Should FBAReseal.exe be run on final customer network?

  • Thread starter Thread starter Steve Schilz
  • Start date Start date
S

Steve Schilz

Hello,

I have been reading about the cloning/reseal process. It occurs to me that
if the purpose of doing an FBAReseal is to generate a unique SID for a
machine on a network, then it must be run at the final customer installation
site. it seems as if I clone devices, reseal them, and ship them off to a
customer, then there is a **Very** small chance that we end up with a
duplicate SID when the machine is attached to an existing customer network.

Steve Schilz.
stevesATeyeDASHimagingDOTcom
 
Steve,

The good purpose of the System Cloning Tool (it can change a set of device parameters including SID, machine name, etc.) it to
create one image that you can clone to many devices and still have some device characteristic unique.

So you can:
- create a master image (FBA, any manual setup you need)
- reseal the master image
- copy the master image to all the devices you have (you can do that at a factory mode)
- deploy the devices

Then whenever the devices are going to be started first time the cloning phase happens (once) and unique SIDs are generated on each
device.

(one little exception from above would be with image that includes EWF, read more about it in NG archive).
 
I use also the cloning tool, but the target is a Compact Flash. But I want
to run the FBA and initial run on a test machine. Then after some manual
settings I transfer the CF to the original target machine. But then I have
some PnP hardware from the test machine included. Is there a good way to
clean this image ? Maybe with sysprep (have not used this tool before) ? I
don't have the device manager in my image, so I can't use this to remove
ghost adapters.

KM said:
Steve,

The good purpose of the System Cloning Tool (it can change a set of device
Click to expand...
parameters including SID, machine name, etc.) it to
create one image that you can clone to many devices and still have some device characteristic unique.

So you can:
- create a master image (FBA, any manual setup you need)
- reseal the master image
- copy the master image to all the devices you have (you can do that at a factory mode)
- deploy the devices

Then whenever the devices are going to be started first time the cloning
Click to expand...
phase happens (once) and unique SIDs are generated on each
device.

(one little exception from above would be with image that includes EWF,
Click to expand...
read more about it in NG archive).
 
Johannes,

The best practice would be running FBA on the "test" machine that has the same hardware that the target device has.

It won't probably hurt if PnP recognized some hardware that is not going to be presented on the final device.
You can, however, clean up things with devcon.exe console tool (http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q311272) or
just manually through registry (not reccomended).

I don't think it is a good idea to deal with sysprep on XPe image at all.
 
thanks, devcon was a very good hint.
And you are right, it is not a big deal with some ghost devices. The issue
that I had was with some network adapters. I use a script for static
IP-addresses that was published here also. This script enumerates all
adapters incl. the ghosts, so I do not get the desired name for the NIC. But
maybe I can modify the script to enumerate only present adapters.

KM said:
Johannes,

The best practice would be running FBA on the "test" machine that has the
Click to expand...
same hardware that the target device has.
It won't probably hurt if PnP recognized some hardware that is not going
Click to expand...
to be presented on the final device.
You can, however, clean up things with devcon.exe console tool
Click to expand...
(http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q311272) or
 
Thanks KM,
So the answer is 'final cloning phase' is something different than 'running
FBAReseal', and yes, it must be run at the customer site...

Forgive me if I am obtuse, but I guess what I am worrying about is that this
says to me that after the final image is copied to the device it MUST NOT
be turned on AT ALL! untill it is in place at the customer site, and also
connected to the network. (Which seems highly impractical.) I can envision
making them click on an Icon to force the final settings to occur on next
reboot, which is clunky, but probably necessary....

Steve Schilz.
steves AT eye-maging DOT com


KM said:
Steve,

The good purpose of the System Cloning Tool (it can change a set of device
Click to expand...
parameters including SID, machine name, etc.) it to
create one image that you can clone to many devices and still have some device characteristic unique.

So you can:
- create a master image (FBA, any manual setup you need)
- reseal the master image
- copy the master image to all the devices you have (you can do that at a factory mode)
- deploy the devices

Then whenever the devices are going to be started first time the cloning
Click to expand...
phase happens (once) and unique SIDs are generated on each
device.

(one little exception from above would be with image that includes EWF,
Click to expand...
read more about it in NG archive).
 
Steve,

I don't see any problem if you turn on the device at the cloning phase before it is in the field.
As soon as the device and software is not broken (who knows what can happen if a "bad" guy turns on the device :-) ), it can go to
the field with already generated SID and etc.

This may all not be true if you highly customized the cloning phase (e.e.g, you use your own SID generator that has dependencies on
the network structure the device in on at the moment). But you have not mentioned anything about that.
 
Back
Top