You can remotely install Windows 2000 Professional on clients using a disk image or CD-ROM stored on a server using the Remote Installation Service. Client computers must have network cards that either are supported by the RIS boot disk, have Pre-Boot Execution Environment (PXE) ROMS, or are NetPC compliant.
If the client computer on which you’d like to install Windows 2000 Professional, the only OS currently supported by RIS, doesn’t have PXE ROMS, you’ll have to create an RIS boot disk. You can create the disk by performing the following steps (be sure you have a formatted floppy disk available in the drive of the computer you’re working on):
Choose a computer with a fast connection to the client computers to use as an RIS server. A lot of data must be sent from the server to the clients for the installation of Windows 2000 Professional. The RIS server setup will fail if it does not find a DNS server or the DHCP service running on the network, so be sure to verify this before proceeding.
Once you’re ready to install RIS, use the following steps to complete the install:
Install the RIS service as an optional component. The Configure Your Server screen should indicate setup is not complete.
If you don’t see the Configure Your Server screen, you can get it by choosing Start → Programs → Administrative Tools → Configure Your Server.
You’ll see the Configure Your Server screen. Choose Finish Setup and you’ll see the Add/Remove Programs screen.
Under Configure Remote Installation Services, click on Configure.
You’ll see the Remote Installation Services Setup Wizard screen. Click the Next button.
The RIS Setup Wizard will ask for several configuration settings, such as where the Windows 2000 Professional installation source files are, where you’d like to create the disk image on the server, and whether it should start the client installation process as soon as possible.
RIS is not a highly secure environment, but you can limit your potential exposure by carefully selecting which computers can act as RIS servers. You have to authorize a server before it can perform RIS installations. As a safety feature, if an RIS installation is attempted by an unauthorized computer, that computer will automatically be cut off from the network. You can authorize an RIS server using the following steps:
Choose Start → Programs → Administrative Tools → DHCP.
Choose the DHCP server and choose Action → Manage Authorized Servers.
You’ll see the Manage Authorized Servers screen. Click Authorize.
Type in the name or IP address of the proposed RIS server. Click the OK button and then click Yes.
You’ll see the Manage Authorized Servers screen. Choose the new RIS server and click OK.
You can choose to configure your RIS server to install Windows 2000 without any prompts and using a default naming scheme. There is a custom setup available if you need any special settings on a particular client. If you have any trouble during the install, you can try to restart the installation or, if the problems persist, you can use third-party diagnostic software using the maintenance and troubleshooting option.
The Client Installation Wizard (CIW) will walk you through the steps needed to install, reinstall, or troubleshoot OS installation. The CIW gives you four options:
- Automatic Setup
This option allows users to simply log in and choose the operating system to be installed, then proceed without having to make any more input. Choices can be restricted by the Administrator, and a predefined naming scheme can be used.
- Custom Setup
This setup allows for two main customizations unavailable with an automatic setup. The automatic computer naming scheme can be overridden, and the location in AD where the computer account is created can be changed.
- Maintenance and Troubleshooting
This allows third-party diagnostic tools to be used to examine and potentially fix any problems with the disk image or setup files that will be used.
- Restart a Previous Setup Attempt
This can continue a previous installation where it left off, assuming you have resolved any problems that caused the installation to stop.
We’ve already discussed the need to authorize an RIS server to help ensure the integrity of the files being sent to the client. Keep in mind that it is technically possible to intercept and modify RIS installation data. You can further secure the RIS environment by making sure only authorized clients receive the installation files. The process of authorizing the client is called pre-staging . You can do this using the following steps:
Choose Start → Programs → Administrative Tools → Active Directory Users and Computers.
Right-click on the OU that will be the container for the RIS client. Choose New → Computer.
You’ll see the New Object -- Computer screen. Type in the name of the RIS client computer and click the Change button to authorize the computer’s user to join the domain after RIS has installed the OS. Click the Next button.
You’ll see the Managed screen. Click in the box next to This is a managed computer.
Unfortunately, you have to manually type in the client computer’s GUID. This is a unique 32-digit hexadecimal code either located physically on the computer (usually a sticker), viewable in the BIOS, or both.
If you are using RIS to install client computers, you are probably an administrator for a large, sophisticated network. Managing accounts for hundreds or thousands of users can be a lot of work that can be more efficiently handled by delegating some control to trusted users.
You can allow computer accounts to join a domain in one of two ways, depending on how the account was created. If the account was created in an OU container, you can use Group Policies for authorization. If the account was created in the Computers container, you can use the Delegation of Control Wizard for authorization. You can also authorize both user-created and pre-staged computer account creation to be delegated to a trusted user or group of users.