Home  >  Article  >  Operation and Maintenance  >  win2003 system network installation - based on linux+pxe+dhcp+tftp+samba+ris

win2003 system network installation - based on linux+pxe+dhcp+tftp+samba+ris

巴扎黑
巴扎黑Original
2017-06-23 11:34:251773browse

Original text published on: 2010-09-16

Reprinted to cuOn:2012-07-21

一. Introduction to the principle

PXE (preboot execute environment) works in the network mode of Client/Server, supporting the workstation through The network downloads the image from the remote server and thus supports the booting of the operating system from the network. During the startup process, the terminal is assigned an IP address by the DHCP server, and then uses TFTPtrivial file transfer protocol)etc. protocol downloads exist on the server(NFS,FTP,HTTP, SAMBAetc.)'s operating system kernel and file system wait until they are stored in the local memory and executed, thereby completing the terminal's basic software settings and thus booting the terminal operating system pre-installed in the server.

RIS(Remote Installation Services,Remote Installation Services) iswindows server optional services, using RIS allows administrators to easily deploy operating systems for clients.

two. Environment Description

server os

##CentOS 5.4 i386

server soft

##dhcp, tftp, samba , ris-linux

can be installed using

yum:

yum –y install dhcp*
yum –y install tftp*
yum –y install samba*

server ip##eth1: 192.168.0.1

clientHP 360G5

windows 2003 sp2 cn enterprise

# Three. Introduction to the installation and configuration process

1.

ConfigurationDHCP

more /etc/dhcpd.conf

ddns-update-style interim;
ignore client-updates;
allow booting;
allow bootp;

subnet 192.168.0.0 netmask 255.255.255.0 {
        option routers                  192.168.0.1;
        option subnet-mask              255.255.255.0;
        option domain-name-servers      192.168.0.1;
        option time-offset              -18000; # Eastern Standard Time
        range dynamic-bootp 192.168.0.10 192.168.1.254;
        default-lease-time 21600;
        max-lease-time 43200;

# Group the PXE bootable hosts
# PXE-server configuration direction
        next-server 192.168.0.1;    #指向nfs服务器
        filename "/pxelinux.0";     #/tftp根目录下的启动引导文件
}

Restart

dhcpService:

/etc/init.d/dhcpd restart

2.

ConfigurationTFTP

more /etc/xinetd.d/tftp

# default: off
# description: The tftp server serves files using the trivial file transfer \
#       protocol.  The tftp protocol is often used to boot diskless \
#       workstations, download configuration files to network-aware printers, \
#       and to start the installation process for some operating systems.

service tftp
{
        socket_type            = dgram
        protocol               = udp
        wait                   = yes
        user                   = root
        server                 = /usr/sbin/in.tftpd
        
        #-s指定tftp根目录, -m指定一个规则文件, -vv输出tftp的log到/var/log/message 
        server_args            = -u nobody -s /tftpboot -m /tftpboot/rules -vv

        #默认yes,关闭
        disable                = no        
        per_source             = 11
        cps                    = 100 2
        flags                  = IPv4
}

Restart

tftpService:

/etc/init.d/xinetd.restart

Check whether the

tftp service is started:

chkconfig –list | grep tftp

3. 建立TFTPrules文件

Linux下区分大小写,但windows不区分,为免混乱,将所有查找文件内容统一改成小写。

more  /tftpboot/rules

ri ^[a-z]: # Remove "drive letters"
rg \\ / # Convert backslashes to slashes
rg \# @ # Convert hash marks to @ signs
rg /../ /..no../ # Convert /../ to /..no../
rg A a
rg B b
rg C c
rg D d
rg E e
rg F f
rg G g
rg H h
rg I i
rg J j
rg K k
rg L l
rg M m
rg N n
rg O o
rg P p
rg Q q
rg R r
rg S s
rg T t
rg U u
rg V v
rg W w
rg X x
rg Y y
rg Z z
r ^/(.*) \1

4. 配置SAMBA

windowsris安装是通过windows共享文件的方式进行文件传输,在linux下可以通过samba实现与windows进行文件共享,进而实现ris安装windows

