Enterprise desktop imaging?

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
So, how do you do desktop imaging? I've come up with a number of ways that it could be done, but I've never been in an enterprise that had to deal with it a lot.

  • over the local network
  • locally by an admin with cd/dvd media
  • send the machine to a central management location (via fed-ex or something) to be imaged and returned
  • just switch to thin clients

Each of them seems to have pros and cons, so I figured it might be time to see what everyone else is doing.

A couple of extras in this are how to deal with security and integrity. I'm guessing the integrity gets handled by the software, but authenticating the user as the user is still an issue. Is a simple password (SSN or something) enough for this?

Thanks in advance for any and all help!
 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
over the LAN/WAN and with ghost multicast for large imaging.

For remote people PC group uses ghost to pull all the user settings and data over the WAN, images new machine and ships out.
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: spidey07
over the LAN/WAN and with ghost multicast for large imaging.

For remote people PC group uses ghost to pull all the user settings and data over the WAN, images new machine and ships out.

Thanks for the response.

I was thinking pushing out the images to some of the individual networks (there are a lot of different networks at different locations) would cut down on WAN/VPN bandwidth and would make things faster for the person sitting at his desk waiting for a useful computer. Is this over kill?
 

Diaonic

Senior member
May 3, 2002
305
0
0
I'v been using ghost, it's the most streamlined one to my knowledge. I do have a win2k3 box setup to PXE out a w2k image to a particular lab and that has also been flawless.
 

Genx87

Lifer
Apr 8, 2002
41,091
513
126
We used Ghost.

Made a boot disk and logged into our filer and pulled an image down from that.
We usually did about 3-5 desktops a day.
 

Haden

Senior member
Nov 21, 2001
578
0
0
Not enterprise, but for ~100 PCs network we use custom linux solution, which boots via network, and pushes latest image from ftp server.
WOL+DHCP reconfiguration works if we are not in place.
 

nweaver

Diamond Member
Jan 21, 2001
6,813
1
0
We use Altiris, which I think is a better solution then ghost (used ghost very little, as a disclaimer).

Altrisi supports local servers, and you can get creative with PXE. Also allows some good after the image tools, such as scripts, automation, remote control (not too great, but then you avoid installing VNC on all computers). It works well with large multicasts and unicasts. OK Linux support (ext2/3, not sure if any other Filesystems are supported, it goes to block by block mode for any unreconized FS, and then you have to watch hard drive parameters). I have imaged Redhat, Gentoo, FreeBSD, *BSD, etc.
 

RadiclDreamer

Diamond Member
Aug 8, 2004
8,622
40
91
Ghost, or the now defunct image cast. Thins clients are the easiest thing in the world to manage ( I use them quite a bit where I work) and are highly recommended for places that dont need tons of cpu power (office docs, email, internet etc)

Once you figure in licensing costs for citrix they really arent cheaper, but damn are they easy to manage
 

Wizkid

Platinum Member
Oct 11, 1999
2,728
0
0
We create images at a central location, then each site pulls the images over the WAN. We have a boot CD with WindowsPE which ghosts the drive (from the LAN) and then a custom script configures the machine. It works quite well and is completely automated.

It does not prompt for authentication, but the userid/password used for installation is encrypted and only has read-access to the install files.
 

Woodie

Platinum Member
Mar 27, 2001
2,747
0
0
~150 sites across North America, w/ PVC's back to NOC/ primary data center.

We distribute about 6 images to the DFS mount point in each office. Then a custom boot cd for the IT staff on site to boot the PC, menu pick the image needed and post-image applications. Building workstation takes about 5 minutes for the applications/selection, then ~25 minutes to build (unattended), then some post-build configuration by the IT staff. The last part depends on whether they have to migrate user data from another PC, or if it's a new employee.

Prebuild security is domain id of the builder. Post-build it's the end-user, so their desktop comes up "just right". That last part is still an issue, with the user having to share their password w/ the builder. The user does have the option to tell the builder to bring it to their desk, so the user can supervise the use of their id. (The builder's id is a local admin to the workstations, but some applications really need the user to logon in order to set up correctly, particularly LOB applications and GPO-based applications like Office).
 

beatle

Diamond Member
Apr 2, 2001
5,661
5
81
Ghost. Images are mailed to the various sites and they perform the task of loading it. It's not elegant, but pulling entire images across the network isn't feasible.