Slashdot Mirror
PC Cloning Solution?
pbaumgar asks: "Like many here on Slashdot, I'm a Systems Administrator. I have become responsible for maintaining about 300 laptops that I need to rebuild on a regular basis. I am looking for a solution to image them. I've been looking at Symantec's Ghost Solution Suite and am not too gung-ho on spending all that money for licensing. Can anyone recommend an better solution that would be cheaper?"
I've always been partial to DD
-------
Support Indy Music. Buy
Im not sure if the imaging server comes with zenworks for windows, but we use it with our novell servers and it works very well. It uses a tftp server to netboot a linux kernel. Very scriptable and flexable. Not sure about price though.
Use only linux and artimage. Windows systems are very expensive to administrate, and buying a tool for every missed feature wil make you only poorer.
That doesn't have the bullshit licensing agreement. Norton has effectively fsked themselves out of the clone market with their totally absurd licensing requirements.
"Eve of Destruction", it's not just for old hippies anymore...
G4U, a unix based cloning tool.
Hilary Rosen's speech was about her love of money and her desire to roll around naked in a pile of money.
Assuming you are imaging the laptops with Windows, I can't imagine you having to image a linux laptop as often for some reason or another...
Anyway, back in the day I got a free copy of Ghost with my motherboard. Now that they are completely owned by the Symantec umbrella, they are probably quite a bit more expensive, but I bet you can still get a single-user burn-to-a-dvd-with-the-image for relatively little. If that is to expensive, then go learn DD or some of the more advanced techniques that I am sure will pop up all over this board. Why buy the total solution when you aren't really going to use it anyway? Also, if you are in a windows environment, perhaps their RIS Server product would do what you need as well? Can the laptops boot from the network?
was this so hard?
I want to delete my account but Slashdot doesn't allow it.
Just buy your back up hard drive from a major manufacturer like Maxtor, Western Digital, Seagate, etc. Many of these companies have hard drive imaging software on their site for free to transfer the contents of any hard drive to their hard drive.
Not a perfect solution because you would need to buy a spare hard drive for every laptop, but it's free.
http://www.kubuntu.org/
Are you 20 years behind the times? Cost cutting is supreme in corporate environment these days- and techs who don't understand that get fired rather quickly, and replaced with some college student from Bangalore.
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
Acronis Trueimage
I have an interestin job layout but when i am working on backup I use Ghost 5.1c it is an old version but it will back up any partition except for NTFS based (works on Fat16, FAT32, ext2, ext3, Linus Swap, HPFS, etc.) For NTFS I recommend either Ghost 2003 or 9.0. .gho format) so that you can use them when necessary for manual restores. Also the newer versions of Ghost alow you to update parts of a .gho file.
If the laptops are identical you can install it on a control system and use a bootable CD/DVD to run the basic (think graphical DOS styling only polished up a little) client and it shouldnt warn you about liscensing issues(not a problem on 5.1). If it does you can symply ignore the message (2003) and it wont ask twice. This is of course for a manual partition restore. If you want an automated solution you will have to pay for licensing (for safety's sake) but it is a nice package to use. I recommend keeping a backup disk with your images (stored in
IT Specialist - Nottawaseppi Huron Band of Potawatomi Indians
System imaging solutions such as Symantec Ghost are good solutions for most people, but are not always the right solution.
What may be a good solution that is adaptive to your needs is this solution : http://unattended.sourceforge.net/
Combine this with a good method for getting a PXE boot setup (and devices that support the feature) and you will be able to create a menu that will allow you to automate system installs of Windows, Linux, and possible other systems, plus installing their related applicaton software later.
With this setup you can do system installs for any type of hardware that comes your way. Laptop vendor change the network card chipset without bothering to change the spec sheet? No problem, just add the driver to the above build instructions and life goes on.
The program isn't debugged until the last user is dead.
