1

We are a business of under 200 PC's that are looking at implementing preventative maintenance tasks such as regular imaging or updates but would like to see if there is a better method then IT coming in on a weekend every month to turn on the PC's and do whatever the task is.

We are a MS Server house, we are using WDS to capture and deploy images and use MS DHCP.

Many moons ago I worked at a school that had primarily Unix servers (ISC DHCP) and the guy there built a system where the PC's would boot into PXE and quickly determine whether the PC was earmarked for imaging or if it is meant to boot into Windows. This was a great system, but I had little to do with the maintenance or development and so don't know how it was exactly implemented.

What I was wondering is if there is a way of implementing something like this using MS Servers, DHCP and WDS. We would like to be able to set a flag for a PC to boot into WinPE or to boot from the Hard Disk. I was hoping we could setup a database (MS SQL Server) which could contain the PC MAC Address and a flag for whether the PC boots into Windows (local HDD) or WinPE (PXE Boot)?

We are wanting the PC's to be always set to boot from the NIC first and HDD second so whatever solution we implement the boot time to Windows shouldn't be too much longer then it currently is, as the PC's would be booting to local HDD more often then not we don't want the users waiting for minutes for PXE to time out or WinPE to fully load.

Lima
  • 374
  • 3
  • 12
  • Why do you want to regularly reimage machines? This isn't typical. Reimaging a machine is usually only done when it changes "owners" or has been infected. – MDMarra Jan 30 '14 at 05:30
  • That was an example, we try and re-image twice a year to update apps that aren't easy to update silently or driver updates, etc. When implementing this we would probably be looking at doing it in smaller batches of PC's to be re-imaged so that if something goes wrong we don't have 200 people twiddling their thumbs. – Lima Jan 30 '14 at 05:32
  • In addition to what MDMarra said, leave your workstations running 24/7. Don't shut down your workstations at night. That's the ideal time to have them doing automated maintenance tasks, like running a virus scan, defragmenting the hard disk, downloading and installing updates, etc., etc. – HopelessN00b Jan 30 '14 at 05:32
  • @Lima still pretty non-typical. It sounds like what you're talking about here would be best served by SCCM+MDT+WDS, so you wouldn't have to have scheduled re-images, and IT can just push all manner of updates and software out to computers automagically, during times when there's no one using them. – HopelessN00b Jan 30 '14 at 05:35
  • Because that is the scenario that I have been tasked into solving. We do not want to encourage users to leave their PC's on "24/7" as this would introduce other issues. – Lima Jan 30 '14 at 05:37

1 Answers1

2

Driver updates and software deployment aren't typical reasons to reimage a machine. You may want to reconsider your larger strategy here and approach it from a new angle. Something like SCCM will handle Windows updates, software deployment, driver updates, etc and it can also be leveraged for operating system deployment as well.

Hardware vendors like Lenovo typically release driver and utility packs for SCCM that make this very easy.

This does not require a user to leave their PC on 24/7 and doesn't even require them to be connected to your corporate network if you use a DMZ/Internet distribution point. The SCCM agent will "check in" periodically for new software to install.

But to answer your actual question - no, WDS has no built-in functionality to only image a machine occasionally. You'd have to play with removing and re-adding the netbootGuid attribute from each PC's computer account in AD if you wanted to, but that would require some custom scripting or application development on your end.

MDMarra
  • 100,734
  • 32
  • 197
  • 329
  • Thank you for the answer to my question, we will need to look at our options and what we want to achieve. As I said the examples are not the only reasons for doing this and this isn't the sort of environment that we can get away with doing certain driver updates during business hours. – Lima Jan 30 '14 at 05:46
  • @Lima why not? Most drivers can be deployed with the reboot suppressed, which will leave the old driver functional until the machine is turned off. In almost all cases the user is none-the-wiser. That said, you can schedule windows when software or patches can be installed via SCCM as well. Really, based on everything you've said, there's no need to reimage the machine. You need a mature configuration management tool, not an imaging tool. – MDMarra Jan 30 '14 at 05:52
  • Thanks MDMarra, our change process is to perform major updates to some key applications as part of a re-image process, this enables us to test that integration works and limits the chances of failure. And we do have a deployment system in place but do not need (nor can really justify) SCCM. I do appreciate your assistance and do understand where you are coming from, if not for some of our more unique applications and the way some of them are integrated in-place upgrades would be a better option. – Lima Jan 31 '14 at 12:13