A ghost image for active directory

  • Thread starter Thread starter SA
  • Start date Start date
S

SA

Hi all,
I have Symantec Ghost version 8 and I am using this to ghost images for my
active directory rollout. We are in the process of moving to AD so I am
not quite familiar with cloning an AD image. So right now I clone my image
as before and then join the domain and link the domain user to the local
profile on the local pc.

I wanted to know a better and faster way to do this. Thanks,

SA.
 
I'm guessing you're talking about PC rollouts, although when I first read
your e-mail I was wondering if you were contemplating Ghosting domain
controllers -- I hope not!

There's a tool called SysPrep that's designed to be used when imaging PCs.
This makes the image more portable to other hardware (since a Mini-setup
wizard runs and does PnP detection) and also ensures that the PC gets a
unique SID. This can also allow you to automate joining the domain.

Alternatively, check out the NetDom utility in the Support Tools folder on
your Windows CD. This allows you to script the domain join. You'll
probably want to create a new OU for workstations (so you can set group
policies on them) and set permissions on this new OU (using the delegation
of control wizard) to allow you to use a low-privilege account to join the
domain -- you should never use the domain administrator account to log in on
a PC or to join a PC to the domain.

NetDom allows you to specify the OU into which the newly-joined PC should
go.

This may take some reading and practicing, but spending time doing the
preparation now may save you a lot of time later on if you do things well.

Regards

Oli
 
Thanks Oli for a well thought out response.

Oli Restorick said:
I'm guessing you're talking about PC rollouts, although when I first read
your e-mail I was wondering if you were contemplating Ghosting domain
controllers -- I hope not!

There's a tool called SysPrep that's designed to be used when imaging PCs.
This makes the image more portable to other hardware (since a Mini-setup
wizard runs and does PnP detection) and also ensures that the PC gets a
unique SID. This can also allow you to automate joining the domain.

Alternatively, check out the NetDom utility in the Support Tools folder on
your Windows CD. This allows you to script the domain join. You'll
probably want to create a new OU for workstations (so you can set group
policies on them) and set permissions on this new OU (using the delegation
of control wizard) to allow you to use a low-privilege account to join the
domain -- you should never use the domain administrator account to log in on
a PC or to join a PC to the domain.

NetDom allows you to specify the OU into which the newly-joined PC should
go.

This may take some reading and practicing, but spending time doing the
preparation now may save you a lot of time later on if you do things well.

Regards

Oli
Click to expand...
 
Back
Top