3

I'm working on setting up Windows Deployment Services on a Windows Server 2003 machine. In my exploration of the various options for configuring this system, I wanted to learn the difference between known and unknow client computers. As I understand it, a known client computer has already had an account added to the domain for that computer, while an unknown does not yet have an account added.

Exploring then how machine accounts are added to the domain before the machine itself connects to that domain, I come upon the concept of a managed versus an unmanaged machine. So far as I can tell, a managed machine must have a GUID set up in the BIOS somewhere while an unmanaged machine does not need this GUID. But I fail to find any reference to what other differences there are between a managed machine and an unmanaged one.

What are the benefits and/or differences of an unmanaged versus a managed machine on an Active Directory Domain?

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
music2myear
  • 1,905
  • 3
  • 27
  • 51

1 Answers1

2

A "managed" computer is known to WDS, and follows the policies and configuration set up for known computers. An "unmanaged" computer is a member of the AD domain, but not known to WDS, so when PXE-booting to WDS, it follows policies for a new / unknown client.

Andreas Turriff
  • 56
  • 2
  • So managed and unmanaged are only applicable in the WDS configuration? As in, I'd set a UUID in the BIOS for each machine I get in, create a machine domain account and enter that UUID during the process, and then when the machine PXE boots and uses WDS it'll be assigned directly to that domain account? – music2myear Aug 05 '11 at 20:38
  • 1
    That's my understanding, yes. Actually, part of the UUID is the network adapter's MAC address - that detail caused me some surprise when I switched out a NIC and expected that machine to regain its old hostname and domain account... – Andreas Turriff Aug 05 '11 at 20:43
  • Yes, I saw that as an option for automated naming. Our naming convention doesn't use the MAC address though. I'm not aware of a company that does use the MAC address for naming. – music2myear Aug 05 '11 at 20:51
  • 1
    Not naming - this may have been a braindead implementation for GUID. The BIOS would report the system GUID as its preconfigured GUID, with the last 48 bits XOR'd with the active (PXE booting) NIC's MAC address. As a result, WDS thought it was dealing with a new client on a NIC change on that machine. Haven't had occasion to test this on other boxes, though. – Andreas Turriff Aug 05 '11 at 20:55
  • Meh, I've run into this again with SCCM: With tablet devices that we image while connected to docks, the dock MAC address is used instead of the SMBIOS GUID, and when we go to image a second tablet on that dock SCCM says there are no task sequences for that device as it thinks it's already imaged and ready to go. – music2myear Dec 22 '16 at 17:45