Planning

This topic contains basic information on how to prepare and what to consider when setting up the DSM 7 environment.

Selecting the Database System

DSM OS Deployment uses the same infrastructure based on DSM. For this reason no additional database systems are required.

OSD Proxy, DSMDB and depot on different servers?

The OSD Proxy, the DSMDB and the depot can be installed on different computers. However, as the OSD Proxy may have to perform a client synchronization with the DSM Database or receive package installation files directly from the depot, it is possible that delays could occur in response behavior.

Disk images

The use of disk images to back up computers and install operating systems merely requires a server on which a share is created so that the disk images can be stored there. 

User Accounts for OSD

File Server and DSM Server Access

The user accounts you need for OSD are managed in the background because OSD is completely integrated in the DSM environment.

Exception: If you are planning to install operating systems automatically via imaging, please create a share where the image files are stored. We recommend using a directory below the DSM share, for example. Also, please make sure that the user who will access the share has the required permissions.

Domain Controller Access

Adding new clients to the domain

If you want to add new clients (computer accounts) to the domain, you need an account with the following specific right: Add Computer to Domain.

Create an account with this right.

All domain users (authenticated users) in the Active Directory have the permission to add computers to the domain. By default, this right is limited to ten computers. This limitation does not apply to members of the group Account Operators and Users who have been explicitly assigned the permission to add or remove computers.

Reinstalling existing clients

If a user wants to recreate the computer account, the Add Computer to Domain right is not sufficient if the computer already exists in the domain and had been added to the domain by another user. Reason: The computer account has to be deleted first and only the following users have the permission to delete a computer account...

•the user who created the computer account because he is the owner of the account

•administrators

Possible solutions:

•Assign administrative privileges to the account in the domain or

•Delete the computer account manually in the Windows Server Manager (please make sure to log in with the required permissions).

•Use the same user to add the computer to the domain and for installations and reinstallations.

New local user since Windows Vista

During the installation of the operating system, a user account with local administrator rights is created on the computers. The user is called administrator. By default, the DSM environment specifies test as password. It can be changed during assignment.

Since Windows Vista, the administrator account is locked. For this reason, the system creates another local user with the required local administrator rights in the OS configuration templates called admin. By default, its password is test. It can be changed during assignment.

The passwords are stored as installation parameters of the OS configuration package; you should change them before going into productive operation.

To do so, you can

•customize the OS Configuration Package,

•specify the properties of the policy the system creates when the package is assigned to the installation target or

•change the policy instance the system creates at the same time.

Your decision depends on whether the changed passwords

• apply to all operating system assignments in the DSM environment (revision),

• apply to all installation targets in an organization container (policy property) or

• apply to individual installation targets (policy instance).

Infrastructure For Imaging

OSD Components For Imaging

You can run Drive Snapshot in a Windows PE or a Linux boot environment. The Linux boot environment is more compact than Windows PE (20 MB instead of approx. 130 MB). In Windows PE there are more DSM functions available.

DSM OS Deployment (OSD) provides the following packages for imaging with Windows PE as boot environment:

•Drive Snapshot Capture (with WinPE) (Pre OS Actions folder)

•Drive Snapshot Restore (with WinPE) (Pre OS Actions folder)

•Drive Snapshot Live Capture (eScripts folder)

•Automated Windows Client Installation for imaging (with WinPE) (Pre OS Actions folder)

•Prepare imaging Windows 7 - Windows Server 2008 R2 (eScripts folder) For preparing the reference computer

OSD provides the following packages for imaging with Linux as boot environment:

•Drive Snapshot Restore (with Linux) (Pre OS Actions folder)

•Automated Windows Client Installation for imaging (with Linux) (Pre OS Actions folder)

•Automated Linux Client Installation for imaging (with Linux) (Pre OS Actions folder)

You cannot create a disk image in a Linux boot environment; you can only roll out an existing disk image. You cannot apply the multicast method either. However, you can create a disk image of a Linux operating system from a Windows PE boot environment.

OSD provides the following OS Configuration Templates for distributing the disk image:

•Image Windows Server 2008 R2

•Image Windows Server 2003 (R2) Domain

•Image Windows 7 Domain

•Image Windows XP Pro Domain

•Image Generic Red Hat Linux

•Image Generic SuSE Linux

OSD installs the new service OSD Multicast Service for multicasting disk images.

Network Share For The Disk Image

Please define a separate network share for storing the disk image. Note that a disk image is always stored on a network share, never locally on a computer.

Please make sure to create the network share first. The system does not create the network share!

During the installation of the OSD Proxy, the system queries the standard network share and then stores it in the configuration table section OSD Proxy Settings.

When you assign the capture package to a reference computer later on, you can specify another network share. The changes are stored in the policy and are only valid for this assignment.

Supported Operating System Platforms

In DSM 7, OSD uses Drive Snapshot as imaging solution.

With Drive Snapshot you can create and roll out disk images of the following Microsoft Windows operating systems:

•Windows Server 2012/2012 R2

•Windows Server 2008/2008 R2

•Windows Server 2003

•Windows 10

•Windows 8/8.1

•Windows 7

•Windows Vista

•Windows XP

•Support for the Windows file systems FAT16, FAT32 and NTFS

With Drive Snapshot you can create and roll out disk images of the following Linux operating systems:

•Linux file systems EXT2/EXT3/EXT4/Reiser

Installing And Configuring Imaging

Installing And Licensing

The imaging support is installed when you install OSD. You must have a valid license key for the DSM 7 Imaging Option to use Drive Snapshot. However, if you are using another Imaging software you may use respective images without separate license.

Configuring Imaging

In the OSD Proxy Settings section of the configuration database (ICDB) you can change the following imaging settings in the context of a Management Point:

General

•Gateway

•DNS Server

•DHCP IP Range Address range for DHCP PXE (Start/End)

•DHCP IP Subnet

Settings For The Disk Image (Mass Data)

•Disk image: Network share - Location on the network for disk images

•Disk image: Account for network share - User account for accessing the specified network share

•Disk image: Password - Password of the specified user

Multicasting

•Number of Computers Needed for a Multicast Session (Imaging) - The OSD Proxy waits before multicasting the required disk images until there are a sufficient number of computers for the session.

•Timeout after reaching the Number of Computers Needed for a Multicast Session - Additional waiting time between reaching the minimum number of computers and starting to send the images.

•Timeout before the Multicast Session starts no matter if the computer count has been reached Waiting time until starting to send the images even if the minimum number has not been reached

•First used multicast address

•Last used multicast address

•First used multicast port - Ports needed if multicast addresses run out

Each multicast session of the OSD Multicast Service has its own UDP port that is assigned dynamically by Windows. This means that all UDP ports can be considered for multicasting and must therefore be shared. If you are using an external firewall, please set up a new rule: Computers from the intranet can communicate with the computer where the OSD Multicast Service has been installed. Last used multicast port

•Server port the client connects to - The OSD Multicast Service uses this port to wait for client queries

•Maximum packet size (bytes)(Byte) - By default, the system only sends packages with a size of 1472 bytes

•Maximum transmission rate of multicast packets per network interface (packets per sec.)

•By default, the system sends 3000 packages per second

•Maximum Burst Size (number of packets) - If it was not possible to send packages for a certain time, the system send a maximum of 15 packages at once (default) as soon as the network connection is set up again.

•'Time to live' of multicast packets (hops) - Number of the network hops the multicast packages are allowed to take before they are rejected. The system allows a default of 32 hops.