Big or small—choosing your deployment tools is the first major decision point in any Windows 2000 deployment project. Get the choices right, and the project will have a good chance of success. Get the choices wrong, and it's doomed. In this first installment of best practices for deploying Windows 2000, you're going to learn a little about the tools available and why some are better choices. I'll start with deployment methods, SID creation tools, and then user preferences.
The numerous methods for deploying Windows 2000 come together to form a complex puzzle that doesn't always fit together nicely. Regardless, three basic types of methods are available. The first is a basic answer file used with the Windows 2000 source files. This is essentially the same as running the setup program from the Windows 2000 CD-ROM, but uses a text answer file to automate the process. Second are disk-imaging techniques. Disk imaging is the generic name of a hardware or software process for duplicating a computer's hard disk. Symantec Ghost is still the best disk-duplication software on the market. In particular, I recommend Symantec Ghost Enterprise for large-scale deployments. The third is a strange combination of technologies called Remote Installation Service (RIS). Really, you'll use a combination of these methods while sticking with one as your primary deployment method.
Next up is SID creation tools. Each computer running Windows 2000 must have a unique security identifier (SID) and machine account. This distinguishes the computer on the network and identifies it to the server. If you deploy the same disk image to every computer, though, every computer will have the same SID and machine account—wreaking havoc. You must follow up the disk image with a SID change, which is what Symantec Ghostwalker and Microsoft Sysprep both do. Symantec Ghostwalker doesn't work well with Windows 2000, so you're left with using Sysprep to generate a new SID for the computer. Fortunately, Microsoft has worked out many of the kinks with Sysprep 1.1, a newer version.
Last is the choice of methods for deploying user settings. You can rely on the old trick of creating a default user profile on your disk images. The first time users log on to the computer, they get a copy of that default user profile. This method is a worst practice, though, since changing settings requires you to touch every single computer on the network—ouch. Other methods, in order of preference, include creating a default user profile on the network, deploying settings using tools such as the Office Profile Wizard, using REG files to change settings, or managing settings using System Policy Editor or Group Policy. The primary difference between the last option and everything else is that with everything else, you throw settings on to the network and hope they stick; with policies, you actually manage settings on your network.
In the next several articles, I'm going to tell you much more about each of these topics. I'm going to show you how to deploy Windows 2000 using answer files, disk imaging, and RIS. I'm going to show you how to use Sysprep with Windows 2000 and why you don't always want to use Ghostwalker. I'm also going to show you some of the better methods for deploying user settings. Read my next article to learn how to build and use answer files.