I beg to differ. Given the option of paying, I'd buy Altiris. Image blaster has always been more effective IMHO and the desktop support capabilities integrated into the altiris product line (Remote Desktop/Scripting/Rapid Installs etc.) Are pretty darn robust; ignoring a few frustrations in older versions (mostly cosmetic) that is.
Their support is excellent and their Database integration for centralized inventory tracking and software inventory tracking is very useful. Not to mention having the data in ready to use SQL form.
It's a step up from Ghost for sure, and for the enterprise it does integrate with HP OpenView. But, you're not supposed to talk about real closed source pay for solutions on Slashdot. *waves hand* This isn't the product you're looking for. It's certainly not cheap, and it's certainly not something you'd want to rush into.
And as long as I'm on a rant about good pay for solutions, if all the guy wants to use is ghost functionality why not use RIS? Other than the whole Microsoft Homogeny thing it seems to work nearly as well (if not better) than ghost.
http://www.feyrer.de/g4u/
I have successfully imaged ext3 volume sets, NTFS disks, and NetBSD disks with this tool. In spite of what you might think, it actually is quite fast and the drive images are relatively compact.
The key is to have a gigabit network at hand, if you can, and to have relatively modern hardware across the board.
I like to use "gzip hda2.gz" to back up a partition, but before I do that, I mount it, "dd if=/dev/zero of=mountpath/zero", sync, "rm mountpath/zero", and unmounting it before that to attain the smallest image file possible. Of course, this needs to be done from either a Live distro or from a secondary install. I have my Linux on 8GB, and my image is about 1.5 GB.
Calling atheism and agnosticism a religion is like calling bald a hair color.
(Disclaimer: laid off after 21 years of knowing how to do my job. Now, apparently too expensive.)
A disturbing trend (or maybe it's always been and I haven't noticed) on slashdot seems to be people who ostensibly have jobs for which they're competent coming to the anointed techies of slashdot for answers. I suppose it would be considered "tapping all resources", but as an employer, I'd kind of expect my employees to know their job.
That aside, it would appear to be the luck of the draw who gets advice. My experience has been it is of little relation to whether one is deserving, and more related to how "wired in" one is to slashdot's anointed editors, or a little luck.
So, can everyone expect to "hire" slashdot for their problems at work?
Between a creating a slipstream windows xp cd and something like unattended you should be good to go.
I'm a system administrator for a network that includes a large number of windows boxes using samba as a domain controller. We use ghost (the old free version, I believe). Every few months we put out a new template for each hardware type we have and then ghost each machine, room by room. This takes an insane amount of time, and upgrading machines is a pain. Anybody got a better solution?
http://www.rajeevnet.com/hacks_hints/os_clone/os_c loning.html
Since partimage is contained on every Knoppix CD, the easiest and cheapest solution is to boot your computer with Knoppix, save the file system image either to a local disk or over the network to another computer running partimaged.
gopher://cramer.plaintext.cc http://cramer.plaintext.cc:70
If you have a Windows Server 2000 or Server 2003 environment, what about RIS? Once you get it set up, I think it is much faster than ghost for pulling images down, plus you don't have to worry about SIDs. Plus the big bonus it's FREE.
I've cloned a lot of Linux boxes with plain ol' dd. I had a script that mounted the HD, ran dd, then did a sed search and replace on things like, username, hostname, DNS servers, etc..
You're probably cloning windows whose config files are not as simple as those in unix but there are still a lot of tools out there that can help (e.g. openldap commands for manipulating Active Directory, adding new users, etc.).
Try partimage (http://www.partimage.org/ . It doesn't have all the management tools like remote imaging, certificate security, etc, but I routinely use partimage from a Knoppix CD to clone Windows machines. Once cloned you can change the sid using newsid.exe from Sysinternals (http://www.digitalissues.co.uk/html/os/misc/parti mage.html).
m age.html.
If you want to get really creative, maybe you could put a small linux partition on the systems that you can boot to for this purpose. Or maybe you could make a bootable system restore CD. Here is a faq to get started: http://www.digitalissues.co.uk/html/os/misc/parti
If the whole thing is windows-based look into RIS. It's a pain to configure properly, but it is more flexible and once you get a hang of it it's quite convenient.
http://www.feyrer.de/g4u/ helped me when ghost failed on my laptop.
A supertool without doubt.
In order to form an immaculate member of a flock of sheep one must, above all, be a sheep.
We use Ghost 8 where I work for rolling out new machines. It's a lifesaver when we replace a lab (I work in Higher Ed). However once the machines are in the lab, we "freeze" them with Deep Freeze. Unless the hard drive fails we never have to reimage them again. I don't know how the pricing for Deep Freeze will compare to the pricing for Ghost, but if you don't have to reimage them, don't. The URL for Deep Freeze is http://www.faronics.com/index.asp
I'm very responsible, when ever something goes wrong they always say I'm responsible.
Use a LiveCD of Knoppix or similar? Then provide USB keys for document storage, or network drives?
Death by snoo-snoo!
Not cheap. But it lets us create a hardware independant disk image and deploy it remotely to PCs. I believe it has some Linux support, but is mostly a windows product. It gathers hardware inventory on most any coporate level machine (including serial numbers). We can also build remote install packages to deply software and settings after images have been created.
While it keeps track of all the packages and images deployed, it doesn't automatically restore everything.
CA also has a similar product, it doesn't deploy images, only the windows unattended install stuff. However in addition to keeping track of packages, it will automatically redeploy them. Useful for when a HDD dies. You start the base image deployment, CA takes care of everything done since then.
Both packages support PXE boot and Wake On Lan. So you can remotely boot up a bare metal machine and get it operational.
These are pretty large programs, you'll want to talk to a sales person at those places and get a demo. Even if a demo is available, get them to demo it to you, you can't hope to learn the stuff in a couple days on your own.
http://www.runtime.org/dixml.htm for a few machines or http://www.acronis.com/homecomputing/products/true image/ for many.
The products have spoken for themselves for me, I use them exclusively. true image has a bartpe plugin, also.
True Image Server: $699.
True Image Enterprise: more, but worth it.
No one ever says, 'I can't read that ASCII E-mail you sent me.'
...as in beer.
Being serious now, RIS is slick if you can get it set up properly.
This sig rocks the casbah.
Id use a mounted filesystem and use dd to copy an image to the other networked machine. Just use the following to copy your hard drive...
/remote_computer_mount_point/
dd if=/dev/urandom of=/dev/your_hard_drive bs=512
And then, you can run netcat from the tun device
nc -i tun0 >
Be aware, your mileage may vary.
Etherboot (http://etherboot.sourceforge.net/) + ThinStation (http://thinstation.sourceforge.net/wiki/index.php /ThIndex)
Then start hacking your Thinstation dist around. Easy to maintain over time (just upload new Thinstation images). Write a quick shell script to ftp down an image off a server and use dd. The user could pick an image or alternatively use some hardware identifier (using lspci, etc.) to automatically pick one for a user.
Another idea would be to use a floppy-disk based Linux dist which does effectively the same thing. Maintenance is harder (new floppies / cdroms each time you want to change the system).
This also keeps your process nice and open for the future =)
I used it last week to move W2K from a 60GB PATA to a 200GB SATA. It was a 15 day trial but otherwise fully functional.*
I tried DD, and aside from the fact that it doesn't deal with errors. It screwed up the move. Took awhile to fix that damage.
Partimage really wasn't as simple as running Acronis on the Windows drive, and rebooting.
*I still haven't figured out how to get GRUB to boot W2K though. It just hangs when booting the OS, even though I can manually select it from the F11 menu. Acronis does have one Ghost feature. That of expanding the partitions to fit the new drive.
