ZCM imaging megapost – part 6 (PXE boot menu)

So as it stands we have the base image, drivers and software side of things sorted – the final step is a deployment method that meets the original criteria of being light-touch but controlled. Using out-the-box ZCM we have two choices:

1) use hardware rules to automatically push an Imaging Bundle to new \ unknown machines
Unsuitable as a generic rule could catch staff machines that aren’t yet ready for imaging (ouch!)

2) install the ZCM Agent then link the Bundle to groups \ folders
Unsuitable as the upgrade to ZCM 11 would break existing ZDM bundles and policies 

With neither of the options really appealing I looked to see if there’s a way of using the Imaging Maintenance Menu to do the job. In the current setup we often use it in manual mode and point to an image to use so automating this seemed to be a way forward. Of course with the layered image scenario we need to apply 6 images in total so typing anything in manually is definitely not an option!

Imaging using bash script

Fortunately the imaging engine hasn’t changed much over the years so there’s some previous examples out there that helped point to the solution… bash scripting. The script I’ve customised will ask for confirmation before doing anything, wipe the ISD then apply thebase image + appropriate driver pack based on machine model type. If it doesn’t find anything suitable the technician is warned about this and given the chance to back out of the process. There’s also a bit of ASCII art to brighten things up thanks to http://www.network-science.de/ascii/

If you want to use the script download it from SkyDrive rather than copy \ pasting (never trust HTML formatted text!)

Tip: the echo -en “33c”  line clears the screen before the script starts

#! /bin/bash
echo -en "33c"
#DEFINE COLOURS TO BE USED FOR SCRIPT ECHO COMMANDS
RED='\e[0;31m'
YELLOW='\e[1;33m'
NC='\e[0m'
echo -e "${NC}YOUR ORGANISATION "
echo -e "${NC} ZENWorks Imaging"
echo
echo -e "${NC}*********************************************"
echo -e "${NC}Active ZCM imaging proxy address is" $PROXYADDR
echo -e "${NC}*********************************************"
echo
#THIS WILL PRODUCE A VARIABLE FROM THE "COMPUTER PRODUCT NAME" WITH SPACES REMOVED
PRODUCT=$(zisview -s | grep SMBIOS_PRODUCT)
PRODUCT=${PRODUCT:$(expr index "$PRODUCT" '"')}
PRODUCT=${PRODUCT%\"}
#REMOVE SPACES
PRODUCT=${PRODUCT// /}
echo -e "${YELLOW}This machine has been detected as a" $PRODUCT
echo
echo "zisedit data will be cleared before new image is applied"
echo
read -s -n1 -p "Continue to image machine? (y/n)" confirm
if [ "$confirm" = "y" ] ; then
 zisedit -c
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/BASE.zmg
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/SCRIPTS.zmg

#INSTALL DRIVER ADDON IMAGE BASED ON MACHINE TYPE

 if [ $PRODUCT = "HARDWARE1" ] 
 then 
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/DRV_HARDWARE1.zmg
elif [ $PRODUCT = "HARDWARE2" ] 
 then 
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/DRV_HARDWARE2.zmg
else
 echo -e "${RED}<---- NO drivers found ---->${NC}"
 read -p "Press [Enter] key to continue or power off now to abort..."
fi
img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/NOVELL_CLIENT.zmg
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/ZCM_AGENT.zmg
 img rp $PROXYADDR /var/opt/novell/zenworks/content-repo/images/addon-image/ANTIVIRUS.zmg
 reboot -f
else
 echo
 echo
 echo -e "${RED}<---- Image NOT applied! ---->${NC}"
 echo
 read -p "Press [Enter] key to reboot..."
 # reboot -f
fi

To test the script copy it to a USB stick then on a test machine boot into imaging maintenance mode (aka bash prompt) via PXE and run the following commands:

• lsusb

  (check if the USB stick has been detected)

• fdisk -l

  (find the device mount point)

• mkdir /mnt/stick

  (create a mount point for your USB stick)

• mount /dev/sdb /mnt/stick

  (mount USB device at /dev/sdb – substitute sdb for whatever shows up in fdisk -l)

• cd /mnt/stick

  (change to USB stick directory now it’s mounted)

• ls

  (show all files)

• ./win7image2013.sh

  (run script)

Copy the script to PXE server

Once you’re happy with your script rename it so the extension is .s (in this example the script I’m using is called win7image2013.s)

• Either use WinSCP (from a Windows machine)
  or on a Linux workstation use the file manager and the Connect to Server option
• you need to connec to whichever ZCM server is running the PXE services for your network
• The script file needs to be placed in the /srv/tftp/ directory
• Once copied set permissions to match the other files in the directory (owner \ group = zenworks, chmod 0755)

Edit PXE menu

If everything works as expected the next step is to modify the PXE menu to include a new option that will start our imaging script.

