they just seem be generated the same, also
this morning I noticed yet another name clash. How is the name generated? Is
it based on the MAC address, or does it just use the random number generator
in windows? My concern is that if it uses the windows random number
generator, then all the machines will have the same seed and the same entropy
sources, which will never allow a random enough number.

Also, the machine name, how does it work in a remote boot environment, is
there any kind of arbitration, or does the remote boot manager set them as it
sends the image out?

Cheers,
Rob

 

[KM]

Rob,

There is no way to "remove" computer name functionality from XPe image.
Also, if you somehow use networking on the device the host name (=computer name) must be there.

FBA first generates unique SIDs for user accounts created during the first image installation. Then, if you happen to use System
Cloning Tool, fbreseal will force generating new SIDs and applying them to all appropriate security objects in the system by FBA on
the next boot (this process is called cloning).
During the cloning you should see the FBA blue screen with some information on it regarding the system preparation (progress bar
text).

 

[Guest]

The FBA runs through like a charm, the image's do get a new name and we have
no duplicate MAC addresses (the machines use DHCP, so we'd have IP conflicts
and a bunch of other network problems if this was the case). KM, I know it
sounds unlikely, but we do have name clashes, currently our fix is to rename
the machines manually, which in our current configuration is tolerable, but
in a large scale roll out will become untenable.

If I remove "Client Services for Microsoft Networks" and "File and Printer
Sharing for Microsoft Networks" from my connection properties / image, then
leave the machines with the same network name, what sort of impact would this
have on the network? Would the NetBIOS stuff go through the roof, or would
the network simply die horribly? All I need in terms of connectivity are ftp
and tcp comms.

 

[Slobodan Brcin \(eMVP\)]

Rob,

You can remove all NetBIOS relates stuff like "NetBIOS over TCP/IP" and
services that you said and that depend on NetBIOS components.
tcp/ip core will function without NetBIOS.

I think that there should be even intergated support for network sharing
trough TCP/IP without NetBIOS but I was never able to make it work, I guess
that it require some kind of service on some server machine.

Hopefuly without NetBIOS you will not have any more name conflicts on the
net.

Regards,
Slobodan

 

[KM]

Without NetBIOS there shouldn't be problems with the same host names. I agree.
For testing purposes it may be even easier to just remove netbios.sys from working runtimes to see how it helps.

However, it does not fix the problem that FBA generates the same names for your device. It must be something wrong with the way how
you do the fbreseal. I don't want to speculate on that as I don't know details of the process you've gone through. But it would
still be interesting to know what's going on there.

 

[KM]

Rob,

I am taking back some of my previous statements about how FBA generates computer names.
A quick journey in to FBA just showed me that the algorithm is extremely simple. No use of MAC, and the seed is the same but just
updated with the local time current to the call.
It they happened to use CRT's srand/rand then the generated pseudo-random names are not random at all.

Since all your target are the same it might have happened that you turned them on the same time and get the same seed for some (15)
of them.
This is all just a guess of mine, of course.

But I'd recommend you to come up with your own good algorithm for generating computer names and use APIs like SetComputerNameEx.

 

[Guest]

I was coming to a similar conclusion myself, it turns out that winternals
have a freeware tool for generating random sid's.
(http://www.sysinternals.com/ntw2k/source/newsid.shtml), so my question now
becomes, what's the point in sealing the image, it seems to me that it
generates poor random names, sometimes breaks iis and means i can't easily
edit the master image. Or is there something else that happens that i've
missed?

Thanks for you insight.
Rob

Rob,

I am taking back some of my previous statements about how FBA generates computer names.
A quick journey in to FBA just showed me that the algorithm is extremely simple. No use of MAC, and the seed is the same but just
updated with the local time current to the call.
It they happened to use CRT's srand/rand then the generated pseudo-random names are not random at all.

Since all your target are the same it might have happened that you turned them on the same time and get the same seed for some (15)
of them.
This is all just a guess of mine, of course.

But I'd recommend you to come up with your own good algorithm for generating computer names and use APIs like SetComputerNameEx.

 

[Larry Waibel]

I'd like for my cloned systems to take on names that begin with some fixed prefix and then
have an incrementing number on the end. I don't see how I could automated that. My
systems are headless and keyboard-less. How can I change the computer name from a remote
network connected location?

From: "KM" <konstmor@nospam_yahoo.com>
Subject: Re: Problem with the System Cloning Tool
Date: Thu, 21 Apr 2005 14:13:05 -0700
Newsgroups: microsoft.public.windowsxp.embedded

Rob,

I am taking back some of my previous statements about how FBA generates computer names.
A quick journey in to FBA just showed me that the algorithm is extremely simple. No use

of MAC, and the seed is the same but just

updated with the local time current to the call.
It they happened to use CRT's srand/rand then the generated pseudo-random names are not random at all.

Since all your target are the same it might have happened that you turned them on the

same time and get the same seed for some (15)

of them.
This is all just a guess of mine, of course.

But I'd recommend you to come up with your own good algorithm for generating computer

names and use APIs like SetComputerNameEx.

--
Regards,
KM, BSquare Corp.

PS. There are even some obvious bugs in the FBA gen name algorithm implementation but

this is irrelevant to your problem.