As a system administrator I volunteer to maintain several labs at a local private school. About once a month I have to updated or install new programs on these lab computers. I just sit down on one, clean it up, update, and ghost an image to a server. Ghosting takes about 15-30 minutes to make a new image. I then boot up the lab with floppy disk and ghost back out to the lab. I take the floppy disk out and leave. I have setup several scripts so the computers will automatically rejoin the domains, change their names based upon Mac address and be ready to use by the students the next morning. Because the Ghost isn't installed on any one computer, I just need the number of licensing I'm ghosting at one time, aka for each floppy disk. It was a pain writing all the scripts, but I can rebuild an entire Windows XP in less than 5 minutes of my time once I have an image.
Freedom of Speech only include discussion that are approved by the RIAA, MPAA and DMCA.
I tried that and for some reason my SATA drive didn't show up, even though Windows saw it.* (yes my PATA controller was on at that time :)
There's one trick for those who have RAID bioses. Using RAID 1 (mirroring) to copy it.
*Here's another peculiarity. MSI-K8T-FSR with W2K on Master 0, and Linux on Master 1. Grub wouldn't install no matter what. Had to turn back on the PATA controller.
Mondo is a extremely impressive product. It does what you want. If you don't like Ghost images, use Mondo Rescue. If you wanna do filesystem-based incremental backups, use BackupPC. Stupid name, but truly enterprise-ready(tm).
Go with unattended setups. You can add the drivers for all the hardware available, and you can plugin MSI to install additional software. If you have some software that has no MSI setup, you can build your own from a fresh install (see Microsoft documentation).
Plenty of documentation is available on the Microsoft website and there is no extra licensing.
lucm, indeed.
At an old job where most computers had removable hard drives we used a commercial hard drive duplicator. Instead of a master image, we'd use a master hard drive.
No, I will not work for your startup
I suggest you use only Sysprep to change the SID. I've tried other tools, such as the one from Sysinternals.com, and they have introduced errors.
There is a download site, but Microsoft's search facility has never worked very well, and I can't find the URL now. Wait, I found it: Sysprep.exe for Windows XP Service Pack 2.
Use only the version of Sysprep.exe and Deploy.cab meant for your operating system and service pack.
When you run Sysprep, you automatically change the SID.
Phoenix (the BIOS maker) has software that keeps the backups securely on the machines. Here's the link: http://www.phoenix.com/en/Products/Trusted+Applica tions/Phoenix+FirstWare/FirstWare+Recover+Pro/defa ult.htm
Lenovo (formerly IBM) OEMs this into all it's thinkpads. Theirs is linked to that "blue one touch restore button". I am a bid specialist for PC Mall, and I can get you in touch with one of our reps if you want. For 300 licenses, you should be able to get a volume discount.
I use EMC Dantz Retrospect, Which backs up our notebooks, desktops, and servers, all with snap shot imaging. Check them out http://www.dantz.com/ I haven't been let down yet. We recently lost a SBS 2003 to a hacker, and recovered it without problems, SBS, Exchange, and SQL Server. Retrospect is a life saver.
I didn't scrutinize their license agreement WRT large numbers of computers, but do suggest you give it a good look.
I'm in a Unix state of mind.
If you're even considering imaging, please don't. Try unattended. It may take a week or two and a few dozen trial installs but once you get the hang of it you will never want to go back to imaging.
Look at it this way. With unattended, you can assign different profiles to different computers, and they can inherit from each other. Say one group needs x apps, another group needs y apps, and another groops needs x y and z. With unattented that can all be maintained with three very small batch scripts. With imaging you would need to create three large images, and maintain each of them. With unattended, you maintain the master packages and all of your configurations make use of it.
Hardware detection is also easy. When I dealed with cloning I ended up having to keep multiple copies of the same image but configured for each different hardware. With unattended, you extract all the drivers into the $oem$/$1 directory and each computer's hardware is automatically detected and configured during the install. I can easly add any new hardware I want with no additional maintence.
