WSUS that's not such a wuss

So Windows XP update management during an MD/BDD build is a pain in the butt.  The built in tools force you to identify, by hand, and download, one at a time, all the updates needed.  There is a nice step in the rules to allow you to run all the updates but come on..we're talking at least 2 days of work to get all this set up correctly and then tested.  Then. BAM. A service pack comes out and now you gotta go clean it all up and start over again.  Not a good thing.  So how did I handle this problem?  Open Source of course.  A little gem called CTUpdate.  Good stuff.  It even downloads updates for Microsoft Office if you want.

So here is how it works. Download the code, run the .exe and it will go out and get all "security" updates for you.  Yeah...not all the updates as it uses the Security Baseline Analyzer as it's database to know what to pull..but hey it's better then the alternative.  Now I just create a custom step to dump the "client" folder down to each client and start the install process.  Then a quick uninstall routine deletes the source.   This was done as a hands off process and added just a little time to the build process.

Lenovo T61 Sysprep bluescreen fun

I hit a nasty error today sysprepin' a T61 Lenovo laptop.  Basically, one single line in the sysprep.inf screwed me.  The line was

extendoempartition=1

Seems like this would use the whole disk for the image right?!?!?  Sounds like a good idea right?!?!?  Hey they document the setting right in the sysprep help file so it's gotta work right?!?!?!!?  Ah, no...but thank you for playing.

Basically, you sysprep the box on and on the first boot you get the "Windows XP" loading screen.  Then BAM...faster then a Brittany Spear's drug rehab visit it bluescreens with a 0x000000ED error.  Change that setting to 0 and it all works.  Details can be found here:

http://support.microsoft.com/kb/329826

 

...where'd I put that damn Ubuntu DVD's........ :)

ntop - network monitoring coolness

So this I've talked a lot in this blog so far about BDD/MD simply because that's the project I've been working on lately.  However, I'm a huge open source fan and you'll probably hear more and more about my open source favorites as time goes on.  Well, I finally got ntop (www.ntop.org) working on Ubuntu 8.04 the other day and man it is cool.  I haven't looked at this product in a few years but it's really a good tool.  Wanna catch file sharing, music download, porno watching network hoggers?!?!  ntop can do that for you.

Installing on Ubuntu takes a little effort because you won't see it in Add/Remove programs. I used apt-get to pull mine down.  It went something like this:

apt-get install ntop

Then I just run ntop from the command line and it comes up.  It defaults to port 3000 so to see the web interface on the same box open FireFox and go to http://localhost:3000   I had to reconfigure it for my second nic (because I have a regular nic and a monitoring nic) so once it was up I went through the web interface to Admin->Configure->Preferences and set the item called ntop.devices to eth1.  Then I did a Admin->Shutdown, waited 30 seconds and restarted it from the command line.  Good stuff.

Get Computer Make & Model for BDD

If you use the BDD database or if you script the variables to pick up the appropriate /Drivers folder (which is blogged about all over and well worth the effort) you need to determine what BDD thinks the computer name and model are.  You can certainly start a BDD build and hack through the logs to get this info or you can run the following under an OS and let it tell you:

Open a Command Prompt
type "wmic"  at the command prompt
type "csproduct get vendor"  <- This will spit out the vendor name
type "csproduct get name"  <- This will spit out the machine name

Now, on my drivers share I have folders for each machine name (for example, a Lenovo T61 is 888901U) which contains all the drivers for that model.  Point to this in sysprep.inf and unattend.inf and it will make your life a lot easier. If I can find the link to the full description of this I'll post it.

Microsoft Deployment from a USB drive

This is a shameless cut and paste from another blog, but here are the instructions for formatting and then creating a USB stick with a copy of the LiteTouch iso files on it:

1 Open admin cmd prompt.
2 Run "diskpart".
3 Run diskpart command "list disk".
4 Make note of the disk number your flash drive is.
5 Run diskpart command "select disk (drive number)".
6 Run diskpart command "clean".
7 Run diskpart command "create partition primary".
8 Run diskpart command "select partition 1".
9 Run diskpart command "active".
10 Run diskpart command "format fs=fat32".
11 Run diskpart command "assign"
12 Run diskpart command "exit"

From there just copy the contents of the Litetouch ISO directly to the USB drive and you're all set.  I bought a few 4GB sticks (Kingston 4GB DataTraveler 100's) and they worked just fine.