 

[Guest]

Could you write a run once app, something that could contact a network
service which arbitrate’s network names, something in a vain of a DHCP
server, or you could do it on the basis of IP address? So you plug the
terminal into a network, get its IP address and set the name of the machine
on the basis of its IP, that way you could rely on the DHCP server
infrastructure to keep names unique. I don't think that there’s an off the
shelf way that you could do it, but writing your own shouldn't prove to be
that difficult.

HTH,
Rob

I'd like for my cloned systems to take on names that begin with some fixed prefix and then
have an incrementing number on the end. I don't see how I could automated that. My
systems are headless and keyboard-less. How can I change the computer name from a remote
network connected location?

From: "KM" <konstmor@nospam_yahoo.com>
Subject: Re: Problem with the System Cloning Tool
Date: Thu, 21 Apr 2005 14:13:05 -0700
Newsgroups: microsoft.public.windowsxp.embedded

Rob,

I am taking back some of my previous statements about how FBA generates computer names.
A quick journey in to FBA just showed me that the algorithm is extremely simple. No use

of MAC, and the seed is the same but just

updated with the local time current to the call.
It they happened to use CRT's srand/rand then the generated pseudo-random names are not random at all.

Since all your target are the same it might have happened that you turned them on the

same time and get the same seed for some (15)

of them.
This is all just a guess of mine, of course.

But I'd recommend you to come up with your own good algorithm for generating computer

names and use APIs like SetComputerNameEx.

--
Regards,
KM, BSquare Corp.

PS. There are even some obvious bugs in the FBA gen name algorithm implementation but

this is irrelevant to your problem.

 

[KM]

And just to add to that.. If you happened to get an IP for a device and NetBT works, then you can try to resolve the "<fixed prefix>
NN" netbios names on the network and the first unresolved one would show you the current number top. This will give a simple
incrementing procedure.
Adding proper error handling considering possible network problem would also help.

--
Regards,
KM, BSquare Corp.

Could you write a run once app, something that could contact a network
service which arbitrate's network names, something in a vain of a DHCP
server, or you could do it on the basis of IP address? So you plug the
terminal into a network, get its IP address and set the name of the machine
on the basis of its IP, that way you could rely on the DHCP server
infrastructure to keep names unique. I don't think that there's an off the
shelf way that you could do it, but writing your own shouldn't prove to be
that difficult.

HTH,
Rob

 

[Larry Waibel]

I was hoping for just a command line program that would change the computer name on a
remote computer?

From: "KM" <konstmor@nospam_yahoo.com>
Subject: Re: Problem with the System Cloning Tool
Date: Fri, 22 Apr 2005 10:56:55 -0700
Newsgroups: microsoft.public.windowsxp.embedded

And just to add to that.. If you happened to get an IP for a device and NetBT works,

NN" netbios names on the network and the first unresolved one would show you the current

number top. This will give a simple

 

[KM]

Larry,

How are you going to identify the client machine on the network remotely?

You could connect to the machine by its IP address. But if you use DHCP you will have to either guess on the IP or use the server
logs if accessible.
Or you can have a static IP built-in but then don't turn on all the targets the same time on the same network.

Alternatively, you can have a common name for all machines (again, don't turn them all on once) or uniquely generated during FBA
(you may or may not end up seeing the bug Rob reported). Then you connect to a machine resolving the name and change the
name/reboot.

Another way of changing the network computer name manually would be connecting to the target over serial.

But again, if you have a programming skills, I'd rather suggest you to write a tool to automate the process. This is all pretty
straight forward to implement with a script language and a server write access share.

 

[Larry Waibel]

You said "Then you connect to a machine resolving the name and change the name/reboot."
That's kind of what I was looking for. How do I do that? I can use 'newsid' if I connect
a keyboard and monitor but it doesn't look like I can do that remotely.

From: "KM" <konstmor@nospam_yahoo.com>
Subject: Re: Problem with the System Cloning Tool
Date: Mon, 25 Apr 2005 14:37:45 -0700
Newsgroups: microsoft.public.windowsxp.embedded

Larry,

How are you going to identify the client machine on the network remotely?

You could connect to the machine by its IP address. But if you use DHCP you will have to

either guess on the IP or use the server

logs if accessible.
Or you can have a static IP built-in but then don't turn on all the targets the same time on the same network.

Alternatively, you can have a common name for all machines (again, don't turn them all

on once) or uniquely generated during FBA

(you may or may not end up seeing the bug Rob reported). Then you connect to a machine

resolving the name and change the

name/reboot.

Another way of changing the network computer name manually would be connecting to the target over serial.

But again, if you have a programming skills, I'd rather suggest you to write a tool to

automate the process. This is all pretty

 

[KM]

Larry,

Sorry, I lost the point.
I had thought you problem was how to have a unique name specified per device and be able to connect to it and change the name as
you'd want it to be.
But seems like I was wrong and you were asking about the remote tool that would allow you to connect to a headless terminal. Is it
right?

RDP, Telnet, Computer Manager, etc.?
Many remote tools are out there that will be helpful to you as long as you are able to connect to the computer remotely over NetBT.

If I am wrong in my assumptions, please describe your problem and system/deployment setup and procedure.