If you need to apply different policies (without AD) learn how to use secedit. It's easy to write secedit and regedit scripts for unattended that will apply all configuration and policies automatically. Microsoft's Windows XP Security Guide covers this well.
Try unattended. You will not regret it.
Also, just as a comment to the above post, it's not neccessary that the NICs support PXE. Etherboot solves that. Etherboot gives a small (15k) image that can be put on a floppy, cdrom, lilo/grub, etc and will boot to PXE. It's not neccessary for the NIC to support it.
"It ain't a war against drugs.it's a war against personal freedom" --Bill Hicks
How funny. I read through this site often to keep up on the industry, and its refreshing to see my product Recover Pro being mentioned. Unlike typical network backup strategies where a full system restore could take an hour or more, Recover Pro can restore a machine to a static image in under 12 minutes. Not to knock backup software like Retrospect (My personal favorite as well) They play a part in the overall data security for a company. Recover Pro needs no network to run, No CDs and you will never have to rebuild windows before restoring a machine. Restore points can be incremental or left at a static image. Its all up to the IT admin. One button restores that work every time. Even if the system crashes and windows won't load, as long as you can power your machine Phoenix Recover Pro can restore it. PC Mall is a great place for the product, we have a good partnership with them and they can always reach me if you have any questions. Best regards, Phoenix Junkie
"How can a million computers be wrong?"
If you can afford it, a commercial solution from IBM, LanDesk, or Acronis is probably going to be easier to administer. But if your like me, your on a tight budget and don't mind using free stuff that takes some massaging.
Windows:
-------------------
If your deploying Windows, then I would suggest you use M$'s free (as in beer) solution, Automated Deployment Services:
I've used this in my lab for cloning Windows 2003 instances. It's a PXE/tftp based solution. It works very similarly to IBM's RDM, LanDesk, etc.. but with a crappy administrative interface. Took all of 3 hours to setup, including my RTFM time. After setting some QOS for my server's switch ports, I had extremely good throughput from MS's 'Reliable TFTP' service, which I cannot say I had with IBM.
This same setup could be done via syslinux + slim kernel + small root fs via NFS, but don't forget the need to use Microsoft Sysprep right before you clone your image. Whichever route you go, you'll want to switch to a Volume Licensing model for your client machines, so you won't have to worry about maintaining a database of 300+ license key allocations.
Ok, so for 300 licenses you're looking at spending about $5,790 which works out to around $20/license. That's not that bad considering how much time it'll save you and exactly what you get, and you may be able to get it cheaper. I get Ghost licenses for $15ea through CDW-G because I work at a high school. You may want to check with a reseller to see if you can get a break on licensing.
Next to RIS I don't think there's any solution that'll roll out a Windows install with programs, updates, automatically change the SID for you, give the computer a unique name, AND add the computer to the domain... all in about an hour (depending on your network/server/comps being ghosted.) Updating a 40 computer lab between classes is pretty sweet.
So long as you're using Ghost Corporate Ed. (new) you don't have to worry about boot disks, configuring pxe, whatever either. So long as the Ghost Client is installed on the PC just boot it up normally and start a session on the Ghost server.
On the flip side, if you go with Ghost, make sure you purchase all the licenses you'll need the first time. I bought 50 licenses and Ghost Corp v.8. A month later I went to buy 100 more licenses and I couldn't get them for v.8 any more as Symantec had updated Ghost to "Ghost Solution Suite 1.0" so I had to purchase upgrade licenses for the ones I had bought a month earlier.
You'll probably see only 10% of those machines in each month, peak, unless something catastrophically infests your network. That's 1.5 per day. Well, actually.. Figure four on Monday, and three spread over the week. They always catch something and need a reinstall after a weekend.
You can probably handle that with a manual cloning process if the cloned image doesn't change too often and the machines carry DVD ROM drives in them. Clean install to a spare machine (there are some ways described elsewhere in this thread to seriously cut down on the amount of junk data on a image; So long as the installed files don't exceed say 4Gb, you're fine no matter the disc size), dd the disc image off, then use something like a modified tomsrbt image to dd it back.
Having said this, the older versions of Norton Ghost rocked.
.sig: Now legally binding!
I have also used the unattended project extensively at a hosting company with around approx 5,000 servers.
4 352&seqNum=3&rl=1
I simply PXE booted the box, and on the menu I had something like this
1) Install RHEL3
2) Install FC3
3) Install W2K
4) Install W2K3
Select the # and whala. Your OS choice installed! (Of course I also had options in the PXE boot menu for custom installs for all the OS's) unattended can also use mysql/CSV to keep a list of various software packages to install on machines based on the MAC address.
Works over serial console/LOM cards, and if your doing that I hightly recommend enabling EMS/SAC (out of band) on Windows, it's like having a crippled console! It lets you do simple things, like change IP, reboot the server, and load a command prompt. Supposedly SAC is always available even if the box BSOD's.
Unattended is a really great project, unfortunately it has a little bit of a learning curve to get it 100% right.
EMS/SAC http://www.informit.com/articles/article.asp?p=17
Unattended http://unattended.sourceforge.net/
I used to help out on my daughters school. I set up a simple script and NTFS image using partimage. We used it for about 80 win2000 computers. We never had any problems with the NTFS support of partimage. The parimage documentation says it is experimental, but that if an image is created succesfully, the restore should always work. I guess it helps if your system where you make the image from is reasonably clean (defragmented and such).
I didn't use Knoppix, but a command-line based bootable Linux (Linux rescued CD). We had used Ghost (old version I guess) before, but the Linux based approach made it possible to script most steps. Basically one would boot the computer from the CD, login as root (I removed the root password on the bootcd), and run a simple script, e.g. "restoredisk ".
The script would then:
1. copy a saved bootsector using dd
2. partition the disk sing sfdisk
3. restore ALL partitions using partimage
4. reboot the computer
The image basically was a directory (available as SMB share on a windows server) with a copy of the bootsector, a sfdisk file, and partimage file of each partition.
ad 3. I made the script a bit flexible so that multiple partitions could be restored, so that we had a (secret) Linux partition, a main C: drive wih operating system, Office, etc, and a D: data drive that was basically empty.
ad 4. The rebooting saved a lot of time, because after the images were restored the computer the computer rebooted automatically, and then windows booted, detecting hardware etc. This could take 15 minutes, but we could just leave the PCs right after starting the script, and come back 30 minutes later (the restoration was quite fast with a 2G image). Then all we had to do was give the PC a name, and add it to the domain. I have considered scripting that computer-name/SID part as well, but didnt have time to do it.
All this was very simple for someone restoring an image (boot a cd, type root, type a restore command). In fact I did this with a kindergarten teacher and she had no problems whatsoever.
The hardest part was making a good windows image. The hardware was very similar but not identical, so I had to use sysprep. This was essential for the automated hardware detection, and for the computer name / SID changing. I didnt learn enough about sysprep to add all kinds of drivers, just the few drivers we needed. The other problem was all kind of educational (wind3.1 based and such), that had problems with working with the network, or with being cloned, etc.
Hope this was helpful
Debconf 5 video archive has a video about Fully Automated Install, FAI really is impressive it does a full installation which taks a bit more time but it's alot more flexible than using Partition Image.
I use a 10GB partition with 5GB of data which Partition Image does in 3min, the exact same thing is done in 10min with FAI. On the other hand with FAI it is very easy to keep the image up to date, which is a very tedious process with Partition Image. Also growing filesystems aren't really that wasy in Linux yet.
I would say go with FAI, it's the cheapest route, in hours.
BootitNG has also image/restore functionality...
http://www.terabyteunlimited.com/