PXE: Not Just for Server Networks Anymore!
Listing 1. Example pxelinux.cfg/default file
default 1 serial 0,9600n8 timeout 300 prompt 1 DISPLAY pxemenu.msg F1 pxemenu.msg LABEL 1 KERNEL vmlinuz APPEND ro initrd=initrd.img quiet splash LABEL 2 KERNEL unat APPEND initrd=unatin.img z_user=guest z_password=guest ↪z_path=//192.168.1.20/install
Now, when I booted a PXE client, I got a choice as to whether to go to the Ubuntu LTSP session or the Unattended install. At this point, I tested the Unattended installation, and it sort of worked—it installed a base Windows system just fine, but it didn't install any of the drivers, nor any of the patches to the operating system. I realized just how spoiled I am by Ubuntu's driver coverage and update manager, but I slogged ahead and continued to work to refine the system so that the driver and update installation happened without my intervention.
It turns out I didn't have to re-invent the wheel, as the driver issue and the update issue both have been addressed by the Unattended team. As far as the driver stuff goes, there is a method to integrate DriverPacks (which are large compressed archives of drivers) into the Unattended system. It's a little bit too involved for the scope of this article, but see the DriverPack link in the Resources section for more information.
With respect to automatic update installation, the method the Unattended folks use is very Linux-like in its resourcefulness. Under the Unattended root path, there are two directories: the /install/scripts and /install/tools directories. The scripts directory contains Windows batch files (.bat) that are used to do automated installation of various software packages, as well as some basic updates. The tools directory contains a set of scripts that will look at your Unattended server's current configuration and scripts directory, and then compare it to the CVS tree maintained by the Unattended team. The scripts then will grab the latest .bat files and drop them in the correct place in the scripts directory. At that point, the next Windows install that's done with the Unattended system will get all the patches and install them automagically. The system even will reboot at the appropriate times, then pick up the next patch in the series and install it. To update the Unattended system's patch repository, it's as simple as running a ./script-update; ./check; ./prepare from the /install/tools directory under the Unattended root.
The CVS archive of scripts, as well as the script archive on the wiki, proved to be invaluable. Those resources allowed me to finish the complete automation of my install, and now, I have a configuration that meets my company's needs for Windows. After about 30 seconds of typing the machine-specific information at the beginning of the installation, I now can walk away and know that Windows, Office, the Cisco VPN client, Symantec Anti-Virus and many other things my Windows users need will be done my way, automagically, without requiring myself or another staff member to babysit it.
In closing, thanks to the efforts of the Ubuntu and LTSP teams, I now have an environment that lets my users do some kind of work, even when their systems may have some kind of issue. And, thanks to the Unattended team, I don't have to sit at a Windows machine physically to install it, nor do I have to mess with half-baked images or other strange packaging solutions. I'm already getting other ideas on how to extend this system even further.
“PXE Magic: Flexible Network Booting with Menus” by Kyle Rankin (April 2008 issue of LJ): www.linuxjournal.com/article/9963
Ubuntu Wiki—LTSP Installation: https://help.ubuntu.com/community/UbuntuLTSP/LTSPQuickInstall
Active Directory Authentication in Ubuntu 8.04 and 8.10: anothersysadmin.wordpress.com/2008/04/06/howto-active-directory-authentication-in-ubuntu-804
Unattended: a Windows Deployment System: unattended.sourceforge.net
Unattended Step-by-Step Instructions: unattended.sourceforge.net/step-by-step.php
Unattended Wiki: ubertechnique.com/unattended/FrontPage
Using DriverPacks with Unattended: ubertechnique.com/unattended/BTS_Driver_Packs
Unattended Script Archive: ubertechnique.com/unattended/Scripts
Bill Childers is an IT Manager in Silicon Valley, where he lives with his wife and two children. He enjoys Linux far too much, and probably should get more sun from time to time. In his spare time, he does work with the Gilroy Garlic Festival, but he does not smell like garlic.
Bill Childers is the Virtual Editor for Linux Journal. No one really knows what that means.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- The Humble Hacker?
- Server Hardening
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- Varnish Software's Hitch
- New Container Image Standard Promises More Portable Apps
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide