[anyweb]

You can use Windows Deployment Services to link physical computers to computer account objects in Active Directory Domain Servers (AD DS). This is called prestaging the client. Prestaged clients are also called known computers.

If you have set WDS to only respond to known computers then you'll need to prestage the computers otherwise the PXE boot will fail.



To prestage a computer for WDS deployment you'll need to know the mac address or GUID of it, you can get that info in a variety of ways, the easiest (for one computer) is to simply press the PAUSE button on your client pc when it is PXE booting to the server, you'll see both the MAC address and GUID listed.



If you want to use scripts to get these values then download the following from Microsoft (Sample_RIS_Scripts.zip), this bunch of scripts can collect GUIDs and more...

ok, now that we have the GUID lets start Active Directory Users and Computers, click on Computers and right click, choose New, Computer.



give the computer a name



click next and make sure to select This is a managed computer

Input the GUID or MAC address with no -

eg: if the GUID reported in the bios pxe boot screen is

Quote

C2EB3E06-82DB-F741-A5F0-8312855E7753

then remove the dashes so it reads

Quote

C2EB3E0682DBF741A5F08312855E7753

the Next button below will remain Greyed out (inactive) until you input the GUID (or mac address) correctly




select your Remote Installation server (the WDS server....)



click next and review the summary, click finish and you have now prestaged your computer in Active Directory.



at this point you can PXE boot the client and WDS will treat it as a 'known' computer and you can deploy as per normal.

more info about prestaging with WDS from Microsoft here >

Quote

Creating Computer Account Objects in AD DS

You can use Windows Deployment Services to link physical computers to computer account objects in Active Directory Domain Servers (AD DS). This is called prestaging the client. Prestaged clients are also called known computers. This allows you to then configure properties on the computer account to control the installation for the client. For example, you can configure the network boot program and the unattend file that the client should receive, as well as the server from which the client should download the network boot program. You can create a computer account object and associate it with a physical computer using the following methods:

* Using WDSUTIL. You can prestage client computers before they have attempted a network boot, by running WDSUTIL /Add-Device /Device:<name> /ID:<ID>. You cannot prestage computers by using the Windows Deployment Services MMC snap-in, but you can set the Auto-Add policy and approve or reject pending computers.
* Using the Active Directory Users and Computers snap-in. You can prestage client computers before they have attempted a network boot using AD DS. For instructions, see the section "To prestage a client computer" in How to Manage Client Computers.
* Enabling the Auto-Add policy. If you enable this policy, when you approve the installation for an unknown client, the installation will proceed and a computer account will be created in AD DS for the client. For more information, see Enabling the Auto-Add Policy
* Using Windows Deployment Services as part of the image installation. By default, all operating system installations using Windows Deployment Services result in a client computer that is joined to a domain. You can disable this functionality using the Client tab of the server’s properties

[winkbuul]

What if:


click next and make sure to select This is a managed computer


is missing when adding a computer acount?

[Tobie]

You should not add a computer account, you should create a new one. I'm possible to choose that option when I creating new computer objects.

[winkbuul]

[sorry, do mean create
But when i right click the computers container, choose new/computer object than no next is available. I am using w2008 dc's; maybe thats the problem .

Attached image(s)

• 

[winkbuul]

i did read a post somewhere else about adding w2003 adminpak.msi, but doing that ... i dont think its wise installing on a w2008

[Tobie]

DC -> Windows Server 2008 = No problem

Uninstall adminpak2003 and install the Active Directory console instead.
Post a note if don't now how to do install AD Console when you have been able to uninstall adminpak2003

[winkbuul]

Tobie, on Feb 13 2009, 03:10 PM, said:

DC -> Windows Server 2008 = No problem

Uninstall adminpak2003 and install the Active Directory console instead.
Post a note if don't now how to do install AD Console when you have been able to uninstall adminpak2003

what ad console do you mean??? i do know that ad has some new features instead of the admin pak...although i still need to figure out what their purposes are

[anyweb]

i've checked two windows 2008 servers one which doesnt have WDS installed, one with it installed. the one with it installed shows me the option to manage

i'm not sure if this is the way forward with this but if you can test it by installing wds then i'd like to know

cheers
anyweb

[winkbuul]

anyweb, on Feb 13 2009, 10:07 PM, said:

i've checked two windows 2008 servers one which doesnt have WDS installed, one with it installed. the one with it installed shows me the option to manage

i'm not sure if this is the way forward with this but if you can test it by installing wds then i'd like to know

cheers
anyweb

i am using a member server for wds. And you?? Are ye using a mem or a dc??

[anyweb]

this is a DC

i've checked and some w2k8 servers (both DCs) have this ability and some don't, i havnt figured out what needs to be installed to make the change, i thought it was the WDS service but it seems not....

time to investigate

[winkbuul]

anyweb, on Feb 14 2009, 07:22 PM, said:

this is a DC

i've checked and some w2k8 servers (both DCs) have this ability and some don't, i havnt figured out what needs to be installed to make the change, i thought it was the WDS service but it seems not....

time to investigate

oef, indeed. time to investigate. think i need to get me a new pc cause with w2008 i need to build a new virtual environment otherwise investigation isnt nice because of the waiting times

[anyweb]

here's what microsoft say on the subject

http://technet.micro...y/cc770832.aspx


Prestaging Client Computers

Creating Computer Account Objects in AD DS

You can use Windows Deployment Services to link physical computers to computer account objects in Active Directory Domain Servers (AD DS). This is called prestaging the client. Prestaged clients are also called known computers. This allows you to then configure properties on the computer account to control the installation for the client. For example, you can configure the network boot program and the unattend file that the client should receive, as well as the server from which the client should download the network boot program. You can create a computer account object and associate it with a physical computer using the following methods:

* Using WDSUTIL. You can prestage client computers before they have attempted a network boot, by running WDSUTIL /Add-Device /Device:<name> /ID:<ID>. You cannot prestage computers by using the Windows Deployment Services MMC snap-in, but you can set the Auto-Add policy and approve or reject pending computers.
* Using the Active Directory Users and Computers snap-in. You can prestage client computers before they have attempted a network boot using AD DS. For instructions, see the section "To prestage a client computer" in How to Manage Client Computers.
* Enabling the Auto-Add policy. If you enable this policy, when you approve the installation for an unknown client, the installation will proceed and a computer account will be created in AD DS for the client. For more information, see Enabling the Auto-Add Policy
* Using Windows Deployment Services as part of the image installation. By default, all operating system installations using Windows Deployment Services result in a client computer that is joined to a domain. You can disable this functionality using the Client tab of the server’s properties page.

Benefits

Prestaging clients provides three main benefits:

* An additional layer of security. You can configure Windows Deployment Services to answer only prestaged clients, therefore ensuring that clients that are not prestaged will not be able to boot from the network.
* Additional flexibility. Prestaging clients increases flexibility by enabling you to control the following:
o The computer account name and location within AD DS.
o Which Pre-Boot Execution Environment (PXE) server should service the client.
o Which network boot program (NBP) the client should receive.
o Other advanced options — for example, what boot image a client will receive or what Windows Deployment Services client unattend file the client should use.
* The ability for multiple PXE servers to service the same network segment. You can do this by restricting the server to answer only a particular set of clients. Note that the prestaged client must be in the same forest as the Windows Deployment Services server (trusted forests do not work).

so, install WDS, reboot, verify its installed correctly and try again...

cheers
anyweb

[wells2050]

So, I have followed the instruction on how to pre-stage computers, and yet WDS is still generating a random machine name. I have even gone in and used the syntax for WDSUTIL, and yet, WDS still generates a random Machine Name. Any help would be appreciated.

UPDATE: So I set this up on my test lab at home, and it worked with no problems. The only difference is the fact that I am running a Novell DHCP server instead of a windows DHCP server and the WDS server is sitting in a different subnet than the machine that I want to image. My guess is that it has something to do with the Novell DHCP server and WDS can not authorize to a Novell DHCP server. If anyone has any knowledge of this, please let me know.

[Aurock]

winkbuul, on 13 February 2009 - 07:45 AM, said:

[sorry, do mean create
But when i right click the computers container, choose new/computer object than no next is available. I am using w2008 dc's; maybe thats the problem .

I've run into this exact same issue. Did you ever find a resoultion?

I've tried using AD Users & Computers from the WDS server, from a DC, from a windows 7 box, none of them give me an option to move beyond that first screen and add more info.

[wuzzle]

Aurock, on 26 April 2010 - 06:25 AM, said:

I've run into this exact same issue. Did you ever find a resoultion?

I've tried using AD Users & Computers from the WDS server, from a DC, from a windows 7 box, none of them give me an option to move beyond that first screen and add more info.

I believe it as windows 2003 thing. I don't have the next button avaiable on any of my win7 machines with RSAT installed. However, my coworker installed adminpak.msi and has the next button feature when creating a new computer object. Makes it a little hard to prestage though.

Nevermind, I just ate my words. I went to add remove features on a w2k8r2 member server and install the AD DS tool set. I opened up AD users and computers and low and behold, there was the next option.

Can't explain why they doesn't appear on my win7 box with RSAT....

This post has been edited by wuzzle: 17 May 2010 - 04:10 PM