编辑samba配置文件:/etc/samba/smb.conf

#全局配置
[global]
       null passwords = true
       workgroup = WORKGROUP
       server string = Samba Server Version %v
       security = share
       dns proxy = no
       load printers = no
       disable spoolss = yes
       debug level = 2
       log file = /var/log/samba/%m.log
       max log size = 0

#共享配置
[wininstall]
comment = Windows 2003 Install
        path = /tftpboot
        browsable = true
        read only = no
        writeable = yes
        guest ok = yes

重启samba服务:

/etc/init.d/smb restart

5. 配置启动需要的文件

上传windows2003的镜像或者文件到服务器。这里使用上传镜像然后挂载。

mount /root/win2003cn.iso /mnt –o loop
mkdir /tftpboot/win2k3
cd /mnt
cp –a * /tftpboot/win2k3

 

下面需要解压一些iso中的文件,可以使用cabextract

下载页:

可以根据版本下载。

wget 
rpm –ivh cabextract-1.3-1.i386.rpm

 

配置windows ris 启动文件:

cd /tftpboot
cabextract win2k3/i386/startrom.n1_
#解压
sed -i -e 's/NTLDR/W2K3L/gi' startrom.n12
#直接替换startrom.n12文件中” NTLDR”为” W2K3L”
#W2K3L: windows 2003 Setup Loader
mv startrom.n12 /tftpboot/w2k3.0
#w2k3.0: windows 2003 pxe loader
cabextract win2k3/i386/setupldr.ex_
sed -i -e 's/winnt\.sif/wi2k3\.sif/gi' setupldr.exe
sed -i -e 's/ntdetect\.com/ntdetect\.2k3/gi' setupldr.exe
mv setupldr.exe /tftpboot/w2k3l
cp win2k3/i386/ntdetect.com /tftpboot/ntdetect.2k3
#ntdetect.2k3: windows 2003 ntdetect.com

 

配置pxe启动镜像:

cp /usr/lib/syslinux/pxelinux.0 /tftpboot
# pxelinux.0依赖于syslinux,没有安装使用yum:yum –y install syslinux*
# pxelinux.0是PXE启动引导文件

 

配置pxe启动加载文件:

pxelinux.0启动中,读取同目录先pxelinux.cfg文件夹下的配置文件以确定它应该怎么加载启动文件。

mkdir /tftpboot/pxelinux.cfg

vim /tftpboot/pxelinux.cfg/default
     default win2k3
     label win2k3
     kernel w2k3.0       #与ris启动文件匹配

 

建立安装应答文件:

这个文件很强大,提供的参数不是对系统很了解的人并不一定全知道,我们只需要知道对我们有用的参数。当然,没事的时候也可以慢慢研究。J

vim /tftpboot/wi2k3.sif

[data]
AutoPartition = "0"
#关闭自动分区,2003还不能完全自动分区,这点需要手工操作。如果一定要跳过这一步,需要和后面的参数配合,并且2003提供的只有将全盘划成根盘(c:\)
floppyless = "1"
msdosinitiated = "1"
UnattendedInstall = "Yes"
OriSrc = \\192.168.0.1\wininstall\win2k3\i386
#注意samba和win安装文件路径
OriTyp = "4"
LocalSourceOnCD = "1"
DisableAdminAccountOnDomainJoin = "1"
 
[SetupData]
OsLoadOptions = "/fastdetect"
SetupSourceDevice = "\Device\LanmanRedirector\192.168.0.1\wininstall\win2k3"
 
[Unattended]
UnattendMode = "FullUnattended"
#使用unattended文件
FileSystem = "LeaveAlone"
NtUpgrade = "No"
OverwriteOemFilesOnUpgrade = "No"
DriverSigningPolicy = "Ignore"
UpdateInstalledDrivers = "Yes"
ConfirmHardware = "No"
ExtendOEMPartition = "0"
TargetPath = "\WINDOWS"
UnattendSwitch = "Yes"
WaitForReboot = "No"
CrashDumpSetting = "0"
OemSkipEula = "Yes"
OEMSkipWelcome = "1"
InstallFilesPath = "\\192.168.0.1\wininstall\win2k3\i386"
LegacyNIC = "1"OemPreInstall = "Yes"    #加载OEM中的驱动
 [UserData]
ProductKey = "M4VQK-HVTD9-42RQX-2DJP2-23KVM"
FullName = "admin"
OrgName = "SDO"
ComputerName = C1ZJ
 
[GuiUnattended]
AdminPassword = WD#sd7258
EncryptedAdminPassword = "No"
OEMSkipRegional = "1"
TimeZone = "220"
OemSkipWelcome = "1"

[LicenseFilePrintData]
AutoMode=PerServer
AutoUsers=5
 
[Identification]
JoinWorkgroup = WORKGROUP
 
#这里和分区有关
[RemoteInstall]
Repartition = "NO"
UseWholeDisk = "No"
 
[Networking]
InstallDefaultComponents = "Yes"

 

#以下的默认文件中没有,和服务器raid卡驱动有关:

[MassStorageDrivers]
"Windows Driver for Smart Array SAS/SATA Controllers" = OEM
 
[OEMBootFiles]
cp011324.xml
cpqsetup.exe
generic.dll
hpcisss2.cat
hpcisss2.sys
hpcissx2.inf
install.xml
txtsetup.oem

#以下是系统安装完毕后第一次启动执行的批处理文件
[GuiRunOnce]
%systemdrive%\preinstall\runonce.cmd

6. 驱动加载相关

因为是服务器的安装,所以需要提前加载一些驱动,自动安装的麻烦就在此。

 

pxe安装需要加载网卡驱动(引导和文件传输是两个阶段,传输文件阶段开始时要先把网卡驱动加载起来的)

查到服务器使用的Broadcom NetXtreme II网卡,而Broadcom提供在ris下的驱动:

wget 
mkdir /tftpboot/nicdrive
unzip win_2k3_RIS-5.0.0.zip -d /tftpboot/nicdrive

 

驱动网卡,需要有一个binl serverbinl读取所有新的与网络接口卡相关的.inf文件,并在映像中创建.pnf文件。

 binl server下载:

wget 
tar –zxvf ris-linux-0.4.tar.gz
cd ris-linux-0.4
./infparser.py /tftpboot/nicdrive/Server/W2K3_W2K8/RIS/./binlsrv.py -d     #-d 后台运行,不能停止此程序cp /tftpboot/nicdrive/Server/W2K3_W2K8/RIS/b06nd51x.sys /tftpboot/win2k3/i386

 

这里是Broadcom提供有专门的ris网卡驱动,如果没有,可以将windows需要的网卡驱动(不限于网卡).inf文件放在/tftpboot/inf文件夹下,执行:

./infparser.py /tftpboot/inf
./binlsrv.py

 

然后是加载raid卡驱动(其他驱动也适用,关键是能否找到相关文件)。

光盘安装windows在开始时蓝色屏幕上有一个按F6的提示,提示是通过软盘加载磁盘驱动,这类驱动是windows系统中的驱动,可以下载好windows驱动,解压好驱动放在一个指定的目录,再通过应答文件,一般可以加载上这类驱动。这类驱动加载完毕后不必在系统中再安装。加载这类驱动有注意点:文件要有正确的oem数字签名(一般提供驱动的厂商都带数字签名),乱改动这类文件,同时不在配置文件中写明去掉数字签名认证,是不能加载的。

 

下载HPraid卡驱动(已经查明型号:Smart Array E200i, 一般一个驱动支持多种类型的raid):

wget 
mkdir /tftpboot/win2k3/i386/$oem$/textmode
unzip cp011324.exe -d /tftpboot/win2k3/i386/$oem$/textmode

 

在自动应答文件wi2k3.sif末尾添加:

[MassStorageDrivers]
"Windows Driver for Smart Array SAS/SATA Controllers" = OEM
#”Windows Driver for Smart Array SAS/SATA Controllers”可以查看textmode文件夹下的txtsetup.oem文件,名字保持一致

[OEMBootFiles]
cp011324.xml
cpqsetup.exe
generic.dll
hpcisss2.cat
hpcisss2.sys
hpcissx2.inf
install.xml
txtsetup.oem
#textmode下的所有文件名字,一般自动安装的驱动文件.inf, .cat, .sys

#新增参数,修改[Unattended]字段
OemPreInstall = "Yes"

7. 补丁,前期包,其他驱动的加载

完成以上操作就已经可以安装系统了,但是系统安装完成后需要做一些前期操作,像打补丁,打安全包,或者一些驱动(芯片组,网卡,显卡等在上面没有加载到系统中的一些驱动)

这些优化的问题可以利用批处理文件解决。这些批处理文件最好是在windows下编辑好再上传到服务器,否则会出现格式问题导致文件不能执行。

 

首先需要在$oem$目录下建立cmdlines.txt文件,这个文件会在系统安装过程的注册组件时间段(即还剩13分钟左右时)调用:

vim /tftpboot/win2k3/$oem$/cmdlines.txt

#文件的内容以" [COMMANDS]"为起头;使用引号“”来标记下面需要执行的每条命令。 注意路径问题,install.cmd的路径为cmdlines.txt的同级目录;
#这里还可以添加注册表。
[COMMANDS]
"install.cmd"

以下是此时使用的install.cmd

@ echo off
title Windows Install Prepackage, Hotfix and Drives
@ color 0a

@echo 安装WINDOWS_2003_SP2补丁, 大约需要20分钟... 2>>%HOMEDRIVE%/errlog.txt
@ cd hotfix 2>>%HOMEDRIVE%/errlog.txt
WindowsServer2003-KB914961-SP2-x86-CHS.exe /quiet /norestart
WindowsUpdateAgent30-x86.exe /quiet /norestart
WindowsServer2003-KB925902-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB930178-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB931784-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB932168-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB935839-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB935840-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB933729-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB943460-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB921503-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB938829-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB941644-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB943485-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB942830-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB942831-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB943055-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB946026-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB941693-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB944338-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB945553-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB948590-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB951748-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB950974-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB952954-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB938464-x86-CHS.exe /quiet /norestart
windowsserver2003-kb953155-x86-chs.exe /quiet /norestart
windowsserver2003-kb954211-x86-chs.exe /quiet /norestart
windowsserver2003-kb956803-x86-chs.exe /quiet /norestart
windowsserver2003-kb956841-x86-chs.exe /quiet /norestart
windowsserver2003-kb957095-x86-chs.exe /quiet /norestart
WindowsServer2003-KB958644-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB957097-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB956802-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB958687-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB958690-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB960225-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB952004-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB956572-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB960803-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB961501-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB968537-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB970238-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB958469-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB971032-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB971657-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB967723-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB953298-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB958869-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB971486-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB975467-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB969947-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB974392-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB972270-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB971468-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB975713-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB977165-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB978251-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB979683-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB980232-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB979559-x86-CHS.exe /quiet /norestart
WindowsServer2003-KB980218-x86-CHS.exe /quiet /norestart

if %errorlevel% EQU 0 (
@ echo 补丁安装成功, 继续安装prepackge... 2>>%HOMEDRIVE%/errlog.txt
@ cd ..
@ goto prepackge 2>>%HOMEDRIVE%/errlog.txt
) else (
@ echo 补丁安装失败, 继续安装prepackge... 2>>%HOMEDRIVE%/errlog.txt
@ cd ..
@ goto prepackge 2>>%HOMEDRIVE%/errlog.txt
)

:prepackge

@ echo 安装Prepackage中... 2>>%HOMEDRIVE%/errlog.txt
@ cd windows_2010628 2>>%HOMEDRIVE%/errlog.txt
install.bat /qn 2>>%HOMEDRIVE%/errlog.txt
if %errorlevel% EQU 0 (
@ echo Prepackage安装成功 2>>%HOMEDRIVE%/errlog.txt
@ cd ..
@ goto end 2>>%HOMEDRIVE%/errlog.txt
) else (
@ echo Prepackage安装失败 2>>%HOMEDRIVE%/errlog.txt
@ cd ..
@ goto end 2>>%HOMEDRIVE%/errlog.txt
)

:end

批处理文件中的hotfix(出重要的补丁时可以下载放到这,但别忘记了修改批处理文件)windows_20100628(安全部门制作的安全包解压所得)文件夹和install.cmd位于同级目录,这里就是在/tftpboot/win2k3/$oem$/下。

其中在组件注册时不能执行的的命令或者程序(包括有交互而不适合执行的程序),可以通过在自动应答文件wi2k3.sif中添加[GuiRunOnce]字段,在第一次登录系统时执行脚本来完成一些短时间能够完成的操作。

/tftpboot/win2k3/$oem$/下建立文件夹$1,这个文件夹下的所有文件()会在安装过程中复制到兄根目录,即C盘。

mkdir /tftpboot/win2k3/$oem$/$1
cd mkdir /tftpboot/win2k3/$oem$/$1
mkdir preinstall

windows平台编辑一个批处理文件runonce.cmd,上传到preinstall文件夹下:

@ echo off
title Windows GuiRunOnce Install Drives
@ color 0a

echo starting drive
echo.
@ cd\
@ cd preinstall
@ cd hp
call bp000588.cmd

echo.
echo starting pcanywhere
@ cd\
@ cd preinstall
@ cd pcanywhere_10.5.1cn
start /wait SymantecpcAnywhere.msi 

echo.
shutdown -r -t 0
exit

这里我将HP的所有驱动放到hp文件夹下(因为我也分不清楚哪些需要,哪些不需要,就只有全部上传了,L)pcanywhere安装文件放到pcanywhere_10.5.1cn文件夹下。所有这些文件夹统一放到preinstall文件夹下(有需要还可以增加,修改runonce.cmd即可)

最后在自动应答文件wi2k3.sif中添加:

#注意路径
[GuiRunOnce]
%systemdrive%\preinstall\runonce.cmd

8. 进阶

上面只是提到32为系统,对于64位系统,我们可以在/tftpboot下建立win2k3_64文件夹,将iso下的文件拷到此文件夹下。

cabextract win2k3_64/i386/startrom.n1_
#解压
sed -i -e 's/NTLDR/W2K3L_64/gi' startrom.n12
#直接替换startrom.n12文件中" NTLDR"为" W2K3L_64"
#W2K3L_64: windows 2003 64bit Setup Loader
mv startrom.n12 /tftpboot/w2k3_64.0
# w2k3_64.0: windows 2003 bit pxe loader
cabextract win2k3_64/i386/setupldr.ex_
sed -i -e 's/winnt\.sif/wi2k3_64\.sif/gi' setupldr.exe
sed -i -e 's/ntdetect\.com/ntdetect\.2k3_64/gi' setupldr.exe
mv setupldr.exe /tftpboot/w2k3l_64
cp win2k3_64/i386/ntdetect.com /tftpboot/ntdetect.2k3_64
# ntdetect.2k3_64: windows 2003 bit ntdetect.com

samba服务器需要建立针对64位系统的共享目录,如[win64install];同时建立自动应答文件/tftpboot/wi2k3_64.sif 这两者当中的路径问题请一定要注意一一对应

pxe加载/tftpboot/pxelinux.cfg/default文件,需要有系统选择时,可以修改文件:

vim /tftpboot/pxelinux.cfg/default

default win2k3
timeout 30
label win2k3
kernel w2k3.0
label win2k3_64
kernel w2k3_64.0

In fact, whether it is a 32 or 64 system, the startup files are the same. These do not need to be modified, but the path for the client to download the file from the server must distinguish between the 32 bits and the 64 bits.

Startup sequence: pxelinux.0> default> pxe loader(w2k3.0, startrom.n12)>setup loader(w2k3l, setupldr.exe) > ntdetect.com(ntdetect.2k3) and winnt.sif(wi2k3.sif)

9. Summary

Regarding the problem of driver loading, if we refer to a server that has installed the windows2003 system Hardware drivers(The important thing is the chipset, network card, graphics card, etc.)It can be seen that these drivers are mainly composed of.sys, .dll, .inf(Driver information file), .cat(Driver signature file) and other files. If you can collect these files and put them into the system installation files, you won't have to worry about installing the driver afterwards. But I haven’t figured out this process yet, and there is still a lot of room for improvement.

Use this system to install the windows2003 system, plus patch (approximately More than 20 minutes), which is around 40 minutes. I have seen the security package produced by the security department. The system should be automatically patched after it is officially launched. If possible, the patching step can be eliminated. In this way, it takes about 20 to install a windows2003 system using this system. Batch installation can better reflect the effect.

The above is the detailed content of win2003 system network installation - based on linux+pxe+dhcp+tftp+samba+ris. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn