+ Reply to Thread
Results 1 to 25 of 25
  1. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #1

    Default Allow logins for pre-2000 machines

    Does anyone know how to allow logins for pre-2000 os's on a Windows 2003 domain controller. I am trying to use this machine as a ghost server and when booting from another machine via a ghost boot disk I can't get me credentials to go through.

    I think it is because of access from DOS.
    Reply With Quote Quote  

  2. SS -->
  3. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #2
    What version of NTLM are you using on your network and/or the computer you are trying to access? Check in your local security policy under Local Policies\Security Options > Network security: LAN Manager authentication level.

    In order to access via a DOS bootdisk, you have to use "Send LM and NTLM responses".
    Reply With Quote Quote  

  4. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #3
    I set this under default domain controller sec policy as this is a DC but its still not working. How do I check the ntlm version. I think it is using ntlmv2.

    This is just a test scenario but am trying to get ghosting accross a network working.
    Reply With Quote Quote  

  5. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #4
    Actually changing the ntlm auth level worked, I think I just had to reboot a few times.


    Thanks!
    Reply With Quote Quote  

  6. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #5
    Glad to help. Keep in mind that lowering the NTLM version is a bad security practice on a live environment, so you may want to keep the ghosting procedure isolated on a segregated network.

    BTW - funny sig.
    Reply With Quote Quote  

  7. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #6
    Is another way to use ghost that I am missing? How can I get around this? Just setup ghost on a member server and alter that local policy?
    Reply With Quote Quote  

  8. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #7
    Quote Originally Posted by dmw
    Is another way to use ghost that I am missing? How can I get around this? Just setup ghost on a member server and alter that local policy?
    The local policy will be overridden by the domain policy unless you move the Ghost machine to a workgroup, then you won't be able to use a domain login anyway.

    I use the Corporate version of Ghost which allows me to start a Ghost Cast session from the server to which the clients can then connect.
    Reply With Quote Quote  

  9. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #8
    How do you boot the clients? I want to be able to image machines up and also copy images down to deploy new machines. Do you use ghost suite to manage your images as well or another app?
    Reply With Quote Quote  

  10. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #9
    I use Symantec Ghost Corporate edition 8.2, which is the last version they made before switching to Solution Suite. The two are very similar, and as far as imaging goes they are identical.

    I boot with a network boot disk (based on the network card of the client) and then run ghost.exe to connect to the ghost session running on the server.
    Reply With Quote Quote  

  11. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #10
    Great I will have to investigate the Ghostcast server. I just moved into a new position and am trying to get this setup to help in getting machines deployed. I had used it at a prior position but only to actually boot the computer and put the image on it. I had not involvement in the setup.
    Reply With Quote Quote  

  12. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #11
    OK well I ran a quick test and was able to get a laptop connected and ghosting to the server using ghostcast. I had to used the IP address but I am sure that is some config I need to work out.

    Before I go any further let me explain what I want to do. I want to get a base image configured how it needs to be and then copy that image up to the ghost server. Then I want to be able to ghost new machines as they come in with this image, after they have been imaged it should allow me to set the computer name and add to the domain. Is this similar to what you use it for?
    Reply With Quote Quote  

  13. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #12
    Quote Originally Posted by dmw
    I had to used the IP address but I am sure that is some config I need to work out.
    Just make sure your DNS and WINS are set up correctly, but even at that having to enter the IP Address of the ghost server is no biggie.

    Quote Originally Posted by dmw
    I want to get a base image configured how it needs to be and then copy that image up to the ghost server. Then I want to be able to ghost new machines as they come in with this image, after they have been imaged it should allow me to set the computer name and add to the domain. Is this similar to what you use it for?
    Yes, exactly.


    A couple of things I would recommend:

    The imaged machine (master) should be in a workgroup. Join the domain after the image is completed.

    Second, make sure to be familiar with sysprep or all your computers will wind up with the same sid. Sysprep works best if you have an enterprise license for your windows machines, so you can add the product id to your sysprep.ini file, otherwise you will be prompted to enter it and activate windows during the first bootup after imaging.
    Reply With Quote Quote  

  14. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #13
    Sysprep is next on my list. I might have to setup so that I will need to enter the code and activate but that is not so bad.

    Appreciate the help!
    Reply With Quote Quote  

  15. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #14
    My pleasure. Good luck and let us know how it goes.
    Reply With Quote Quote  

  16. Coffee anyone? rossonieri#1's Avatar
    Join Date
    Jun 2003
    Posts
    800

    Certifications
    a few...
    #15
    Quote Originally Posted by dmw
    I set this under default domain controller sec policy as this is a DC but its still not working. How do I check the ntlm version. I think it is using ntlmv2.

    This is just a test scenario but am trying to get ghosting accross a network working.
    i think - you have set the policies in the wrong place (Default DC Sec Pol) - you should place it under Default Domain Sec Pol.
    you check the NTLM version by using GPO first, create it and link it to your Default Domain Sec Pol - from there you should search your NTLM responds.

    cheers...
    Reply With Quote Quote  

  17. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #16
    sprkymrk

    How does the licensing work for your version Do you have a separate license for each machine you image?


    [/quote]
    Reply With Quote Quote  

  18. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #17
    Quote Originally Posted by dmw
    How does the licensing work for your version Do you have a separate license for each machine you image?
    Not really, the licensing is based on how many clients are known to the console. Mine is registered/licensed for up to 425 clients. If I just want to image computers but not install the Ghost Client I don't have a set limit. However, the Ghost Console is where the power is at. You can image a machine on the fly w/o a boot disk or anyone at the client machine, you can do user moves, deploy auto install packages, run inventory (software and hardware), execute remote commands, etc.
    Reply With Quote Quote  

  19. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #18
    So if I want to create a task that deploys animage to a machine while it is on I need to install ghost on that machine and will need a license but if I have an image created for my laptops I can just boot the laptop connect to the ghostcast server and image it.

    Thanks
    Reply With Quote Quote  

  20. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #19
    Quote Originally Posted by dmw
    So if I want to create a task that deploys animage to a machine while it is on I need to install ghost on that machine and will need a license but if I have an image created for my laptops I can just boot the laptop connect to the ghostcast server and image it.

    Thanks
    That's pretty close to correct. I would contact Symantec before purchasing though, just to be sure.
    Reply With Quote Quote  

  21. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #20
    So I imaged to the network and then to test a put a brand new hard drive in my laptop and restored the image, it appeared to restore ok. When I boot the laptop it shows the bios screen and then just goes black with a blinking cursor in the top right hand corner.

    Thougts
    Reply With Quote Quote  

  22. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #21
    Can you provide some more details? Any command line switches? Run sysprep? Did you restore to the same size drive, smaller or bigger? Multiple partitions? Basic or dynamic disk? Any other details?
    Reply With Quote Quote  

  23. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #22
    No command line switches. Did not run sysprep as this was a machine that was already in use and I just wanted to see if I could image the drive and the copy that image to a blank drive.

    Basic disk with one 32GB ntfs partition and a fat32 service partition 5GB.

    The blank hard drive I restored to is a 60 GB drive.
    Reply With Quote Quote  

  24. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #23
    Quote Originally Posted by dmw
    No command line switches. Did not run sysprep as this was a machine that was already in use and I just wanted to see if I could image the drive and the copy that image to a blank drive.

    Basic disk with one 32GB ntfs partition and a fat32 service partition 5GB.

    The blank hard drive I restored to is a 60 GB drive.
    Based on that it should have worked. Can you try to restore it again and see what happens? Is there a ghosterr.log file?
    Reply With Quote Quote  

  25. dmw
    dmw is offline
    Member
    Join Date
    Aug 2005
    Location
    MA
    Posts
    81

    Certifications
    A+, Network +, MCP, MCSA, CCENT
    #24
    Not sure why the ghosting wasn't working but after trying a second time it worked. I have been working on this since my last post and pretty much have it going. Just putting the finishing touches on the image. Out of curiosity how big are your images for laptops usually? also do you have a "to do" list before imaging and/or running sysprep.

    Thanks
    Reply With Quote Quote  

  26. mikej412's caddy sprkymrk's Avatar
    Join Date
    Feb 2006
    Location
    Charleston, SC
    Posts
    4,976

    Certifications
    MCP (NT4 Server), MCSA 2000, MCSA 2003, CCNA, Security+, Network+
    #25
    My images range from about 3-5GB I think.

    My check list is pretty simple:
    • Run disk cleanup.
      Delete any profiles that may have been added if you logged in as anyone other than the admin for some reason.
      Delete all System Restore backups.
      Clear all event logs.
      Clear the run, start, and recent files menus.
      Make sure you open Adobe and Office and other programs at least once, as many will prompt you to accept the EULA.
    Maybe some other stuff I am forgetting, but I am away on travel and don't have the list in front of me, but that's the basics anyway.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks