C3 Security Consulting LLC
Confidentiality
Integrety
Availability		 company banner
HomeSecurityServicesVistaInformationCompany
  
floating layer default test box
Windows Vista
Overview
I.Unattended Install
II.Custom Vista Image
III.Deploying with
BDD Workbench
Creating Unattended
Application Installations
On this page:
Setting up Deployment Workbench
Creating a build configuration
Building a Lite Touch boot disk
Building a workstation with Lite Touch
Related Links
FreeS/WAN
FreeS/WAN is the popular IPsec package for Linux. Only available with 3DES encryption.
Wireless LAN resources for Linux
Zone Alarm Internet Security Suite.
OpenSSH
OpenSSH, an Open Source implementation of the SSH protocol. A favorite for Unix users.
Newbie?
Whether brand new or looking for expansion, LinuxFromScratch is a great resource.
File encryption
Free open-source disk encryption software for Windows XP/2000/2003 and Linux.

Deploying Vista

Print view

III.Deploying Vista Via BDD 2007 Deployment Workbench

Business Desktop Deployment (BDD) 2007 is a suite of applications and processes, created by Microsoft, for deploying Vista and other Microsoft applications. BDD 2007 encompasses all the necessary stages of the deployment process from a business perspective, including team guides and comprehensive project plans. It is not the intention of this guide to examine in depth all the aspects of BDD 2007, but to give an overview (a how-to) of the practical application of the BDD 2007 tools and utilities.

The previous section covered the creation of an image file containing all necessary configurations and applications. If the environment is uniform this process works well. If, however, a higher degree of flexibility is required for the final workstation configurations BDD 2007 provides the Deployment Workbench.

The Deployment Workbench is a MMC snap-in to manage source files, distribution shares, and application installation parameters. At a high level, the stages are; add the operating system source files; add application source files; add additional out-of-the-box drivers; create a build configuration; create a distribution/deployment point. The Deployment Workbench will also create custom PE based boot disks, and organize workstation configurations on a group or individual basis.

This scenario will cover the creation of an initial deployment infrastructure, within a virtual environment (VM Ware). It will also include the addition of MS Office 2007 and VM Ware Tools applications. The infrastructure will be used to deploy a workstation with Vista, Office 2007, and VM Ware tools. The workstation will be joined to a domain "Vista".

Foundation

If, after you have tested these processes for yourself, you would either like to know more, or help and advice with a project, look at our Deployment page for more information. Alternatively, call C3SC at +1 866 799 2969.

Download and install VM Ware Workstation on a machine with at least 2 GB of RAM and 80 GB of available disk space, running Windows XP or 2000.

Build an initial virtual workstation (VM1) using Windows XP (SP2), Vista, or Windows 2003 Server (SP1). VM1 will need 512 MB of RAM, 30 GB of disk space, with CD-ROM and floppy devices attached. Install VM Ware Tools.

Create a second virtual hard disk (20GB) and attach it to VM1. This will be e:\ and will store everything related to the Deployment Workbench process.

Download and install the Windows Advanced Installation Kit on VM1.

Download and install the BDD 2007 Deployment Workbench on VM1 with the default values.

Setting Up Deployment Workbench

  1. Navigate to the programs menu Deployment Workbench and start the application
  2. On the left of the screen, select Information Center > Components.
  3. Ensure MSXML 6.0 and Windows Automated Installation Kit appears under the Installed section. If they are not listed there, click on the needed component from the list and click on the Download button, next to the Details field.
  4. Create a deployment point:
    1. On the left screen, click Deploy, and right click Deployment Point and select New. This action will start the Deployment Wizard. There are several options but for the sake of this description use Lab or single-server deployment.
    2. Name the deployment point LabDeployment, and leave the Allow users to select additional applications on upgrade box checked.
    3. Un-check the Ask if an image should be captured box.
    4. Leave the Ask user to set the local Administrator password box un-checked.
    5. Leave the Ask user for a product key unchecked.
    6. Specify the server name as VM1.
    7. Type the share name: Distribution$
    8. Set the path for the share as E:\Distribution
    9. Select Do not save data and settings. The migration of user data and application settings will be covered in a later section.
    10. Click Create.
  5. Add application: Office 2007
    1. On the left screen, under Distribution Share, right click Applications and select New. This action will start the New Application Wizard.
    2. Leave Application with source file checked.
    3. Enter as many details as possible for the application. Using MS Office 2007 as the example;
      Publisher: Microsoft
      Application Name: Office
      Version: 2007
      Language: US English
      Platform:; x86 platform only
    4. Insert the source media. Alternatively, if there is a network share, with a customized installation template, list that as the source. (To learn more about creating custom installations of MS Office for your environment go to Customizing Office 2007 Installations).
    5. Leave the directory name as Microsoft Office 2007.
    6. Enter the installation command line:
      setup.exe /adminfile MyOffice07.msp

      (where MyOffice07.msp is the customized installation template)

    7. Click OK to save the configuration.
  6. Add application: VM Ware Tools
    1. Mount the Windows.iso file as a CD ROM for VM1.
    2. Go to CD ROM and expand the source files to a temporary directory:
    Setup /a

      and follow the prompts.

      Note: it is possible that not all the files needed are extracted to the necessary directories. There should be (along with the MSI file) two sub-directories; Program Files and System32. Copy these directories from the original installation CD (Windows.iso), and over write the directories extracted by the setup program.

    1. Repeat steps a) through h) with appropriate settings for VM Ware Tools.
    2. To install VM Ware Tools in an unattended mode, use the temporary directory as the source media. When the files have been copied to the deployment share point the temporary directory can be deleted.
    3. Enter a directory name for VM Ware Tools.
    4. Use the command line:
    msiexec.exe /i "vmware tools.msi" /qn ADDLOCAL=ALL REBOOT="ReallySuppress" /log %tmp%vmtools.log
    1. Click OK to save the configuration.
  7. Add the Vista operating system files.
    1. On the left screen, under Distribution Share, right click on Operating Systems and select New. This action will start the New OS Wizard.
    2. Select Full set of source files.
    3. Insert the Vista CD and type the source directory d:\
    4. Leave the default destination directory name.
    5. Click Copy.
  8. At this point additional operating system packages would be added, such as hotfixes, service packs and language pack. However, just the base operating systems will be installed in this example.
  9. Add addition out-of-the-box drivers.
    1. On the left screen, under Distribution Share, right click on Out-of-Box Drivers and select New. This action will start the New Driver Wizard.
    2. Navigate to "C:\Program Files\VMware\VMware Tools\Drivers\vmxnet" and select vmware-nic.inf. Repeat for vmxnet.inf and ..\video\vmx_svga.inf

Adding a Workstation Build Configuration

  1. In Deployment Workbench, in the left screen, right click on Builds and select New.
  2. Enter the following settings:
Build ID: Vista-Office-1
Build name: Vista and Office 2007 base build.
Build comments: Install Vista OS, VM Ware Tools, and Office 2007 on a new machine.
  1. Select the operating system to use. The list should contain the operating system loaded in step 7) of the previous section.
  2. For testing purposes select Do not specify a product key at this time.
  3. Add Full Name, Organization, and Home Page settings appropriate to the environment.
  4. Specify the Administrator password: P@55w0rd.
  5. Hit Create.

Creating a Lite Touch PE Boot Disk

  1. On the left screen, click Deploy, and Deployment Point.
  2. The deployment point created during stage 4) of the previous section will be listed on the center screen.
  3. Right click on the deployment point and select Properties.
  4. Click on the Windows PE tab.
  5. Check the box Generate a Lite Touch bootable RAM ISO image, and clear the other three check boxes in the Images to Generate section of the screen.
  6. Ensure all the check boxes are checked for the Driver Injection section and click OK.
  7. Right click on the deployment point again and select Update. Deployment Workbench will build the ISO file.

Building a workstation with the Lite Touch bootable ISO

  1. Transfer the ISO image file, E:\Distribution\Boot\LiteTouchPE_x86.iso, to the host operating system. (e.g. drag the file from the virtual machine and drop it on the host machine desktop).
  2. Create a new virtual workstation within VM Ware, named VM2, with 512MB of RAM and 20GB of disk space.
  3. If an ISO mount utility is available to emulate a CD ROM drive, mount the ISO file as a drive letter. Configure the new virtual machine, VM2, to use the new host operating system "physical" CD ROM drive. Alternatively, configure the new virtual machine, VM2, to use the ISO file directly. (The first method is preferable. Using the ISO file directly with VM Ware and Vista has, occasionally, caused unpredictable results).
  4. Boot the new virtual workstation, VM2.
  5. The Windows Deployment wizard will start.
  6. Select the keyboard layout, e.g. United States.
  7. Change the computer name to VM2.
  8. Select Join a Domain and fill in the credentials fields (e.g. vista, joiner, l3TME1N, vista).
  9. Select Do not restore user data and settings.
  10. Select the operating system image created in section 8) of Setting Up Deployment Workbench.
  11. Enter credentials for connecting to network shares (e.g. administrator, P@55w0rd, vista).
  12. Use the default No product key is required.
  13. Select Location and Keyboard from the lists (e.g. US English).
  14. Select a time zone (e.g. Eastern Standard Time).
  15. Check the check boxes of available applications for Microsoft Office 2007 and VM Ware VM Tools 5.5.
  16. Choose a local (VM2) administrator password (e.g. P@55w0rd).
  17. Click Begin.
  18. When the build is complete, restart the computer and validate the applications and settings.
▲Top of page
Did you know?
Live CD
If you want to test a new/different version of Linux, there are many "live CD" distributions that allow you to boot into the operating system without needing to install it on the hard drive.
Folder views.
If you want all your files and folders to be listed the same way in Explorer, display the format you want in the right pane, e.g. details view, sorted by file type. Then Tools>Folder Options and the Views tab. Hit the Apply to All Folders button and the next time you traverse to a folder it will be in your "standard " display format.
Only and estimated 25% of companies report computer intrusions to law enforcement.
They site bad publicity and loss of credibility as major concerns.
Set up a firewall. Even if you just use dial-up or DSL you are fully exposed to the internet.
This is your primary defense and protects against outside attacks by screening and blocking all traffic between your network and the Internet that is not allowed. The firewall also hides computer addresses. Firewall hardware connects between the cable/ DSL modem and your computers. Windows operating systems have great built-in firewalls.
An average of $1,300 is spent per employee in companies of $10m revenue or less.
This is 10 times greater than companies with revenue of $100m - $1bn. Unable to realize the economies of scale, smaller companies spend disproportionately higher amounts on security - learn how to leverage lessons learnt by larger companies.
Trademarks© Copyright (2006) C3 Security Consulting LLC, Washington DC. (+1 866 799 2969) - Hosted by Webmasters.com