Edit the file/srv/tftp/pxemenu.txt using your text editor of choice (make a copy first!) Look under the [Main] section and basically copy \ paste one of the lines but change the last part (where a .cfg file is specified) e.g.

option = execute ; "Windows 7 Image (2013)" ; "Windows 7 Image plus addons - 2013 release" ; pxelinux.0 ; z_image2013.cfg

This will add an additional entry into your ZCM PXE boot menu, obviously tweak to your preferences for where you want it in the list (you can even add some colours to it if you feel that way inclined)

Now you’ve specified the .cfg file to use you’ll need to create it. Easiest way to do it is to copy one of the existing files such as z_auto.cfg and duplicate it with the new name (in this example z_image2013.cfg) The .cfg file is actually telling the PXE server how to launch the preboot environment Linux boot loader, what we add is an additional IMGCMD parameter to specify which script to launch.

#====================== WARNING! ======================#
# DO NOT EDIT THIS FILE!
#
# Modifying this file is unsupported and can have 
# unpredictable results on ZENworks Preboot Services
#======================================================#
ZENWORKSAPPEND 1 
DEFAULT imaging
LABEL imaging
 kernel boot\linux
 append 5 initrd=boot\initrd mode=2 rootimage=/root install=tftp://$PXESERVER/boot splash=silent vga=0x314 tftptimeout=50 $KERNEL_PARMS IMGCMD="win7image2013.s"

Important: one change that’s very easy to miss is the mode=2 setting, without this your script won’t run!
Ref: http://forums.novell.com/novell-product-discussions/endpoint-management/zenworks/configuration-management/zcm-10/zcm10-imaging/400764-starting-scripts-pxe-menu.html

Edit boot settings.txt

Although editing yet another file might look a bit of a pain at first it actually saves us a lot of time in the long run. Initially we used the method outlined here http://sysdocs.stu.qmul.ac.uk/sysdocs/StudentSystem/Linux/zen-imaging.html to add the custom imaging script file to the preboot environment. This entailed decompressing initrd, adding any additional scripts to the bin folder and then zipping it back up. Although it works well the process could get a bit arduous if you need to make a lot of changes to the script (new driver options etc).

Fortunately MickD2 on the Novell forums suggests a neater method that (as far as I can tell) copies the file from the TFTP server into the correct folder on the local machine. This makes it a lot easier to change the script file as it’s easily accessible in /srv/tftp rather than zipped up inside initrd.

To do this you need to edit the file settings.txt which can be found in the /srv/tftp/boot folder (make a copy of the file, if not the whole folder first!) and add the following lines at the bottom

tftp $TFTPIP -c get makeimage.s
 chmod +x *.s
 mv *.s bin

Test, rinse and repeat

At this point you can start a test machine from PXE, hold down CTRL+ALT and the imaging menu should now have an additional option available. Select it, hit enter and you should see PXELinux start loading up. Once you see the splash screen you can either a) be patient or b) press F2 to view the boot process. You should also be able to notice the boot loader mention that it’s using the custom .cfg file you configured earlier. Once the boot completes your script should fire up and away you go

If you have multiple PXE servers at other sites you’ll need to do all the steps above on each one (that said once you’ve done the first one it’s only a copy \ paste job so should make life a bit easier)

ZCM 11 imaging megapost – part 5 (Bundle installation)

OK looks like my initial prediction was wrong and I needed a lot more than 3 sections to cover all the steps in my imaging process

What we have now is a machine with all the base software needed to be able to log into the network and become managed by ZCM. That’s great but one of the aims for the process is to also prepare the machine for the user so they can get up and running with their apps straight away i.e. no waiting for them to install. When first using ZCM I thought that the add-on bundle feature would do the trick but was disappointed to find it only copies content down to the device but doesn’t install during image time. That means you’re limited to installing either at boot or after user login, neither of which is really ideal.

ENGL has a nice feature that allows you assign apps to be installed to an _Installer bundle that gets executed during the imaging process. I’ve took a similar approach but using Powershell and built-in ZCM commands. At first I thought about using the same single-bundle method but decided against it as I prefer to see each app listed in the ZCM Agent (from a support perspective it’s easier to check what version is installed and to verify individual bundles if required)

In ZCM I created separate folders to house my imaging bundles, one for core apps and some extras for specific classroom apps such as SMART Notebook. The actions are created as usual and assigned to either all Workstations or specific groups as required. In the relationship options the Install schedule is set to None so the only way for the app to get on the machine is either to be manually clicked or executed via script.

Once these were done I looked through the Novell forums and ZCM documentation and found some additional options on the zac command that can be used for scripting…

zac bl
list available bundles

zac bin “app name”
install ZCM bundle called app name

zac bln “app name”
launch ZCM bundle called app name

Then all you need to do is call zac.exe with the correct parameters to install the bundles you want…

$zacexe = "C:\Program Files\Novell\ZENworks\bin\zac.exe"
$Bundle1Params = "bin ""Adobe Reader"""
$process = [Diagnostics.Process]::Start($zacexe,$Bundle1Params)
$process.WaitForExit()
$Bundle2Params = "bin ""Google Chrome"""
$process = [Diagnostics.Process]::Start($zacexe,$Bundle2Params)
$process.WaitForExit()
$Bundle3Params = "bin ""VLC Media Player"""
$process = [Diagnostics.Process]::Start($zacexe,$Bundle3Params)
$process.WaitForExit()

At first glance you might think I’ve put too many quote marks in the the bundle names but if you look carefully you’ll see why I’ve done it… the first set closes the overall command and the second set are used for the bundle name (has to be double quotes as the bin command itself needs quotes around the bundle name)

As previously mentioned the WaitForExit ensures bundles don’t clash with each other during installation and the process steps through cleanly one bundle at a time

I also added a second section of code that uses some keys I add to the registry at imaging time to decide if to install classroom-specific bundles, this will vary depending on your needs but basically all it comes down to is some If, ElseIf, Else logic that runs more zac bin commands as required. Once all the bundles are installed use Restart-Computer to end the script

Although you will have to edit your scripts add-on image (or create a new one) each time you want to add \ remove bundles from the imaging process I think it’s worth the (small) amount of work for what you gain in end user experience

ZCM 11 imaging megapost – part 4 (ZCM Agent)

I was going to include this in the previous post but it was getting a bit lengthy so decided to split into a separate one. I prefer to keep the ZCM Agent off the base image for a couple of reasons…

a) avoids having to update the base image when a new version comes out
b) avoids any possibility of mistakes \ human error around clearing machine IDs etc

The commands to install the agent are quite simple but there’s a few extra tasks we need to do to make the process slick and painless (after all that’s the reason we’re scripting everything )

Disable Passive Login Mode Prompt

By default after the ZCM Agent is installed it will try to capture user authentication during login, this is fine and dandy if you’re logging in with a Novell \ Active Directory account but not so great if you’re running additional scripts during autoadminlogon.

As the autologon is basically a local admin account ZCM can’t find a user source and pops up a box asking for you to login, at which point your nice unattended install will stop… not good!

Fortunately you can disable this by setting a registry key…

Ref: http://www.novell.com/documentation/zenworks11/zen11_system_admin/?page=/documentation/zenworks11/zen11_system_admin/data/bbtsocd.html

Use this piece of script before the ZCM Agent installation (I put it beforehand as the Agent installer auto reboots after completion)

Md "HKLM:\SOFTWARE\Novell\ZCM"
Md "HKLM:\SOFTWARE\Novell\ZCM\ZenLgn\"
New-ItemProperty "HKLM:\SOFTWARE\Novell\ZCM\ZenLgn\" -Name "DisablePassiveModeLoginPrompt" -Value 1 -PropertyType "DWord" -Force

Splash screen

The ZCM Agent differs from the Novell Client in that the installer runs more quietly and pops up balloon notifications in the system tray as it goes along. This is great for many situations but not so much so for our imaging process as it has the unfortunate side effect of showing the Windows desktop while the installer runs.

A user glancing at the machine could easily think imaging has finished and shut it down etc so I looked for a way to put a splash screen up in a similar way to the Novell client installer. There’s nothing out the box so I turned to my trusty HTA methods.

What I’ve ended up with is a full-screen HTA that runs before the ZCM Agent installer that can’t be closed by the user. You can still see the taskbar and as such the notifications of the Agent progress although the Start button still shows. If you’re really paranoid you could run a small AutoIT (or similar) file to lock the keyboard and mouse but I think in reality the HTA will do the trick.

While making the HTA I found a neat way of embedding images into them, use the base64 generator here http://webcodertools.com/imagetobase64converter

A generic version of the HTA I used is available on SkyDrive, open it up in Notepad to see how it avoids Alt+F4 and to add any additional text \ images

The Powershell code for the HTA and Agent installation is below, note my additional variable $RegistrationKey which I’ve used to dynamically generate keys for our workstations. If you don’t need it just remove it (and the -k switch) from AgentParams section.

As always note the path to the Agent installation folder and ensure it matches whatever you’re using in your add-on image

$HTACommand = "C:\Windows\System32\mshta.exe"
$HTAParams = "C:\SETUP\ZCM_splash.hta"
$process = [Diagnostics.Process]::Start($HTACommand,$HTAParams)
# install ZCM Agent with registration key based on workgroup name
$AgentCommand = "C:\SETUP\ZCM_Agent\PreAgentPkg_AgentCompleteDotNet.exe"
$AgentParams = "-q -k",$RegistrationKey
$process = [Diagnostics.Process]::Start($AgentCommand,$AgentParams)
$process.WaitForExit()

I’ve used Registration Keys to get machines placed into groups for software installation later on as Dynamic Groups won’t update in real-time as the imaging process is proceeding.

ZCM 11 imaging megapost – part 3 (Novell Client)

The next part of the imaging series continues with a sysprepped image and drivers done – the next stage is to name the machine and install two key pieces of software in the Novell Client and ZCM Agent.

Setting machine name

Powershell gives us a lot of options for how to generate and set the name of the workstation. Some may prefer to do this using zisedit but I prefer Powershell as it ties in nicely with all the other processes that run after sysprep completes. How you name your machines is going to be specific to your network but here’s code snippets you might find useful…

Get machine IP address and subnet mask

$nic = gwmi -computer . -class "win32_networkadapterconfiguration" | Where-Object {$_.defaultIPGateway -ne $null}
$IP = $nic.ipaddress | select-object -first 1
$ClientMask = $nic.ipsubnet | select-object -first 1
Write-Host "IP address : " $IP -foregroundcolor "yellow"

We use the first section of the IP address to determine which site a machine is on, you can use the substring function for this e.g.

$Subnet = $IP.Substring(0,6)

Rename computer and set domain \ workgroup (I’ve only used this to set a workgroup so far so you’ll need to check how this works for domains)

$Computer = Get-WmiObject -Class Win32_ComputerSystem
$Computer.Rename( $wsname )
$sysInfo = Get-WmiObject -Class Win32_ComputerSystem
$sysInfo.JoinDomainOrWorkgroup( $workgroup )

One thing I did learn during this process is when comparing the value of a variable in an if statement you don’t use = as an operator as you might expect. It’s actually -eq

Ref: http://ss64.com/ps/if.html

If ($Subnet -eq "172.16") { $Site = "Site1" }
Else { $Site = "Site2" }

Also useful to note how to combine strings together to run commands with parameters or to dynamiacally generate machine names

The + operator joins strings without spaces…  
“Hello” + “World” will output HelloWorld

The , operator joins strings with spaces…
“Hello”, “World” will output Hello World

Novell Client Installation

If you use the Novell Client to login to your network you’ll need a lab machine to install it on first in order to generate a settings file to use for silent installation. This settings file allows you to distribute all the Novell settings for your network e.g. Treeless Login, set default login method to Novell etc during installation so the machine is ready to use without any additional config required.

Ref: http://www.novell.com/documentation/windows_client/windows_client_admin/?page=/documentation/windows_client/windows_client_admin/data/bu06bml.html

To do this download the latest version of the Novell Client, install to your lab machine and set it up as you normally would. Once done navigate to C:\Novell\Novell Client 2 SP3 for Windows\Admin then run nciman.exe The Install Manager screen should then open. Click Import Registry to load your current settings and make any tweaks if required. When done hit save and call the file settings.txt or something similar.

Building an installation folder

In the same way as with drivers I like to create an installation folder with all the files packaged up that I can easily import into Image Explorer to create an add-on image later on. Find somewhere accessible and create a folder called NOVELL_CLIENT (or similar) and copy the contents of C:\Novell\Novell Client 2 SP3 for Windows into it. At this point also copy the settings.txt file you created above in there as well.

Editing install.ini

You’ll also want to edit the install.ini file that’s in the root of the setup folder. This file governs the behaviour of the Novell Client setup program, some of the important settings I’ve changed include:

DisplayBackground=Yes
CreateSystemRestorePoint=No
ForceReboot=Yes

The DisplayBackground is quite handy as it brings up a large splash screen during the installation, handy so users don’t see a Windows desktop and think the computer is ready to use!

Importing the Novell certificate

During the client installation some form of driver gets installed, which by default Windows will pop up a dialog box asking for confirmation as the publisher isn’t trusted. This will obviously break a silent install so you’ll need to manually import the Novell certificate as part of your install script

Ref: http://www.novell.com/support/kb/doc.php?id=7008140

The instructions are nice and simple but where do you obtain the magical certmgr.exe tool? Answer is the Windows 7 SDK; yup that’s right you need to download a 567MB set of tools to get a utility that’s 70KB! Fortunately you don’t need to install the SDK to get the tool, use Virtual CloneDrive  or something similar to mount the ISO image, open the X:\Setup\WinSDKTools folder (where X: is your virtual CD drive letter) and run WinSDKTools_x86.msi

You’ll then find CertMgr.exe in C:\Program Files (x86)\Microsoft SDKs\Windows\v7.1\Bin - copy it to the Novell Client package folder above (I like to create a subfolder called novellclientcert in there but the choice is yours on that front). In the same folder place the Novell Publisher certificate you should have extracted after following the Novell instructions above.

Update: to save time you can use the built-in Windows 7 utility certutil as suggested here by Mike Morawski
http://www.migee.com/2010/09/24/solution-for-unattendedsilent-installs-and-would-you-like-to-install-this-device-software/

When done you should have everything you need for the installation so fire up Image Explorer and create your add-on image in the same way you did for drivers earlier on.

Powershell script

Using some of the methods from previous posts in the series we can then use Powershell to call the silent install. Note the paths to the files concerned, make sure yours match whatever folder structure you’ve used above! I had to add a 30-second wait at the start of the script as the sysprep autologin process seems to take a while and the installation actually completes before you get time to see it.

Note we don’t need to add a reboot command as the Client installation process will do that automatically

Start-Sleep -s 30
Write-Host "Importing Novell driver certificate to Trusted Publishers"
$CertCommand = "C:\SETUP\Novell_Client_2_SP3\nwclientcert\certmgr.exe"
$CertParams = "-add -c C:\SETUP\Novell_Client_2_SP3\nwclientcert\nwclient.cer -s -r localMachine trustedpublisher"
$process = [Diagnostics.Process]::Start($CertCommand,$CertParams)
$process.WaitForExit()
Write-Host "Certificate imported, proceeding to client installation"
# Start-Sleep -s 10
Write-Host "Installing Novell Client 2 SP3"
$ClientCommand = "C:\SETUP\Novell_Client_2_SP3\setup.exe"
$ClientParams = "/NCPF:settings.txt"
$process = [Diagnostics.Process]::Start($ClientCommand,$ClientParams)
$process.WaitForExit()

The next post will deal with the ZCM Agent

ZCM 11 imaging megapost – part 2 (drivers)

As promised here’s the next post in the series for ZCM automated imaging. This one will cover how to create your driver \ software add-on images and how to use Powershell to run them automatically after imaging.

Installing Image Explorer

This part is nice and easy, on a 32-bit machine navigate to http://yourzcmserver/zenworks-setup then going to Imaging Tools and download \ run the file named something like novell-zenworks-zmgexplorer-11.2.2.12991.msi. If I remember correctly you also need Java installed.The MSI will extract to  the C:\Novell\ZENWorks\bin\preboot folder and from there double-click on zmgexp.bat to run the program.

The interface is pretty simple and apart from the usual New \ Save \ Open buttons the other ones are Add Files to image, Add Folder to image and Create Folder

To make life easy I prefer to build the correct folder structure on my management VM then import the whole thing into Image Explorer using the Add Folder button. You can just as easily create the folder structure within Image Explorer and import files individually but I like to save myself clicks if I can help it

Tip: if you capture a Windows 7 image using default settings you’ll actually get two partitions. The first is a 100MB recovery partition, followed by your actual image. If you leave the 100MB partition intact you’ll need to make sure your add-on image has its files placed in the 2nd partition or it won’t work. To do this go to Image > Create Partition

I place my package at the root of the hard drive so it’s easy to call from scripts, again set this up to suit your environment. Click the thumbnails below to enlarge.

   

Driver folders

First step, create a folder somewhere on your management machine called DRIVERS. Our driver add-on image is going to include the drivers themselves in subfolders under the root. I like to use AUDIO, GRAPHICS, NIC and CHIPSET as my names but it’s all personal preference. I also tend to strip out unncessary exe files and drivers for the wrong OS platform e.g. x64 drivers for an x86 system but again your choice here.

DPInst

Having the drivers is great but we actually need a way of installing them. You can do this via sysprep but it’s a bit more fiddly to set up and not quite as easy to control \ change afterwards. For that reason I prefer to stick with the Novell-recommended method of using Microsoft’s DPInst utility to perform the installation. This method allows us force drivers so we know exactly which ones are being installed, plus we can write some status messages into a Powershell script so we know exactly what’s going on.

You can download DPInst as part of the Windows Driver Kit (WDK)

DPInst uses an XML file (DPInst.XML) to control exactly what it’s going to do when the exe is called. Command line switches are used to tell DPInst to run silently, information on both can be found in the links below

• DPInst XML file configuration
• DPInst command line switches

My current settings are listed below, using * in the search section saves you manually defining all the folders you want to search for driver files…

<?xml version=”1.0″ ?>

<dpinst>
 <legacymode/>
 <forceIfDriverIsNotBetter/>
 <quietinstall/>
 <suppressEulaPage/>
 <suppressAddRemovePrograms/>
 <search>
 <subDirectory>*</subDirectory>
 </search>
</dpinst>

Running DPInst with Powershell

If you followed the Novell Cool Solutions article to create your sysprep file you’ll have a section in there that runs a Powershell script towards the end of the process. In the example the author has 3 scripts that get called in sequence, one of which is the DPInst command.

For reference the script section is the code below. Note the use of the Diagnostics.Process and WaitForExit to ensure the command completes before moving on to the next part of the script. Also note the use of the comma to combine the command and parameters (the comma combines two variables with a space in between)

$OSArch = (Get-WMIObject Win32_OperatingSystem).OSArchitecture
$DPInstParams = "/q"
if ($OSArch -match "32-bit") { $DPInstCommand = "C:\SETUP\DPINST.exe" }
if ($OSArch -match "64-bit") { $DPInstCommand = "C:\SETUP\DPINST64.exe" }
$process = [Diagnostics.Process]::Start($DPInstCommand,$DPInstParams)
$process.WaitForExit()

Tip: if you follow the next guides on installing the Novell Client and ZCM agent chances are you’re going to need more than 3 scripts. In which case you’ll need to increase the Autologon count in your sysprep file to match the number of scripts you want to run.

Tip: run DPInst as early as you can in the series of scripts, this is important if you have machines with network cards that Windows 7 doesn’t natively include drivers for. Reason being if you use any scripts later on that need to look at the machine’s IP address or install programs that need network connectivity (ZCM Agent etc) they’re going to fall over if the network card isn’t active.

I also like to add some additional output while DPInst is running to tell the user that the process may take a while to finish. To do this use the Write-Host command to output text to the Powershell window e.g.

Write-Host "Running DPINST to check for additional devices..."
Write-Host "(this may take a long time, please wait)"

The next post will cover the Novell Client and ZCM Agent installation processes, again using Powershell

ZCM 11 imaging megapost – part 1 (base image & sysprep)

As touched on a few posts earlier the primary challenge for the early part of 2013 has been to set up an automated Windows 7 imaging process using Novell ZENWorks 11 (single-base with layered add-ons for drivers, software etc). Initially I thought this would be fairly simple, having done something very similar with SCCM but after getting further into the detail I’ve found it’s more involved than first anticipated. Part of this is due to the fact we want to move from ZDM 7 to ZCM 11 as a clean break – no migration of previous content or device info… more on that in a minute. As there’s so much to write up I’ve decided to split the post into sections, probably 3 but will see how it goes

Objectives

So before I start delving into the technical detail let’s examine what I wanted to achieve:

• hardware-independent imaging of a variety of desktop PCs
• semi-automatic naming of machines based on their asset number and location
• automatic installation of management agents, antivirus software etc
• pre-installation of common software dependent on machine role (office \ classroom)
• keep technician interaction to a minimum (due to the large number of machines to be imaged)
• ensure control over the process at all times to ensure the right machines are imaged at the right time
• output status of the imaging tasks as each stage progresses

Layered image approach and sysprep

The order of the post is going to jump around a bit due to the way the solution has built up as we figured out each step but this seems as good a place as any to start. Currently XP uses one image per machine type, which for that OS is probably the best method. With Windows 7 this isn’t required and we can build from the ground up.

As a result the base image was built in a VMWare virtual machine, reason being that we can easily back-up and snapshot the machine along the way, making it easy to revert changes e.g. after sysprep. I’ve never been a fan of re-using a base image after it’s ran through a sysprep cycle and the VM method served me well last year so made sense to go that route again. For testing the base was a plain Windows 7 installation with only Google Chrome added on as a marker. The real thing will have Office installed as it goes out everywhere anyway and saves time vs waiting for it to install as an add-on.

The next step was to create a suitable sysprep unattend.xml file and run the capture. We used this very useful guide from Cool Solutions http://www.novell.com/communities/node/12320/windows-7-automated-imaging-and-zcm-registration so no point in repeating the content again as it’s pretty straightforward. A less easy to find but very useful set of documents are also worth reading for some background information on what each part of the sysprep file does…

http://www.novell.com/feeds/nih/wp-content/uploads/2012/05/ZEN02_lab.pdf
http://www.novell.com/feeds/nih/wp-content/uploads/2012/05/ZEN02_lecture1.pdf

If you read both guides you’ll notice the ATT lab runs the driver installation section (DPInst) as part of sysprep. I’ve avoided this and stuck with it as part of the Powershell script in the Cool Solutions method as it gives me more control over the output and also means I don’t have to edit the base image if I want to make changes later on. That aside the process is pretty consistent across both guides.

Once we have the base image we can then apply various add-on images to build up the overall package. I’ve used 5-6 add-on images for scripts, drivers and software then used ZCM bundles for everything else. Your mileage may vary depending on your specific needs.

Capturing your base image

Once you’re happy with your base image (.NET, Windows Updates etc) copy the unattend.xml file into the correct location (C:\Windows\System32\sysprep) and fire off the command line to run sysprep and shut down the machine so it’s ready for capture. Remember to snapshot before running sysprep so you can revert later on if you want to make any changes to the base!

Tip: when trying to run the capture CD in VMWare the vSphere Client had a nasty habit of disconnecting the ISO when the VM was reset. This caught me first time round as Windows booted up instead of booting from the capture CD, I wasn’t best pleased! The solution is a bit round-the-houses but has worked every time since:

• ensure you right-run and select Run as Administrator when launching the vSphere Client
• right-click your base VM > Edit Settings > Options > Boot Options
• set Power On Boot Delay to 10000 (milliseconds)
• when the VM boots it’ll sit on the POST screen for 10 seconds, in this time hit Esc to bring up a Boot Menu
• at this point mount your ZCM capture ISO (from your local HDD etc)
• use CTRL+ALT+INS to reboot the VM – this is important, don’t use Reset!
• press Esc again to get to the Boot Menu
• select CD-ROM drive from the menu
• the VM will now boot from CD

Tip 2: the ZCM capture CD ISO can be found by navigating to http://yourzcmserver/zenworks-setup then going to Imaging Tools and download \ run the file named something like novell-zenworks-zmgbootcd-11.2.2.12991.msi. The extracted ISO file can then be found in  the C:\Novell\ZENWorks\bin\preboot folder

Tip 3: It’s best to install your management tools (Image Explorer, WAIK, Capture CD etc) on a 32-bit machine as x64 seems to throw a spanner in the works. 

That’s enough for part 1, next post will cover creating add-on images, a spot of Powershell scripting and how to install the Novell Client & ZCM Agent silently as part of the image installation process

How to: find block names in Moodle database & set default layout

A common request on a new Moodle site is to set up a standardised block layout for new courses. This helps to ensure a consistent look and feel, as well as reducing clutter for teachers using Moodle for the first time.

Setting the layout is fairly simple and requires a couple of lines to be added to config.php

http://docs.moodle.org/23/en/Block_layout

If you’re only setting standard blocks you can pretty much set up from the examples in config-dist.php but what about contributed blocks? Sometimes the block name you need to use in the config file isn’t quite what you’d expect, which can be a pain!

Luckily it’s easy to get a list of all the block names from the Moodle database – I’m using MySQL Workbench but you could could do the same with phpmyadmin etc…