Remote Management Component of AIS/W2K Pilot Project by ka23jTy

VIEWS: 4 PAGES: 125

									Anytime Anywhere Component of AIS/W2k Pilot Project
      Technical Overview and Lessons Learned




                        Doug Edmonds
           Windows Administrative Servers – Virginia Tech
                             2/18/02
                                  Table of Contents
Anytime Anywhere Component of AIS/W2k Pilot Project_____________________ 1
Technical Overview and Lessons Learned __________________________________ 1
2/18/02 _______________________________________________________________ 1
Table of Contents ______________________________________________________ 2
Table of Figures________________________________________________________ 4
Introduction ___________________________________________________________ 6
System and Disaster Recovery ____________________________________________ 7
  Universal Disk Image ________________________________________________________ 8
    Purpose ________________________________________________________________________ 8
    UDI Creation Procedure ___________________________________________________________ 8
      Partitions _____________________________________________________________________ 8
      DOS Installation ______________________________________________________________ 10
         Installing DOS to the C: Drive _________________________________________________ 10
         Modification of Win98 Startup Disk files ________________________________________ 10
         Other files on C Drive _______________________________________________________ 10
      Windows 2000 Installation Procedure _____________________________________________ 12
      SYSPREP ____________________________________________________________________ 13
      Creating the Images ___________________________________________________________ 15
         After running SYSPREP _____________________________________________________ 15
         Creating the FS full disk image ________________________________________________ 15
         Loading the FS and UDI images _______________________________________________ 16
         Instructions for loading images ________________________________________________ 16
      Conflict Resolution ____________________________________________________________ 17
  LAZARUS________________________________________________________________ 19
    Purpose _______________________________________________________________________ 19
  SNAPSHOT ______________________________________________________________ 21
    Purpose _______________________________________________________________________ 21
  REMOUNTER ____________________________________________________________ 27
    Purpose _______________________________________________________________________ 27
User Data Storage and Accessibility ______________________________________ 29
  Roaming Profiles and Folder Redirection _____________________________________ 30
    Purpose _______________________________________________________________________ 30
    Roaming Profiles________________________________________________________________ 30
    Folder Redirection ______________________________________________________________ 30
    Folder Synchronization __________________________________________________________ 31
    Anytime Anywhere Procedures _____________________________________________________ 32
      Disk Quota __________________________________________________________________ 32
      Group Policy Object ___________________________________________________________ 32
      Roaming Profiles and Folder Redirection __________________________________________ 33
    Security Concerns _______________________________________________________________ 34
    Conflict Resolution ______________________________________________________________ 35
      Winzip 8.0 ___________________________________________________________________ 35
      Microsoft Office XP____________________________________________________________ 35
      MS Access ___________________________________________________________________ 35
  POPULUS ________________________________________________________________ 36


                                             2
   Purpose _______________________________________________________________________ 36
   Creating User Accounts __________________________________________________________ 36
   Creating Users’ Data Folders ______________________________________________________ 36
APPENDICES ________________________________________________________ 38
 Appendix A: DEFAULT AUTOEXEC.BAT _____________________________________ 39
 Appendix B: MODIFIED AUTOEXEC.BAT ____________________________________ 40
 Appendix C: DEFAULT CONFIG.SYS ________________________________________ 41
 Appendix D: MODIFIED CONFIG.SYS ________________________________________ 42
 Appendix E: ―SYSPREP.INF‖ ________________________________________________ 43
 Appendix F: ―MERGEIDE.REG‖ _____________________________________________ 48
 Appendix G: AIS/W2K PILOT PROJECT DEPLOYMENT PROCEDURE ____________ 52
 Appendix H: Lazarus v0.0.3 Source ____________________________________________ 58
 Appendix I: Lazarus Ghost command switch files _________________________________ 59
 Appendix J: SnapShot v1.2.0.0 Source _________________________________________ 60
 Appendix K: SnapShot ―Snap‖ Ghost command switch files ________________________ 68
 Appendix L: SnapShot ―Shot‖ Ghost command switch files _________________________ 69
 Appendix M: RMounter v1.2.1.0 Source Code ___________________________________ 70
 Appendix N: Example of mount.vol GUID list ___________________________________ 72
 Appendix O: ―Test-Lab User GP‖ _____________________________________________ 73
 Appendix P: ―Slow Link Policy‖ GPO __________________________________________ 97
 Appendix Q: ―Add Users‖ .csv file syntax ______________________________________ 110
 Appendix R: W2k-Pilot ―AddUser.csv‖ ________________________________________ 111
 Appendix S: Populus v1.0.0.0 Source__________________________________________ 112
 Appendix T: Procedure for Adding a new user to the AIS/W2k-Pilot _________________ 117




                                          3
                                      Table of Figures
Figure 1: HARD DRIVE PARTITIONS _____________________________________________ 9
Figure 2: Lazarus Windows interface _____________________________________________ 20
Figure 3: Lazarus System Shutdown ______________________________________________ 20
Figure 4: Informational Message box _____________________________________________ 23
Figure 5: SnapShot Selection Menu _______________________________________________ 23
Figure 6: Missing SnapShot History File ___________________________________________ 24
Figure 7: SnapShot Selection Menu (No History File) ________________________________ 24
Figure 8: No Previous SnapShot Activity (no SnapShot image or History File) _____________ 24
Figure 9: Loading a Snapshot image ______________________________________________ 25
Figure 10: No Snapshot available to load __________________________________________ 25
Figure 11: Old Snapshot Warning ________________________________________________ 25
Figure 12: Invalid Snapshot Age (creation date of file differs from SnapShot history file) _____ 25
Figure 13: Previous Snapshot Found when attempting to ―take‖ a Snapshot ______________ 26
Figure 14: SnapShot Canceled___________________________________________________ 26
Figure 15: SnapShot Rebooting Warning __________________________________________ 26
Figure 16: System Rebooting ____________________________________________________ 26
Figure 17: ―UserData‖ Permissions ______________________________________________ 34
Figure 18: Test-Lab GPO Screenshots ____________________________________________ 73
        Figure 19 _____________________________________________________________ 74
        Figure 20 _____________________________________________________________ 75
        Figure 21 _____________________________________________________________ 76
        Figure 22 _____________________________________________________________ 77
        Figure 23 _____________________________________________________________ 78
        Figure 24 _____________________________________________________________ 79
        Figure 25 _____________________________________________________________ 79
        Figure 26 _____________________________________________________________ 80
        Figure 27 _____________________________________________________________ 81
        Figure 28 _____________________________________________________________ 82
        Figure 29 _____________________________________________________________ 83
        Figure 30 _____________________________________________________________ 84
        Figure 31 _____________________________________________________________ 85
        Figure 32 _____________________________________________________________ 86
        Figure 33 _____________________________________________________________ 87
        Figure 34 _____________________________________________________________ 88
        Figure 35 _____________________________________________________________ 89
        Figure 36 _____________________________________________________________ 90
        Figure 37 _____________________________________________________________ 91
        Figure 38 _____________________________________________________________ 92
        Figure 39 _____________________________________________________________ 93
        Figure 40 _____________________________________________________________ 93
        Figure 41 _____________________________________________________________ 94
        Figure 42 _____________________________________________________________ 95
        Figure 43 _____________________________________________________________ 96
Figure 44: Slow Link GPO Screenshots ____________________________________________ 97
        Figure 45 _____________________________________________________________ 98
        Figure 46 _____________________________________________________________ 99
        Figure 47 ____________________________________________________________ 100
        Figure 48 ____________________________________________________________ 101
        Figure 49 ____________________________________________________________ 102



                                                4
        Figure 50 ____________________________________________________________ 103
        Figure 51 ____________________________________________________________ 104
        Figure 52 ____________________________________________________________ 105
        Figure 53 ____________________________________________________________ 106
        Figure 54 ____________________________________________________________ 107
        Figure 55 ____________________________________________________________ 108
        Figure 56 ____________________________________________________________ 108
        Figure 57 ____________________________________________________________ 109
Figure 58: Options Dialog Box – selecting individual user ____________________________ 119
Figure 59: Individual User_____________________________________________________ 119
Figure 60: Options – selecting multiple users ______________________________________ 120
Figure 61: Enter User List Location _____________________________________________ 120
Figure 62: Invalid Users Log file – no invalid users in user list ________________________ 121
Figure 63: Invalid Users Log file –invalid users found in user list ______________________ 121
Figure 64: Cancel box if invalid users were found in user list _________________________ 122
Figure 65: Post-Populus Permission Cleanup ______________________________________ 123
Figure 66: Remove Inherited Permissions _________________________________________ 124
Figure 67: Reset Permissions on all child objects ___________________________________ 124
Figure 68: Permission Reset Verification _________________________________________ 125
Figure 69: Closing the Security Window __________________________________________ 125




                                              5
Introduction

        The goal of the Anytime Anywhere component of the AIS/W2k Pilot Project was
to explore technologies that decrease the user‘s downtime during system failures and to
increase the user‘s data accessibility, regardless of the user‘s location and network access.
To accomplish this goal, it was necessary to differentiate between user data and system
data. After this was done, the Anytime Anywhere component can be divided into two
sections, one dealing with the system and disaster recovery, and one dealing with user
data storage and accessibility.

        For the computer, ―Lazarus‖ and a ―Universal Disk Image (UDI)‖ were developed
to enable a user or computer technician to quickly restore a default Windows 2000 Pro
installation to a disabled computer. ―SnapShot‖ was developed as a pre-emptive disaster
recovery tool to be initiated by the user.

        For the user data, two Microsoft Windows 2000 technologies were implemented,
Roaming Profiles and Folder Redirection. This allowed for the transparent storing of the
user‘s desktop profile and data on a network drive and making them available regardless
of the computer used to log into the domain.

        This paper will give a detailed account of the implementation of these
technologies as well as detail the other programs and procedures that were developed
during the testing process to help automate the administration of the technologies.




                                             6
System and Disaster Recovery




             7
Universal Disk Image:
      Purpose:
              One of the purposes of the Anytime Anywhere component was to provide
      a method to quickly restore a computer to a fresh, default Windows 2000
      installation to aid in new computer rollout and disaster recovery. To this end, we
      decided to make a default Windows 2000 Pro install with SP1 and the latest OS
      hot-fixes, then, using imaging software, save an image of that install for use with
      new computer deployment and disaster recovery/reinstallation. This image is the
      Universal Disk Image (UDI).

       UDI Creation Procedure:
       Partitions:
              For the deployment of the UDI to work, the computer‘s hard drive must be
       properly partitioned (See Figure 1). I booted off a standard Win98 Startup Disk
       and used fdisk.exe to create the partitions I needed. I then again booted off the
       Win98 Startup Disk and formatted the C: drive in FAT 16.

           o Partition 1
                  C: Drive
                  FAT
                  Partition Label ―BOOT‖
                  102MB
                  Contains
                          DOS installation
                          Windows 2000 boot files
                              o BOOT.INI
                              o BOOTSECT.DOS
                              o IO.SYS
                              o NTDETECT.COM
                              o NTLDR
                          Other programs used in the Pilot Project.

           o Partition 2
                  D: Drive
                  NTFS
                  Approximately 45% of the size of the hard drive
                  Partition Label ―OS‖
                  Contains
                          Windows 2000 installation
                  Partition primarily accessed by user
                  NTFS mount point is used to mount D:\I386 to the I386 partition
                          The registry will be edited by the ReMounter utility to
                           point the system to the D:\I386 directory for the Windows
                           2000 Installation files.




                                            8
         o Partition 3
                No Drive Letter
                        Invisible to user
                FAT32
                399MB
                Partition Label ―I386‖
                Contains
                        Windows 2000 installation files
                             o This eliminates the need for the Windows 2000 Pro
                                 CD when updating drivers or adding other
                                 Windows 2000 components
                Mounted via NTFS mount points (in Disk Management) to
                   D:\I386. When booting to DOS, visible as the D: drive.

         o Partition 4
                No Drive Letter
                        Invisible to user
                FAT32
                Remaineder of the hard drive
                Partition Label ―STORAGE‖
                Contains
                        Ghost executable for use with Lazarus and SnapShot
                        UDI image to allow for disaster recovery
                        Snapshot image and the SnapShot history file
                             o When SnapShot is run, a temporary NTFS mount
                                 point to the STORAGE partition is created. This
                                 mount point is closed after SnapShot is done.
                When booting to DOS, visible as the E: drive.

              Initially, I manually set the size for the OS and the STORAGE partitions.
      Command line switches for Ghost allows for the resizing of individual partitions
      as the image is being loaded. Using these switches, I set the OS partition to be
      45% of the total hard drive size and the STORAGE partition to use the remainder
      of the hard drive space.

Figure 1: HARD DRIVE PARTITIONS

   Drive Letter   Label          Size                 File System
   C              BOOT           102MB                FAT16
   D              OS             45% of HD            NTFS
                  I386           399MB                FAT32
                  STORAGE        Remainder of HD      FAT32




                                          9
DOS Installation:
After formatting the C: drive, I made it bootable by transferring the system files
from the floppy to the C: drive. I then copied the rest of the contents of the floppy
disk to the C: Drive and modified them for my purpose. After this, I was ready to
install Windows 2000.

       Installing DOS to the C: Drive:
       1. After C: Drive is formatted in FAT16, boot to Win98 Startup.
       2. At the A prompt (―A:\>‖) type (w/o quotes) ―sys c:‖
       3. This command transfers the system files to the C: drive and makes it
          bootable.

       Modification of Win98 Startup Disk files:
       When you boot to a Win98 Startup Disk, it creates a RAM Disk and
       extracts the contents of ebd.cab to the RAM Disk. The ebd.cab file
       contains the following tools:
               ATTRIB.EXE
               CHKDSK.EXE
               DEBUG.EXE
               EDIT.COM
               EXT.EXE
               EXTRACT.EXE
               FORMAT.COM
               HELP.BAT
               MSCDEX.EXE
               RESTART.COM
               SCANDISK.EXE
               SCANDISK.INI
               SYS.COM
       Because I wanted these files to be available, I manually extracted them
       and placed them in the C:\EBD directory that I created.

      I then modified the Autoexec.bat and Config.sys to remove the following
(See APPENDICES A, B, C, and D):
              1. AUTOEXEC.BAT modifications (See APPENDICES A and
                     B)
                         a. Removed lines for RAM Disk Creation
                         b. Removed lines for EBD.CAB error checking and
                            extraction
              2. CONFIG.SYS modifications (See APPENDICES C and D)
                         a. Modified the menu time for the CD Rom Driver
                            install to automatically enable the CD Rom drive
                         b. Removed the line referring to the RAM Drive

       Other files on C Drive:
       The C: Drive also contains a DF directory containing other programs used
       in the Pilot Project. These programs are as follows:




                                     10
1. ―boot‖ directory – modified autoexec.bat and boot.ini files used by
   SnapShot and Lazarus for booting into DOS and then back into
   Windows 2000
2. ―Lazarus‖ directory – Disaster Recovery tool (See Lazarus section)
3. ―ReMounter‖ directory – Tool used to Reassign drive letters, populate
   the STORAGE partition with Ghost and the SnapShot directories, and
   configure the Installation Path to point to D: instead of the CD-ROM
   Drive (See ReMounter section)
4. ―SMS Launch‖ directory – SMS Client utility for connecting to SMS
   Server
5. ―SnapShot‖ directory – Pre-emptive Disaster Recovery tool (See
   SnapShot section)
6. ―sys‖ directory – Miscellaneous utilities used by several of the other
   programs.
7. REP2???.BAT – 3 trouble shooting utilities for modifying the
   autoexec.bat and boot.ini.




                            11
Windows 2000 Installation Procedure:
The Windows 2000 Pro installation procedure was fairly typical. Following is the
procedure I followed to install Windows 2000 and prepare it for Ghosting to
create the UDI.

   1. Installed Windows 2000 Pro (SP1 integrated)
          a. When prompted for installation partition, I selected the second
              partition, set its size to 6000MB and the file format to NTFS.
          b. When prompted for which components to install, I unselected all
              but the following:
                   i. Index Service
                           1. I actually don‘t think I selected this but it was
                               installed anyway
                  ii. Management and Monitoring ToolsSimple Network
                      Management Protocol
                           1. SNMP was installed initially for SMS but later it
                               was discovered that it wasn‘t needed. Future
                               versions of the UDI will not have SNMP installed.
   2. Set Administrator password to a non-blank password. SYSPREP requires
      that the Administrator password be blank to run but for security purposes,
      don‘t make it blank yet.
   3. Ran Daisy
   4. Daisy downloaded and installed the latest OS hot-fixes and rebooted.
   5. Formatted I386 and STORAGE directory in FAT32 and copied the
      following folders/files to the partitions
          a. Files copied to I386 partition
                   i. The contents of the I386 directory on the Windows 2000
                      Pro (w/ int. SP1) CD
                  ii. The files are copied but not the I386 folder itself
          b. Files copied to the STORAGE partition
                   i. ―Ghost‖ directory
                           1. ―GHOST.EXE‖ (version 7.0)
                  ii. ―SnapShot‖ directory
                           1. ―Snap‖ directory
   6. SYSPREP preparation
          a. Create a ―SYSPREP‖ directory at the root of the D: Drive
          b. Copy SYSPREP and accompanying files (See SYSPREP section)
              to D:\SYSPREP




                                   12
SYSPREP:
I used SYSPREP v1.1 to remove the SID from the computer and prepare it for
Ghosting. Along with removing the SID, SYSPREP, using an answer file (See
APPENDIX E), greatly decreases the Hardware dependency of an image by
allowing for different Mass Storage Devices between the computer the image was
created on and the computer the image is to be loaded on.

Also, an MS Knowledge Base article (Article ID: Q271965) was found that
documents a procedure by which you are able to merge registry entries ahead of
time to support all IDE controllers natively supported by Windows 2000.

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q271965

I used Setup Manager from the Windows 2000 Server Resource Kit to generate a
SYSPREP.INF file. The SYSPREP.INF file is an answer file for SYSPREP.EXE
and is used for answer the questions to the Mini-Setup Wizard that runs after
running SYSPREP.EXE and restarting the computer. Setup Manager also created
a SYSPREP.BAT file that you can edit to add command line switches for the
SYSPREP.EXE program to run.

   1. Boot into Safe Mode (an MS PSS support call regarding SYSPREP
      verified that it is not necessary to boot into safe mode. Future UDI
      Creations will not boot into safe mode here, but the initial UDI was.)
   2. Open Device Manager
          a. Show hidden devices by clicking on ―View‖‖Show hidden
              devices‖
          b. Uninstall every device that is allowed
                   i. Start with ―System Devices‖‖PCI bus‖ to remove a
                       majority of devices initially
                  ii. After removing the ―PCI bus‖, a message might appear
                       stating that a new device has been found. Click ―OK‖ and
                       continue uninstalling the rest of the devices.
                 iii. DO NOT restart the computer if prompted
          c.
   3. Running SYSPREP
          a. Purpose
                   i. Removes computer SID and prepares for Ghosting
                  ii. Using a SYSPREP.INF file, allows difference in Mass
                       Storage Devices and for automation of the Mini-Setup
                       Wizard that appears after running SYSPREP and rebooting
          b. Browse to ―D:\SYSPREP\move_to_sysroot-sys32-drivers‖ and
              copy the contents (atapi.sys, intelide.sys, pciide.sys, pciidex.sys) to
              the ―D:\Winnt\System32‖ directory.
          c. Open D:\SYSPREP\mergeide.reg in Notepad and remove the
              following lines:



                                    13
          i. The first line: ********* START COPY FROM HERE
             *************
         ii. The last line: ************ END COPY HERE
             ***************
        iii. Make sure to remove the whole line including the carriage
             return but leave an empty line at the end of the file.
        iv. Save the file
d.   Double-click on the ―MERGEIDE.REG‖ (See APPENDIX F) file
     to merge its contents into the registry
e.   Open Command Prompt and browse to D:\SYSPREP
f.   Run SYSPREP.BAT
          i. This batch file runs SYSPREP with the –pnp switch that
             forces Windows to do a legacy device detection and to re-
             enumerate the Plug and Play devices on the destination
             computer
g.   SYSPREP should shut down the computer if no errors occur and
     you are now ready to Ghost the computer




                         14
Creating the Images:
         Two Ghost images are actually needed, one of just the whole hard drive
and one of the just the OS partition (the partition that contains the Windows 2000
install). The reason for this is that Ghost will not save the Master Boot Record
(MBR, the record of what OSes are installed and where) when just imaging a
partition. But, because the UDI will be updated periodically, we want the UDI to
just be of the OS partition. Also, having a full disk image, minus the OS
Partition, allows faster computer deployment because we can automate the disk
partitioning and formatting.

        Here is the procedure I followed for creating the UDI and what is called
the FS Image (image containing the partitioned hard drive image, Windows 2000-
DOS dual boot MBR, DOS installation, the ―DF‖ directory programs, and I386
Windows 2000 installations files).

   After running SYSPREP and shutting down the computer but prior to
   restarting it:
   Creating the UDI OS partition image:
       1. Run Ghost and save a ―Partition Image‖ of the computer. This can be
          done employing several methods
              a. Install a second hard drive and ghost the original hard drive to
                  an image onto the second hard drive
              b. Boot the initial computer from a networked enabled Ghost boot
                  disk and
                       i. Connect a second computer to the initial computer via a
                          crossover cable/private network and map a network
                          drive to the second computer. Use that mapped drive to
                          store the Partition Image.
                      ii. Run a Ghost Multicast Server and initiate the creation
                          of the Partition Image from the Multicast Server, saving
                          the Partition Image to the Multicast Server
              c. Use Removable media to save the Partition Image
                       i. CD-RW
                      ii. Jaz
       2. This partition image is the Universal Disk Image used to load
          Windows 2000 on new systems and on systems needing disaster
          recovery.

   Creating the FS full disk image:
      1. Run Ghost and save a ―Disk Image‖ of the computer. This can be
          done employing several methods that are described above in the
          ―Creating the UDI OS partition image‖ section.
      2. Move the Disk Image created to a computer that has Ghost Explorer
          installed.
      3. Run Ghost Explorer and open up the Disk Image.




                                    15
   4. Delete the contents of the OS Partition. ***NOTE*** Delete just the
      contents of the partition and not the partition itself.
   5. Recompile the Disk Image in Ghost Explorer.
   6. This disk image is the FS Image.

Loading the FS and UDI images:
        The FS image only needs to be loaded on new computers. On
computers where disaster recovery is needed, the hard drive has already been
partitioned so only the UDI is needed to be loaded. Loading the images
involves booting to a DOS boot disk and running Ghost to load the specific
image with the proper Ghost command line switches.

        To help automate this, I have developed a set of bootable CDs with
custom batch files that will run Ghost with the proper command line switches
to load the FS and UDI images. For new computers, first load the FS image
and then the UDI. For computers needing disaster recovery, load just the
UDI.

Instructions for loading images:
        See APPENDIX G for detailed instructions on loading the FS and UDI
images using the deployment CDs. When performing Disaster Recovery, start
at step ―IV‖ of the document to load only the UDI image.




                                16
Conflict Resolution:
       In deciding on the partitioning above, many configurations were tried but
abandoned.
       1. Hiding the C: Drive
               We wanted to have Windows 2000 installed on the C: Drive
               because that is what the users are familiar with but since DOS was
               on the C drive it had to be formatted in FAT16, which was not
               acceptable. I attempted to hide the C: drive but was not allowed by
               Windows 2000 because it contained the system files necessary to
               boot to Windows 2000. So, we decided to leave C: drive visible
               and educate the user that the D: drive was his/her primary drive.

       2. Creating a UDI with Windows 2000 Pro (w/int SP2)
             I attempted to create a new UDI based on a Windows 2000 Pro
             install that had Service Pack 2 slipstreamed (integrated) into the
             installation files. I used the same SYSPREP answer file that I
             previously used for the original UDI (that was based on a
             Windows 2000 Pro w/int SP1 install) and followed the exact same
             procedure as is listed in the UDI section. When running SYSPREP
             on the install to prepare it for ghosting, I would receive the
             following error message and SYSPREP would abort

              SYSPREP Error:
              An error occurred while trying to update your
              registry.
              Unable to continue.

              I was able to determine that the error was due to an invalid entry in
              the [SYSPREPMassStorage] section of the SYSPREP.INF answer
              file. PSS suggested commenting out the entire section and adding
              each entry back one at a time, attempting to run SYSPREP each
              time to see if SYSPREP crashed. Doing this, I found that two lines
              of the 156 entries were invalid. MS PSS wanted to close the case
              there but I wanted them to answer why the two lines caused an
              error in the SP2 install but not the SP1 install. MS PSS said that to
              answer that it would require a great deal of research. I asked them
              to answer it anyway. MS PSS called back two days later to say
              that, even though the entries in the [SYSPREPMassStorage]
              section were taken from the MS sample SYSPREP.INF, MS does
              not support it and they closed the case. MS does not support any
              modifications made to the Syprep.inf file that is generated by the
              ―Setup Manager‖ Resource Kit utility. (See MS PSS Call:
              SYSPREP)

              I created an image using the revised SYSPREP.INF file but every
              attempt to load it on a computer other than the one the UDI was
              created on caused the computer to hang at the blue screen


                                    17
immediately prior to the Windows Login box appearing. This
error would occur even though the computer receiving the UDI
was identical to the computer the UDI was created on.

It was decided to just stick with the original UDI for the duration
of the Pilot Project.




                     18
LAZARUS
Purpose:
        The concept behind Lazarus was to develop a technique to aid in new computer
deployment and disaster recovery, in respect to the other components of the AIS/W2k
Pilot Project.

       To this end, using Winbatch, I developed a program that would automate the
loading of the UDI onto a computer. Lazarus is a program that is located on the user‘s
computer and, when run, would reboot the computer into DOS and load the UDI
(Universal Disk Image) onto the D: (OS) partition. After the image has been loaded, the
computer is then rebooted back into Windows 2000 at which time the Windows 2000
Mini-Setup Wizard is run (because SYSPREP was used prior to the Ghosting of the
image) assigning the computer a new Security Identifier (SID).

        Lazarus is actually two programs, ―LAZ.EXE‖ (See APPENDIX H), which is run
while in Windows 2000, and ―RUS.BAT‖, which runs after the computer has booted into
DOS. The Windows component, ―LAZ.EXE‖, merely informs the user that the computer
will be rebooted and modifies the ―BOOT.INI‖ and ―AUTOEXEC.BAT‖ files to boot
into DOS and execute ―RUS.BAT‖. The user interface with ―LAZ.EXE‖ is simply a
message box informing the user that computer will be rebooted then a system message
box counting down to the restart. ―RUS.BAT‖ is executed by the ―AUTOEXEC.BAT‖
file when DOS is loaded. ―RUS.BAT‖ modifies the ―BOOT.INI‖ and
―AUTOEXEC.BAT‖ files to boot back into Windows 2000 at next reboot and executes
―GHOST.EXE‖ with the ―RUSWITCH.TXT‖ (See APPENDIX I) command file.

      The final version of Lazarus developed is v0.0.3. It is a simple program so not
much tweaking needed to be done from the initial version.

       The executable and source code, along with the .CMP file (contains compiling
information for Winbatch) are included in the ―Source‖ folder provided with this
documentation.




                                           19
Lazarus Screenshots
Figure 2: Lazarus Windows interface




Figure 3: Lazarus System Shutdown




                                      20
SNAPSHOT
Purpose:
        SnapShot was not originally part of the Pilot Project. While explaining Lazarus at
an early Status Meeting, the concept of a tool that could allow the users to backup their
computer before making a system change was suggested. From this, SnapShot was
conceived.

        SnapShot has become a pre-emptive disaster recovery tool that allows a user to
take a ―snapshot‖ image of the D: (OS) prior to making any changes to the system
configuration, i.e., installing new hardware, installing a new software driver, etc. If
anything occurs that makes the computer unstable, SnapShot can be run again to reload
the snapshot to restore the computer to the state it was in prior to the configuration
change.

        Like Lazarus, SnapShot is comprised of two programs: the Windows component,
―SNAPSHOT.EXE‖ (See APPENDIX J), and the DOS component, ―SNAP.BAT‖ or
―SHOT.BAT‖ depending on whether SnapShot is taking or loading a ―snapshot‖. When
―SNAPSHOT.EXE‖ is executed, an informational message is displayed informing the
user the function of SnapShot. The user selects whether to take or load a snapshot.
―SNAPSHOT.EXE‖ then modifies the ―BOOT.INI‖ and the ―AUTOEXEC.BAT‖ files to
boot the computer into DOS and restarts the computer. After DOS loads, the
―AUTOEXEC.BAT‖ file executes either ―SNAP.BAT‖ or ―SHOT.BAT‖ which runs
Ghost and the accompanying command switch file (See APPENDICES K and L). The
.BAT file also modifies the ―BOOT.INI‖ and ―AUTOEXEC.BAT‖ to boot the computer
back into Windows 2000 after the snapshot is loaded and the computer is restarted.

        SnapShot has been through many version updates. The original was very simple
and did not have much user intervention or error-checking. The latest version has an
Informational Message, error-checking, checks for previous snapshots (SnapShot
currently allows for only one snapshot), gives date of last snapshot, gives username of
last person to initiate SnapShot (last person to take or load a snapshot), and gives age of
last snapshot.

        For SnapShot to be able to determine information such as, username and action of
last SnapShot user, and age of snapshot, a SnapShot History file, ―SNAPSHOT.HIS‖,
was added. This file is stored on the STORAGE partition, which is hidden from
Windows 2000. For SnapShot to be able to access it, it creates a temporary NTFS Mount
Point to the STORAGE partition, gathers the information needed from the
―SNAPSHOT.HIS‖ file, writes new information to the ―SNAPSHOT.HIS‖ file, then
removes the mount point.

        If the snapshot image is older than 7 days, the user is given a warning stating that
loading an old image could have disastrous effects. There are two reasons for this
warning. First, a lot can change on a user‘s computer in 7 days and loading a snapshot
will overwrite any changes that have occurred, good or bad. Second, when a computer is
joined to a Domain, a Computer Account password is established between the computer



                                             21
and the Domain Controller‘s. This Computer Account password is changed
automatically every 7 days. The domain keeps a copy of the current password and the
immediate previous password in cases where the computer is not available at the time the
password is changed. If a computer is unavailable twice for two consecutive password
changes, then the computer will have to be removed from the domain and re-added
before it can access domain resources again. If a user loads a snapshot that is older than
3 weeks, the Computer Account password that the computer has will not match any of the
Computer Account passwords that the Domain Controller‘s have for this computer.

       The executable and source code, along with the .CMP file (contains compiling
information for Winbatch) are included in the ―Source‖ folder provided with this
documentation.




                                           22
SnapShot Screenshots
Figure 4: Informational Message box




Figure 5: SnapShot Selection Menu




                                      23
Figure 6: Missing SnapShot History File




Figure 7: SnapShot Selection Menu (No History File)




Figure 8: No Previous SnapShot Activity (no SnapShot image or History File)




                                               24
Figure 9: Loading a Snapshot image




Figure 10: No Snapshot available to load




Figure 11: Old Snapshot Warning




Figure 12: Invalid Snapshot Age (creation date of file differs from SnapShot history file)




                                                  25
Figure 13: Previous Snapshot Found when attempting to “take” a Snapshot




Figure 14: SnapShot Canceled




Figure 15: SnapShot Rebooting Warning




Figure 16: System Rebooting




                                              26
REMOUNTER
Purpose:
        ReMounter is a Winbatch program whose original purpose was for the automation
of reassigning the drive letters of a computer after the UDI has been loaded. Even though
the I386 and STORAGE partitions were hidden on the system that the UDI was created
on, after SYSPREP is run, all the drives become visible again. It became necessary to
again hide the I386 and STORAGE partitions and recreate the NTFS Mount Point for the
I386 partition to the D:\I386 directory. Also, since SYSPREP reset the SourcePath and
ServicePackSourcePath (registry keys determining where the computer looks for the OS
installation files when needed) back to the CD-Rom Drive, it became necessary to set
these registry keys to point to the D:\I386 directory again.

        ReMounter automates these processes. The SYSPREP.INF, the SYSPREP
Answer file, executes ReMounter after the Mini-Setup Wizard is completed. For some
reason, SYSPREP sometimes fails to run ReMounter. It is easy to determine if
ReMounter has failed to run. Simply open My Computer and look for an I386 or
STORAGE partition. If ReMounter did fail to run, you can manually execute it at
C:\DF\ReMounter\Rmounter.exe.

        Since the initial creation of ReMounter, I have added other configuration changes
that are needed on systems that have just received the UDI. The following are the
functions provided by ReMounter v1.2.1 (See APPENDIX M):
        1. Hide the I386 and STORAGE partitions and reassign drive letters for the
            remaining drives
        2. Change the following registry keys for the source path of the OS install files
            and Service Pack files found at
            HKLM\Software\Microsoft\Windows\CurrentVersion\Setup
                a. SourcePath – Value = D:
                b. ServicePackSourcePath – Value = D:
        3. Create Start Menu shortcuts for Lazarus and SnapShot in ―D:\Documents and
            Settings\All Users\Start Menu\Programs\Administrative Tools‖
        4. Create the needed directory structure and copy needed files to the STORAGE
            partition
                a. Create the following directories
                         i. Ghost
                        ii. SnapShot
                                 1. Snap – located inside the SnapShot folder
                b. Copy GHOST.EXE to the Ghost directory

         Since ReMounter was created to run on the initial login after the UDI has been
loaded, it was created to run silently and has no user interface. It is not a utility that
should be used on a regular basis. ReMounter depends on having no partitions hidden for
it to run properly (after the UDI is loaded no drive letters are hidden). It enumerates the
GUIDs for each drive using the MS ―MOUNTVOL.EXE‖ utility (See APPENDIX N)
and determines which partition is which based on the order the GUIDs are listed.
Lettered hard drive partitions (i.e. C:, D:, etc) are listed first so the I386 and STORAGE



                                            27
partitions are always E: and F: respectively. If some of the partitions are not assigned
numbers, they will appear after the numbered drives and ReMounter will not work
properly. Error-checking has been written in for some of the other functions of
ReMounter, but because of the limitations of the ―MOUNT.VOL‖ utility, none were able
to be added for this function.

       The executable and source code, along with the .CMP file (contains compiling
information for Winbatch) are included in the ―Source‖ folder provided with this
documentation.




                                           28
User Data Storage and Accessibility




                29
Roaming Profiles and Folder Redirection
Purpose:
        The concept of ―Anytime Anywhere‖ refers to the ability of a user to access
his/her data regardless of what computer s/he is on or the status of network availability.
This would allow a user to work on documents in the office or at home, connected to the
Internet/Intranet or disconnected. To this end, two Microsoft technologies were used:
Roaming Profiles and Folder Redirection.

Roaming Profiles
        Roaming Profiles allow a user to log into any computer in his/her domain or
trusted domain and receive the same desktop environment as they would from their own
computer. This includes the Desktop Wallpaper, Favorites, certain Application Data, My
Documents, User‘s Desktop Folder, etc. The benefits of Roaming Profiles are that no
matter which computer you are working on, the environment is the same and your files
will be available to you.

        With Roaming Profiles, a user‘s profile is saved on a network drive (for the Pilot,
we used a Dell PowerVault 735N Network Attached Storage device, NAS) and is
accessed and downloaded when a user logs into a computer. When a user logs in to a
computer for the first time, his User Profile is downloaded to that computer. When s/he
finishes his/her work and logs off, any changes to his/her profile are saved back up to the
network location. If the network is unavailable when the user logs on, the user‘s profile
will be loaded with a cached copy of the user profile (this only works if the user has
logged on to the computer previously when the computer was on the network; if not,
there is no cached profile to load). When the network becomes available again, a
synchronization of the network profile and the cached profile will take place.

        One downside of Roaming Profiles is that the entire profile must be downloaded
at login and then uploaded at log off. Login and logoff times therefore increase. For
users with high speed connections, this will be barely noticeable. If the user has a large
number of files stored in his My Documents folder or on his/her Desktop, the time again
increases. Over a modem, this can cause the login/logout times to be very long.

Folder Redirection
        To help alleviate this downside, we implemented Folder Redirection along with
Roaming Profiles. Folder Redirection allows for certain directories to be transparently
redirected to a network drive. To the user, it appears as if the folder is still on his/her
computer. Redirected folders look just like any other folder except that its contents are
located on a network drive.

        The five folders that can be redirected are the user‘s My Documents folder, My
Pictures folder, Desktop folder, Start Menu folder, and Application Data folder.
Redirected Folders are not downloaded to the user‘s computer at login. Instead, the files
will be downloaded to the user‘s computer as s/he accesses them. For the Pilot Project,
we elected to redirect just the user‘s My Document and Desktop folders.




                                             30
Folder Synchronization
         Since the goal was to make the user‘s files available to him/her, while on or off
the network, we also enabled Offline Stores, which using the Folder Synchronization
utility, allows a user to store cached copies of specified network files and folders to the
local computer. Like Roaming Profiles, if changes are made to a file while offline, when
the user gets back online, a Folder Synchronization takes place and uploads the changes
to the network files. In cases where there is a discrepancy between the network and the
local file during the Folder Synchronization (i.e., I work offline on a file at home on my
laptop, then come to work the next day and make different changes to the original file on
my desktop computer), the user will be prompted to either keep one file over the other or
to keep both files.




                                            31
Anytime Anywhere Procedures:
        For the Pilot Project, the user‘s Roaming Profiles and Redirected Folders were
stored on a Dell PowerVault 735N Network Attached Storage Device (NAS) running
―Powered by Windows 2000‖ software. Since it is running Windows 2000 natively, I
was able to easily implement Windows 2000 technology, such as Disk Quota and NTFS
permissions.

         Initially, this was to be tested on the NetApp NAS owned by the "General Use,
Research UNIX and Security" (GURUS) department as well, but several issues prevented
full testing (later tests have shown that the NetApp NAS, with the latest ONTap OS, is
capable of performing the same function that the Dell NAS performed in the Pilot).

        I used a custom built utility named Populus, Windows 2000 Group Policy
Objects, and Windows 2000 Disk Quota, to setup users and configure the Roaming
Profiles and Folder Redirection.

Disk Quota
        Windows 2000 Disk Quota allows me to restrict the amount of disk space a user
gets on a partition. Since I was given no indication of how much space should be
allotted, I randomly chose 500MB as the default quota limit. The quota limit can be
adjusted on a user by user basis but the initial quota is 500MB. The restriction is not on a
folder by folder basis, but rather on the user. User A gets 500MB of space anywhere on
the network share that he has been granted NTFS permissions. The pilot users were
granted permission only to their UserData\%UserName%\ folders.

Group Policy Object
        To begin, I created a Windows 2000 Group Policy Object (GPO) that would be
applied to all users in the Test-Lab Organizational Unit (OU) located in the W2k-Pilot
Domain. This GPO allows me to make a blanket configuration change to multiple
computers without having to go to each computer and manually make the changes. This
GPO contains some basic computer configuration settings, but its main purpose is for
enabling the folder redirection on the ―My Document‖ and individual user‘s ―Desktop‖
folders, enabling Offline Stores for the redirected files, and configuring Folder
Synchronization for the redirected files. (See APPENDIX O)

        I also created another GPO for use with laptop users. This GPO is a computer
GPO only. It is applied to all computers located in the ―Laptop‖ OU of the Test-Lab
domain. This GPO contains configurations that enable ―Slow Link‖ detection for
laptops. Windows 2000 allows a modem user to dial his/her internet connection when
he/she logs in. If this occurs and slow link detection is not enabled, then the computer
will try to download the user‘s Profile, which could take a long time. With slow link
detection enabled, Windows 2000 will detect that the user‘s connection is low speed and
instead load the user‘s cached profile. See ―Slow Link Policy‖ on the second following
page. (See APPENDIX P)




                                            32
Roaming Profiles and Folder Redirection
        User accounts were created for all the AIS/W2k Pilot Project participants. Each
account was configured to use Roaming Profiles and have a profile stored on the Dell
NAS, at \\tron.ais-pilot.w2k-pilot.vt.edu\UserData\Profiles\%username%\. The UserData
folder is the share folder on the NAS. The ―Test-Lab User GP‖ GPO was also configured
so that each user‘s ―My Documents‖ and ―Desktop‖ folder was located at the following
locations, respectively:
        \\tron.ais-pilot.w2k-pilot.vt.edu\UserData\%username%\My Documents
        \\tron.ais-pilot.w2k-pilot.vt.edu\UserData\%username%\Desktop.

Roaming Profiles consist of the following folders and files:
      Application Data (MS Office personalization, Netscape bookmarks (at least 6.x),
          Wallpaper, etc)
      Cookies
      Favorites
      NetHood
      PrintHood
      Recent
      SendTo
      Templates
      And the following ―top-level‖ files (located in the root of the user‘s profile folder)
             NTUSER.DAT
             NTUSER.DAT.LOG
             NTUSER.INI
             NTUSER.POL

         When a member of the AIS-PILOT OU logs onto a computer in the forest, one of
two things happens. One, if it is the first time the user has logged onto a computer since
his/her account has been configured for roaming profiles, the user receives the default
profile configuration for that computer and the profile is copied to the user‘s ―Profile‖
data folder located on the NAS and becomes the users roaming profile. Or two, after the
initial login and roaming profile creation, when the user logs onto a computer, the user‘s
profile is downloaded to the computer and loaded for the user. When the user logs off,
any changes made to the profile are saved up to the NAS.

        At each login, every part of the user‘s profile is copied from the NAS to the
workstation and loaded. At every logoff, the profile on the local workstation
synchronizes with the copy on the NAS, i.e., if the user made any changes to the local
profile, it will get replicated up to the copy on the NAS.

        Folder Redirection has been implemented for all users participating in the
AIS/W2k-Pilot. This feature changes the actual location of the user‘s ―My Documents‖
folder and the user‘s ―Desktop‖ folder. Folder redirection lessens the time it takes to
complete the logon process and saves network bandwidth by downloading files located in
a user‘s ―My Document‖ and ―Desktop‖ folders on a file-by-file basis, as the files are



                                            33
needed. If Folder Redirection is implemented by itself, no synchronization is needed at
logoff because the user‘s files are saved directly to the NAS. Implementing Folder
Redirection with Offline Stores, as we do, causes the Redirected Folders on the local
system to synchronize with the folders on the NAS. This allows the user to access his/her
files even when the computer is off the network and the NAS is unavailable. When the
network becomes available again, a File Synchronization is triggered (by logging in,
logging out, or initiated by the user) and any changes are uploaded to the NAS. If there is
a discrepancy between the network version of a file and the local version, then the user is
given the option to save one or the other, or both files.

Security Concerns:
        By default, when a user that has been configured for Roaming Profiles and Folder
Redirection logs in for the first time, the user‘s Profile folder and redirected folders will
be created on the network share. When this was initially tested, it was determined that
the NTFS Security on the user‘s folders was not strict enough. A user would be able to
not only see his/her share but also be able to enumerate the parent folder of every user,
thus giving a full list of usernames.

        To prevent this, the NTFS permissions were set as shown in Figure 17. The
Authenticated Users group had ―Traverse Folder / Execute File‖ permission on the
UserData folder (the share folder) but no other permissions and then each individual user
had full permissions on his/her %username% folder. SYSTEM had full control over all
folders and files. To be able to set the NTFS permissions to the security level desired, the
user folders had to be created and permissions had to be set manually. Later, due to
conflicts with software (WinZip, Microsoft Office XP, and MS Access, see ―Conflict
Resolutions‖), the permissions had to be reduced back to the original NTFS permissions
(See Figure 17).

Figure 17: “UserData” Permissions


           Share Permissions
           E:\UserData – Everyone = Full (default share permissions)

           NTFS Permissions
           E:\UserData – [Permissions not propagated to child files/folders]
                  Domain Admins = ―Full‖
                  SYSTEM = ―Full‖
                         Authenticated User‘s = ―Traverse Folder / Execute File‖
                                                ―List Folder / Read Data‖
                                                ―Read Attributes‖
                                                ―Read Extended Attributes‖
           E:\UserData\%username% - [Permissions propagated to child files/folders]
                         SYSTEM = ―Full‖
                         %Username% = ―Full‖




                                             34
Conflict Resolution
WinZip 8.0:
        When users attempted to extract a zipped file to a redirected folder, they would
receive an error that the location could not be found. I corresponded with WinZip Tech
Support via e-mail but received no useful information from them. I began trying
different NTFS permission configurations and found that, for WinZip to work, the
Authenticated User‘s group had to have ―List Folder / Read Data‖ permission on the
UserData folder as well as the ―Traverse Folder / Execute File‖ permission. WinZip
Tech Support could not tell me why this was necessary.

Microsoft Office XP: (See MS PSS Call: Office XP)
        When users attempted to save an Office document, an error would occur and the
Office program would exit, causing a loss of data. After some testing, it was determined
that the real issue was not with saving a document but with the Office product‘s ability to
access the default ―Document‖ location. A Microsoft Paid Support Services case was
opened. While waiting to hear back from MS on this case, I discovered that the NTFS
permissions on the parent share (UserData folder) was too strict. Along with the original
NTFS permissions, it was necessary to add the ―Read Attributes‖ and the ―Read
Extended Attributes‖ permissions. The MS PSS call was left open until they could
explain why the parent folder (UserData) needed the added permissions even when the
permissions were not propagated to the child files/folders. After a month, and no
progress from MS PSS, we closed the case.

MS Access:
        A user would receive an error when attempting to open an Access Database from
a redirected folder. After some research, I came across the following MS KB Article:
―An Intranet Site Is Identified as an Internet Site When You Use an FQDN or IP Address
(Q303650)‖. Because a ―Fully Qualified Domain Name‖, FQDN, is used for the
Redirected Folder locations, Windows 2000 treats it as an Internet site. To be able to
open an Access Database over an Internet site, a modification is needed in the IE Internet
Security Zone settings. To allow users to open Access databases located in redirected
folders, the FQDN of the NAS needed to be added to the Trusted Sites of each computer.
I was able to add this change to the ―Test-Lab User GP‖ GPO instead of having to
manually make the change on all the Test-Pilot computers.




                                            35
POPULUS
Purpose:
        When the AIS/W2k-Pilot Project began, user accounts and user data folders had
to be created for all Pilot participants. For each user, it was necessary to enable Roaming
Profiles and to manually set NTFS permissions on the user data folders. As the Pilot
progressed, more users were added to broaden the testing. When we were nearing the
completion of this testing phase, the W2k-Pilot AD Forest was reinstalled to eliminate
anything that was implemented and then rejected in the first phase of testing. At this
point, a method for automating the creation of user accounts and user data folders (and
subsequent NTFS Permissions on said folders) was explored. The solution was found in
the combination of the ―Add Users‖ Windows 2000 Server Resource Kit utility and an in-
house utility called ―Populus‖.

Creating User Accounts:
        The Windows 2000 Server Resource Kit has a utility called ―Add Users‖
(ADDUSERS.EXE) that allows an administrator to batch create/delete/edit user accounts
and local and global groups based on a comma-delimited file (like the .CSV files used in
Excel). When the W2k-Pilot AD Forest was reinstalled, I used the ―Add Users‖ utility
and a .CSV file (See APPENDIX Q and R) to batch create the 54 user accounts needed as
well as enabling Roaming Profiles for each account.

        For more information regarding the ―Add Users‖ (ADDUSERS.EXE) Windows
2000 Resource Kit Utility, reference the following website:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;q199878

Creating Users‟ Data Folders:
         Each user needed a location on the Dell PowerVault 735N Network Applied
Storage (NAS) Device to store his/her roaming profile and redirected folders (―My
Document‖ and ―Desktop‖ folders). If the folders for both the Roaming Profile and the
Redirected Files do not exist, they are created when the user logs on (for example, the
folders do not exist for users that have never logged onto the domain before). For the
Pilot, the default NTFS permissions applied to the folders were too lenient so permissions
would need to be modified.

         Instead of having the folders and NTFS permissions automatically generated and
then modifying the permissions on a user-by-user basis, it is simpler for administrative
purposes to manually create the folders and manually set the proper NTFS permissions.
It is simpler because the permissions are set properly initially. If the NTFS permissions
were automatically generated and then modified on a user-by-user basis, there is the
possibility that a set of folders could be missed and the NTFS permissions not modified
to the more secure configuration.

        Whereas it is easier for administrative purposes to manually create the folders and
set the NTFS permissions, it is still a tedious job that would be very susceptible to user
error when being performed. For this reason, I developed a Winbatch program called
Populus (See APPENDIX S) to create user data folders and set the proper NTFS



                                            36
permissions needed for each. Used in conjunction with the ―Add Users‖ Windows 2000
Resource Kit utility, I was able to effectively automate both the creation of user accounts
and the creation of said user‘s data folders (and NTFS permissions) on the NAS. I have
also written up the procedure I followed when adding new users to the AIS/W2k-Pilot
(See APPENDIX T).

       The executable and source code, along with the .CMP file (contains compiling
information for Winbatch) are included in the ―Source‖ folder provided with this
documentation.




                                            37
APPENDICES




    38
Appendix A: DEFAULT AUTOEXEC.BAT
     BOLD – Removed lines   ITALIC– Modified lines

     @ECHO OFF
     set EXPAND=YES
     SET DIRCMD=/O:N
     set LglDrv=27 * 26 Z 25 Y 24 X 23 W 22 V 21 U 20 T 19 S 18 R 17 Q 16 P 15
     set LglDrv=%LglDrv% O 14 N 13 M 12 L 11 K 10 J 9 I 8 H 7 G 6 F 5 E 4 D 3
     C
     cls
     call setramd.bat %LglDrv%
     set temp=c:\
     set tmp=c:\
     path=%RAMD%:\;a:\;z:\
     copy command.com %RAMD%:\ > NUL
     set comspec=%RAMD%:\command.com
     copy extract.exe %RAMD%:\ > NUL
     copy readme.txt %RAMD%:\ > NUL

     :ERROR
     IF EXIST ebd.cab GOTO EXT
     echo Please insert Windows 98 Startup Disk 2
     echo.
     pause
     GOTO ERROR

     :EXT
     %RAMD%:\extract /y /e /l %RAMD%: ebd.cab > NUL
     echo The diagnostic tools were successfully loaded to drive %RAMD%.
     echo.

     IF "%config%"=="NOCD" GOTO QUIT
     IF "%config%"=="HELP" GOTO HELP
     LH %ramd%:\MSCDEX.EXE /D:mscd001 /L:z
     echo.

     GOTO QUIT

     :HELP
     cls
     call help.bat
     echo Your computer will now restart and the startup menu will appear.
     echo.
     echo.
     echo.
     echo.
     echo.
     echo.
     echo.
     echo.
     echo.
     echo.
     restart.com
     GOTO QUIT

     :QUIT
     echo To get help, type HELP and press ENTER.
     echo.
     rem clean up environment variables
     set CDROM=
     set LglDrv=



                                            39
Appendix B: MODIFIED AUTOEXEC.BAT
     @ECHO OFF
     cls
     set temp=c:\temp
     set tmp=c:\temp
     path=c:\;c:\ebd;%CDROM%:\

     LH c:\ebd\MSCDEX.EXE /D:mscd001 /L:%CDROM%




                                     40
Appendix C: DEFAULT CONFIG.SYS
     BOLD – Removed lines      ITALIC – Modified lines

     [menu]
     menuitem=CD, Start computer with CD-ROM support.
     menuitem=NOCD, Start computer without CD-ROM support.
     menuitem=HELP, View the Help file.
     menudefault=CD,30
     menucolor=7,0

     [CD]
     device=himem.sys /testmem:off
     device=oakcdrom.sys /D:mscd001
     device=btdosm.sys
     device=flashpt.sys
     device=btcdrom.sys /D:mscd001
     device=aspi2dos.sys
     device=aspi8dos.sys
     device=aspi4dos.sys
     device=aspi8u2.sys
     device=aspicd.sys /D:mscd001

     [NOCD]
     device=himem.sys /testmem:off

     [HELP]
     device=himem.sys /testmem:off

     [COMMON]
     files=10
     buffers=10
     dos=high,umb
     stacks=9,256
     devicehigh=ramdrive.sys /E 2048
     lastdrive=z




                                       41
Appendix D: MODIFIED CONFIG.SYS
     [menu]
     menuitem=CD, Start computer with CD-ROM support.
     menuitem=NOCD, Start computer without CD-ROM support.
     menuitem=HELP, View the Help file.
     menudefault=CD,0
     menucolor=7,0

     [CD]
     device=himem.sys /testmem:off
     device=oakcdrom.sys /D:mscd001
     device=btdosm.sys
     device=flashpt.sys
     device=btcdrom.sys /D:mscd001
     device=aspi2dos.sys
     device=aspi8dos.sys
     device=aspi4dos.sys
     device=aspi8u2.sys
     device=aspicd.sys /D:mscd001

     [NOCD]
     device=himem.sys /testmem:off

     [HELP]
     device=himem.sys /testmem:off

     [COMMON]
     files=10
     buffers=10
     dos=high,umb
     stacks=9,256
     lastdrive=z




                                      42
Appendix E: “SYSPREP.INF”
     ;SetupMgrTag
     [Unattended]
       InstallFilesPath=D:\SYSPREP\i386
       TargetPath=\WINNT

     [GuiUnattended]
       OEMSkipRegional=1
       TimeZone=35

     [UserData]
       FullName="Va Tech"
       OrgName="Va Tech"

     [Display]
       BitsPerPel=32
       Xresolution=1024
       YResolution=768
       Vrefresh=75

     [Identification]
        JoinWorkgroup=WORKGROUP

     [Networking]
       InstallDefaultComponents=Yes

     [SYSPREPMassStorage]
       PCMCIA\*PNP0600=%systemroot%\inf\mshdc.inf
       PCMCIA\KME-KXLC005-A99E=%systemroot%\inf\mshdc.inf
       PCMCIA\_-NinjaATA--3768=%systemroot%\inf\mshdc.inf
       PCMCIA\FUJITSU-IDE-PC_CARD-DDF2=%systemroot%\inf\mshdc.inf
       *AZT0502=%systemroot%\inf\mshdc.inf
       PCI\CC_0101=%systemroot%\inf\mshdc.inf
       PCI\VEN_10B9&DEV_5215=%systemroot%\inf\mshdc.inf
       PCI\VEN_10B9&DEV_5219=%systemroot%\inf\mshdc.inf
       PCI\VEN_10B9&DEV_5229=%systemroot%\inf\mshdc.inf
       PCI\VEN_1097&DEV_0038=%systemroot%\inf\mshdc.inf
       PCI\VEN_1095&DEV_0640=%systemroot%\inf\mshdc.inf
       PCI\VEN_1095&DEV_0646=%systemroot%\inf\mshdc.inf
       PCI\VEN_0E11&DEV_AE33=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_1222=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_1230=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_7010=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_7111=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_2411=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_2421=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_2441=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_244A=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_244B=%systemroot%\inf\mshdc.inf
       PCI\VEN_8086&DEV_7199=%systemroot%\inf\mshdc.inf
       PCI\VEN_1042&DEV_1000=%systemroot%\inf\mshdc.inf
       PCI\VEN_1039&DEV_0601=%systemroot%\inf\mshdc.inf
       PCI\VEN_1039&DEV_5513=%systemroot%\inf\mshdc.inf



                                          43
PCI\VEN_10AD&DEV_0001=%systemroot%\inf\mshdc.inf
PCI\VEN_10AD&DEV_0150=%systemroot%\inf\mshdc.inf
PCI\VEN_105A&DEV_4D33=%systemroot%\inf\mshdc.inf
PCI\VEN_1106&DEV_0571=%systemroot%\inf\mshdc.inf
*ADP1540=%systemroot%\inf\scsi.inf
*ADP1542=%systemroot%\inf\scsi.inf
*ADP4215=%systemroot%\inf\scsi.inf
DETECTEDIsa\aha154x=%systemroot%\inf\scsi.inf
SPARROW_SCSI=%systemroot%\inf\scsi.inf
DETECTED\sparrow=%systemroot%\inf\scsi.inf
*ADP1502=%systemroot%\inf\scsi.inf
*ADP1505=%systemroot%\inf\scsi.inf
*ADP1510=%systemroot%\inf\scsi.inf
*ADP1512=%systemroot%\inf\scsi.inf
*ADP1515=%systemroot%\inf\scsi.inf
*ADP1520=%systemroot%\inf\scsi.inf
*ADP1522=%systemroot%\inf\scsi.inf
*ADP3015=%systemroot%\inf\scsi.inf
*ADP3215=%systemroot%\inf\scsi.inf
*ADP6360=%systemroot%\inf\scsi.inf
*ADP6370=%systemroot%\inf\scsi.inf
PCMCIA\Adaptec__Inc.-APA-1460_SCSI_Host_Adapter-BE89=%systemroot%\inf\scsi.inf
PCMCIA\Adaptec__Inc.-APA-1460_SCSI_Host_Adapter-B67E=%systemroot%\inf\scsi.inf
PCMCIA\Adaptec__Inc.-APA-1460_SCSI_Host_Adapter-6F71=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5075=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5175=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5275=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5375=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5475=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5575=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5675=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5775=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5078=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5178=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5278=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5378=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5478=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5578=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5678=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_5778=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7860=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6078=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6178=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6278=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6378=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6478=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6578=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6778=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7078=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7178=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7278=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7478=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7578=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7678=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7778=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_8078=%systemroot%\inf\scsi.inf


                                  44
PCI\VEN_9004&DEV_8178=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_8278=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_8478=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_8578=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_8678=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_8778=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_8878=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7891=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7892=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7895=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7896=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_7897=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_3B78=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_EC78=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6075=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_6075&SUBSYS_75609004=%systemroot%\inf\scsi.inf
PCI\VEN_9004&DEV_3860=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_0010=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_0020=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_0030=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_001F=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_002F=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_003F=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_0050=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_0051=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_005F=%systemroot%\inf\scsi.inf
*FDC0000=%systemroot%\inf\scsi.inf
DETECTEDPci\Fd16_700=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_00CF=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_00C0=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_008F=%systemroot%\inf\scsi.inf
PCI\VEN_9005&DEV_0080=%systemroot%\inf\scsi.inf
PCI\VEN_10CD&DEV_2300=%systemroot%\inf\scsi.inf
PCI\VEN_10CD&DEV_1100=%systemroot%\inf\scsi.inf
PCI\VEN_10CD&DEV_1200=%systemroot%\inf\scsi.inf
PCI\VEN_10CD&DEV_1300=%systemroot%\inf\scsi.inf
PCMCIA\AdvanSys_-PCMCIA_Ultra_SCSI_ABP460-25c7=%systemroot%\inf\scsi.inf
PCI\VEN_10CD&DEV_1300&SUBSYS_133010CD=%systemroot%\inf\scsi.inf
PCI\VEN_1022&DEV_2020=%systemroot%\inf\scsi.inf
PCI\VEN_8086&DEV_1960&SUBSYS_0438101E=%systemroot%\inf\scsi.inf
PCI\VEN_8086&DEV_1960&SUBSYS_11121111=%systemroot%\inf\scsi.inf
PCI\VEN_8086&DEV_1960&SUBSYS_10C6103C=%systemroot%\inf\scsi.inf
PCI\VEN_8086&DEV_1960&SUBSYS_0466101E=%systemroot%\inf\scsi.inf
PCI\VEN_8086&DEV_1960&SUBSYS_11111111=%systemroot%\inf\scsi.inf
PCI\VEN_8086&DEV_1960&SUBSYS_10C7103C=%systemroot%\inf\scsi.inf
PCI\VEN_101E&DEV_9060=%systemroot%\inf\scsi.inf
PCI\VEN_101E&DEV_9010=%systemroot%\inf\scsi.inf
PCI\VEN_8086&DEV_1960&SUBSYS_03A2113C=%systemroot%\inf\scsi.inf
BUSLOGIC_SCSI=%systemroot%\inf\scsi.inf
DETECTED\buslogic=%systemroot%\inf\scsi.inf
*BUS0042=%systemroot%\inf\scsi.inf
MF\EISA_BUS4201_DEV0=%systemroot%\inf\scsi.inf
PCI\VEN_104B&DEV_1040=%systemroot%\inf\scsi.inf
FLASHPNT_SCSI=%systemroot%\inf\scsi.inf
PCI\VEN_104B&DEV_8130=%systemroot%\inf\scsi.inf
CPQARRAY_SCSI=%systemroot%\inf\scsi.inf


                                 45
  PCI\VEN_0E11&DEV_AE10=%systemroot%\inf\scsi.inf
  *CPQ4410=%systemroot%\inf\scsi.inf
  *CPQ4411=%systemroot%\inf\scsi.inf
  CPQFWS2E_SCSI=%systemroot%\inf\scsi.inf
  PCI\VEN_0E11&DEV_A0EC=%systemroot%\inf\scsi.inf
  CPQFCALM_SCSI=%systemroot%\inf\scsi.inf
  *CPQFD17=%systemroot%\inf\scsi.inf
  DETECTED\cpqarray=%systemroot%\inf\scsi.inf
  DETECTED\cpqfcalm=%systemroot%\inf\scsi.inf
  DETECTED\cpqfws2e=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_008F=%systemroot%\inf\scsi.inf
  PCI\VEN_10DF&DEV_1AE5=%systemroot%\inf\scsi.inf
  PCI\VEN_10DF&DEV_f700=%systemroot%\inf\scsi.inf
  PCI\VEN_10DF&DEV_f800=%systemroot%\inf\scsi.inf
  FD16_700_SCSI=%systemroot%\inf\scsi.inf
  PCMCIA\Future_Domain_Corporation-SCSI_PCMCIA_Credit_Card_Controller-
1BF8=%systemroot%\inf\scsi.inf
  PCI\VEN_1036&DEV_0000=%systemroot%\inf\scsi.inf
  DETECTED\fd16_700=%systemroot%\inf\scsi.inf
  GEN_SCSIADAPTER=%systemroot%\inf\scsi.inf
  PCI\VEN_8086&DEV_1960&SUBSYS_10CC103C=%systemroot%\inf\scsi.inf
  PCI\VEN_8086&DEV_1960&SUBSYS_10CD103C=%systemroot%\inf\scsi.inf
  PCI\VEN_1014&DEV_002E=%systemroot%\inf\scsi.inf
  PCMCIA\IBM-PCMCIA_PorTable_CD-ROM_Drive-84E3=%systemroot%\inf\scsi.inf
  PCMCIA\IBM-PCMCIA_CD-ROM_DRIVE_CD-400-5AFA=%systemroot%\inf\scsi.inf
  PCMCIA\IBM-PCMCIA_PorTable_CD-ROM_Drive-84E2=%systemroot%\inf\scsi.inf
  PCI\VEN_1101&DEV_9500=%systemroot%\inf\scsi.inf
  PCI\VEN_1101&DEV_9400=%systemroot%\inf\scsi.inf
  PCI\VEN_1101&DEV_9401=%systemroot%\inf\scsi.inf
  PCI\VEN_1101&DEV_134A=%systemroot%\inf\scsi.inf
  PCI\VEN_1101&DEV_0002=%systemroot%\inf\scsi.inf
  PCI\VEN_9004&DEV_1160=%systemroot%\inf\scsi.inf
  PCI\VEN_1069&DEV_0001=%systemroot%\inf\scsi.inf
  PCI\VEN_1069&DEV_0002=%systemroot%\inf\scsi.inf
  PCI\VEN_1069&DEV_0010=%systemroot%\inf\scsi.inf
  PCI\VEN_1011&DEV_1065&SUBSYS_00201069=%systemroot%\inf\scsi.inf
  PCI\VEN_1069&DEV_BA55=%systemroot%\inf\scsi.inf
  DETECTED\dac960nt=%systemroot%\inf\scsi.inf
  NCRC710_SCSI=%systemroot%\inf\scsi.inf
  DETECTED\ncrc710=%systemroot%\inf\scsi.inf
  PCI\VEN_1077&DEV_1020=%systemroot%\inf\scsi.inf
  PCI\VEN_1077&DEV_2100&SUBSYS_00011077=%systemroot%\inf\scsi.inf
  PCI\VEN_1077&DEV_1240=%systemroot%\inf\scsi.inf
  PCI\VEN_1077&DEV_1080=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_0001=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_0002=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_0003=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_0004=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_0005=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_0006=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_000B=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_000C=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_000D=%systemroot%\inf\scsi.inf
  PCI\VEN_1000&DEV_000F=%systemroot%\inf\scsi.inf
  PCI\VEN_105A&DEV_4D38=%systemroot%\inf\scsi.inf




                                 46
[Branding]
  BrandIEUsingUnattended=Yes

[Proxy]
  Proxy_Enable=0
  Use_Same_Proxy=0

[GuiRunOnce]
  Command0=c:\DF\ReMounter\rmounter.exe




                                   47
Appendix F: “Mergeide.reg”
     ********* START COPY FROM HERE *************
     Windows Registry Editor Version 5.00

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\prim
     ary_ide_channel]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="atapi"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\seco
     ndary_ide_channel]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="atapi"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\*pnp
     0600]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="atapi"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\*azt0
     502]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="atapi"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\gend
     isk]
     "ClassGUID"="{4D36E967-E325-11CE-BFC1-08002BE10318}"
     "Service"="disk"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#c
     c_0101]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="pciide"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
     ven_0e11&dev_ae33]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="pciide"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
     ven_1039&dev_0601]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="pciide"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
     ven_1039&dev_5513]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="pciide"

     [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
     ven_1042&dev_1000]
     "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
     "Service"="pciide"




                                        48
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_105a&dev_4d33]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_1095&dev_0640]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_1095&dev_0646]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_1097&dev_0038]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_10ad&dev_0001]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_10ad&dev_0150]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_10b9&dev_5215]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_10b9&dev_5219]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_10b9&dev_5229]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="pciide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_1106&dev_0571]
"Service"="pciide"
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_8086&dev_1222]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="intelide"




                                   49
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_8086&dev_1230]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="intelide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_8086&dev_2411]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="intelide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_8086&dev_2421]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="intelide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_8086&dev_7010]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="intelide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_8086&dev_7111]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="intelide"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase\pci#
ven_8086&dev_7199]
"ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}"
"Service"="intelide"

;Add driver for Atapi (requires atapi.sys in drivers directory)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi]
"ErrorControl"=dword:00000001
"Group"="SCSI miniport"
"Start"=dword:00000000
"Tag"=dword:00000019
"Type"=dword:00000001
"DisplayName"="Standard IDE/ESDI Hard Disk Controller"
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
 52,00,49,00,56,00,45,00,52,00,53,00,5c,00,61,00,74,00,61,00,70,00,69,00,2e,\
 00,73,00,79,00,73,00,00,00

;Add driver for intelide (requires intelide.sys in drivers directory)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IntelIde]
"ErrorControl"=dword:00000001
"Group"="System Bus Extender"
"Start"=dword:00000000
"Tag"=dword:00000004
"Type"=dword:00000001
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
 52,00,49,00,56,00,45,00,52,00,53,00,5c,00,69,00,6e,00,74,00,65,00,6c,00,69,\
 00,64,00,65,00,2e,00,73,00,79,00,73,00,00,00




                                              50
;Add driver for pciide (requires pciide.sys and pciidex.sys in drivers directory)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCIIde]
"ErrorControl"=dword:00000001
"Group"="System Bus Extender"
"Start"=dword:00000000
"Tag"=dword:00000003
"Type"=dword:00000001
"ImagePath"=hex(2):53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
 52,00,49,00,56,00,45,00,52,00,53,00,5c,00,70,00,63,00,69,00,69,00,64,00,65,\
 00,2e,00,73,00,79,00,73,00,00,00
************ END COPY HERE ***************




                                            51
Appendix G: AIS/W2K PILOT PROJECT CONFIGURATION DEPLOYMENT
PROCEDURE
v1.0
011129

***NOTE*** It is possible that there are multiple CDs for the deployment of the AIS/W2k Pilot Project System
Configurations. This is due to the fact that the File Structure image (FS), which includes the Windows 2000
Installation files (I386 files) can cause the data to exceed that of a normal, high-capaciy (700MB) CD. If this occurs,
CD 1 will be labled the FS CD for File Structure CD and CD 2 will be the UDI CD for Universal Disk Image CD.

For the most part the instructions for single-cd installs and multiple-cd installs will be the same. If the instructions
differ for a particular step, the single-CD instructions will be listed as normal, followed by the multiple-CD instructions
(MCD) enclosed in brackets, "[]", and and between the following tags, <MCD>instructions</MCD>.

CONTENTS OF CD(s):
"BootDisk.exe" -
           Creates UDI BootDisk if the computer can't "Boot to CD"
"fs.bat" -
           Batch file to load the FS Image ("w2kfs.gho") using the switches in "fswtich.txt"
"fswitch.txt" -
           File containing the batch command line switches for loading the FS Image
"ghost.exe" -
           "Disk Imaging Software", used to load the images
"udi.bat" -
           Batch file to load the UDI ("udi.gho") using the switches in "udisw.txt"
"udi.gho" -
           UDI (Universal Disk Image) file
"udisw.txt" -
           File containing the batch command line switches for loading the UDI
"W2k Deployment Procedures.txt" -
           Instructions for installing the AIS/W2k Pilot Project Configuration
"w2kfs.gho" -
           FS Image

"QUICK-INSTALLATION" INSTRUCTIONS (SEE BELOW FOR DETAILED-INSTALLATION
INSTRUCTIONS):

I. Power on computer and boot to CD (or to the UDI BootDisk you created. See the Detailed-Installation Instructions
for how to create the UDI BootDisk.)

          [<MCD>Boot off of the FS CD (CD 1)</MCD>]

II. Change to DOS prompt to CD-ROM drive letter, should be Z:.

          type following at "C:\>":
                    z: <enter>

III. Load the "File System" image by running the fs.bat file

          type the following at Z:\>:
                    fs.bat

IV. After the "File System" image has been loaded the computer will reboot. Allow it to boot to the CD again.
          [<MCD>Boot off of the UDI CD (CD 2)</MCD>]


V. Change to DOS prompt to CD-ROM drive letter, should be Z:.

          type following at "C:\>":
                    z: <enter>



                                                           52
VI. Load the "UDI" image by running the udi.bat file

          type the following at the Z:\>:
                    udi.bat

VII. After the "UDI" image has been loaded the computer will reboot. Remove the CD from the CD Drive and allow
the computer to boot to the hard drive

VIII. Windows 2000 will start up and the Mini-Setup Wizard should begin.
         The Mini-Setup Wizard should prompt you for the following
                  1) Agreement to MS EULA (License agreement)
                  2) COMPUTER NAME and Administrator Password
                  3) Prompt to reboot after Mini-Setup Wizard is complete
                  4) At first login after loading the UDI, there might be an error box that appears stating that
                       "D:\SYSPREP" could not be found. Click "OK" and ignore.

IX. After completing the Mini-Setup Wizard and rebooting, there are 4 more steps that need to be completed to finish
the setup.
           1) Configure the Network Properties
           2) Add the computer to the test-lab.w2k-pilot.vt.edu domain
           3) Install the SMS Client

                      a) Run SMSMan.exe located at c:\df\SMSLaunch\SMSMan.exe
                      b) When prompted for the "Select a Systems Management Installation Option", choose to "Specify
                           installation Location" and enter "yori" (without the quotes)
                      c) Allow setup to finish, keeping the default settings.
          4) If this is on of the TEST-LAB-?? computers, add the associated admin user (i.e. orient_admin for the
                Orientation's lab computer) to the local administrators group.

          --------------


[SEE THE TROUBLESHOOTING SECTION FOR ADDITIONAL INFORMATION]


DETAILED-INSTALLATION INSTRUCTIONS:

I. Power on computer and boot to CD
           You might need to enable the "Boot to CD" option in the BIOS. If after configuring the BIOS the computer
still won't boot from the CD, place the CD in an already booted up computer and run BootDisk.exe to create the UDI
BootDisk. You will need a blank floppy.

          [<MCD>Boot off of the FS CD (CD 1).</MCD>]

II. Change to DOS prompt to CD-ROM drive letter, should be Z:.

          type following at "C:\>":
                    z: <enter>

III. Load the "File System" image by running the fs.bat file

          File System image = "Full Disk" image (as opposed to a "Single Partition" image) loaded using Ghost
          command line switches to do the following:
                    1) Re-size and Re-partition the computer hard drive (It will only affect the Master hard drive if
                         multiple hard drives are present)
                    2) Install DOS 7.0 on the C: drive and the Master Boot Record (MBR) for dual-booting DOS and
                         Windows 2000
                    3) Copy the Windows 2000 (w/integrated SP1) I386 directory to the I386 partition

          To Load the File System image:
                   type the following at Z:\>:



                                                           53
                                fs.bat
                      The fs.bat simply runs "z:\ghost.exe @z:\fswitch.txt", which executes ghost.exe and tells it to run
                      the command line switches found in the fswitch.txt file.

           This will run Ghost and load an image that repartitions the hard drive into 4 partitions and sizes them
accordingly:
PARTITION #              DRIVE LETTER         PARTITION NAME             FILE SYSTEM           SIZE
1st Partition            C:                   BOOT                       FAT                   100MB
2nd Partition            D:                   OS                         NTFS                  45% of the hard drive size
3rd Partition            none                 I386                       FAT32                 400MB
4th Partition            none                 STORAGE                    FAT32                 remainder of hard drive

          The BOOT and I386 partitions will have DOS 7.0 and the Windows 2000 installation files on them,
respectively. The OS and STORAGE partitions will be blank.

          The Ghost Command Line switches used can be found in the fswitch.txt file. Following is the full contents
of the fswitch.txt file

          ###########################
                  -batch
                  -clone,mode=load,SRC=w2kfs.gho,DST=1,sze1=100M,sze2=45P,sze3=400M,sze4=V
                  -quiet
                  -fnf
                  -sure
                  -rb
          ###########################

          EXPLANATION OF SWITCHES

          1) -batch
                            Batch mode switch. Prevents abort messages waiting for user acknowledgment, and
                            removes user interaction prompts.
          2) -clone,mode=load,SRC=w2kfs.gho,DST=1,sze1=100M,sze2=45P,sze3=400M,
          sze4=V
                            Clone operation switch. This switch allows automation of Ghost operations. Used to
                            specify to Ghost how to size the partitions.
          3) -quiet
                            Quiet mode. Disables status updates and user intervention.
          4) -fnf
                            Turns off fingerprint creation.
          5) -sure
                            Use the -sure switch in conjunction with -clone to avoid being prompted with the final
                            question ‗Proceed with disk clone - destination drive will be overwritten?‘
          6) -rb
                            Restarts after finishing a load or copy. After completing a load or copy operation, the
                            target computer must be restarted so that the operating system can load the new
                            disk/partition information.

IV. After the "File System" image has been loaded the computer will reboot. Allow it to boot to the CD again.
          [<MCD>Boot off of the UDI CD (CD 2)</MCD>]

V. Change to DOS prompt to CD-ROM drive letter, should be Z:.

          type following at "C:\>":
                    z: <enter>

VI. Load the "UDI" image by running the udi.bat file

          UDI image = "Single Partition" loaded using Ghost command line switches to do the following

                      1) Load a Windows 2000 image to the 2nd partition (D:). The SYSPREP Utility was used in the
                           preparation of this image.



                                                            54
         To Load the UDI image:
                  type the following at the Z:\>:
                            udi.bat
                  The udi.bat simply runs "z:\ghost.exe @z:\udisw.txt", which executes ghost.exe and tells it to run
                  the command line switches found in the udisw.txt file.

         This will run Ghost and load a "Single Partition" image which contains a freshly sypreped Windows 2000,
meaning that at the next boot up the Windows 2000 Mini-Setup Wizard will run, generating a new SID for the
computer, as if it were a new install.

          The Ghost Command Line switches used can be found in the udisw.txt file. Following is the full contents of
the udisw.txt file. All but the "-clone" line is identical to the contents of the fswitch.txt.

         ###########################
                 -batch
                 -clone,mode=pload,SRC=udi.gho:1,DST=1:2,sze3=V
                 -quiet
                 -fnf
                 -sure
                 -rb
         ###########################

         SEE ABOVE FOR EXPLANATION OF SWITCHES

VII. After the "UDI" image has been loaded the computer will reboot. Remove the CD from the CD Drive and allow
the computer to boot to the hard drive
          NOTE -- There is no danger if the computer again boots to the CD. Merely remove the CD and reboot the
                computer again.

VIII. Windows 2000 will start up and the Mini-Setup Wizard should begin.
         The Mini-Setup Wizard should prompt you for the following
                  1) Agreement to MS EULA (License agreement)
                  2) COMPUTER NAME and Administrator Password
                  3) Prompt to reboot after Mini-Setup Wizard is complete
                  4) At first login after loading the UDI, there might be an error box that appears stating that
                       "D:\SYSPREP" could not be found. Click "OK" and ignore. This error occurs because
                       SYSPREP was executed from Windows Explorer. After SYSPREP is executed and the
                       computer is rebooted, the SYSPREP folder is deleted. At first login, Windows trys to open
                       Windows Explorer up to D:\SYSPREP but it doesn't exist and therefore generates the error.
                       This error should be eliminated in future UDI versions by running SYSPREP from the
                       command line.

IX. After completing the Mini-Setup Wizard and rebooting, there are 4 more steps that need to be completed to finish
     the setup.
          1) Configure the Network Properties
          2) Add the computer to the test-lab.w2k-pilot.vt.edu domain
          3) Install the SMS Client
                      a) Run SMSMan.exe located at c:\df\SMSLaunch\SMSMan.exe
                      b) When prompted for the "Select a Systems Management Installation Option", choose to "Specify
                           installation Location" and enter "yori" (without the quotes)
                      c) Allow setup to finish, keeping the default settings.
          4) If this is on of the TEST-LAB-?? computers, add the associated admin user (i.e. orient_admin for the
                Orientation's lab computer) to the local administrators group.

         --------------


[SEE THE TROUBLESHOOTING SECTION FOR ADDITIONAL INFORMATION]


TROUBLESHOOTING



                                                         55
           It is also a good idea to make sure that the Rmounter program ran properly. Rmounter.exe is a utility that
runs at the initial login immediately following the loading of the UDI. The purpose of Rmounter.exe is to hide the I386
and STORAGE partitions, mount the I386 partition as an NTFS Mount Point to the D:\I386 directory, and re-assign
drive letters.

          Below is a description of the partions and drive letter assignments before and after Rmounter.exe is executed.

                      Pre-rmounter.exe
                              BOOT (C:)
                              OS (D:)
                              I386 (E:)
                              STORAGE (F:)
                              [Remaining Removable drives--depending on system hardware, could be one or more
                                    Zip, Jaz, or CD peripheral]

                      Post-rmounter.exe
                               BOOT (C:)
                               OS (D:)
                               [Remaining Removable drives--depending on system hardware, could be one or more
                                    Zip, Jaz, or CD peripheral]

          If after loading the UDI and logging in, the disk partitions are still in a "Pre-rmounter.exe" configuration, re-
run the rmounter.exe.

                      -Run the Rmounter utility
                               1) Run rmounter.exe located at c:\df\ReMounter\rmounter.exe
                               2) Rmounter will run transparently and should only take a couple of seconds
                                          a) if you currently have the Windows Explorer open, you should see the
                                                changes take place
                               3) Verify the Rmounter has properly configured the disk partitions in the "Post-
                                     rmounter.exe" configuration
                               4) If the the disk partitions are still in a "Pre-rmounter.exe" configuration, follow the
                                     "Rules for Manually Setting the Disk Partion Configuration"

          --------------

Rules for Manually Setting the Disk Partion Configuration
         1. Make sure to close any instances of "Windows Explorer" that are open so no drives will be "in use" as we
              changed the configuration
         2. Open the Disk Management Utility
                   a) Right-click on the "My Computer" icon on the Desktop and select "Manage" from the context
                        menu that appears
                   b) In the left window pane, left-click on "Computer Management (Local)"-->"Storage"-->"Disk
                        Management"
         3. Remove the drive letter assignment for the I386 partition and mount it as a volume to the D:\I386 directory
                   A) Remove "I386" Drive Letter Assignment
                              1) In the bottom, right window pane, Right-click on the partion block labeled "I386 (E:)"
                                   and select "Change Drive Letter and Path..." from the context menu that appears
                              2) In the "Change Drive Letter and Path for I386 (E:)" window that appears, left-click on
                                   the "Remove" button
                              3) In the "Confirm" message that appears, left-click on the "Yes" button
                              4) Now the partion label should have chanbed from "I386 (E:)" to "I386"
                   B) Add I386 as Mount Volume
                              1) In the bottom, right window pane, Right-click on the partion block labeled "I386 (E:)"
                                   and select "Change Drive Letter and Path..." from the context menu that appears
                              2) In the "Change Drive Letter and Path for I386 (E:)" window that appears, left-click on
                                   the "Add" button
                              3) In the "Add New Drive Letter or Path" window that appears, left-click on the circle
                                   next to "Mount in this NTFS Folder" and then left-click on the "Browse" button
                              4) In the "Browse for Drive Path", click on the "+" next to "D:\" in the bottom window to
                                   expand the directory listing



                                                             56
         5) IF AN "I386" DIRECTORY ALREADY DOES NOT EXIST, FOLLOW STEP 5)a)
           IF AN "I386" DIRECTORY DOES EXIST, SKIP TO STEP 6
                    a) How to Create an "I386" Directory if it doesn't already exist
                                i) If an "I386" directory does not exist, left-click on "D:\" to highlight
                                       it and then left-click on the "New Folder" button
                                ii) A new folder will appear in the directory listing highlighted and
                                       ready to be renamed. Name it "I386"
         6) Left-click on the "I386" directory to highlight it and then left-click on the "OK" button
                    a) If after highlighting the I386 directory, the "OK" button is still "grayed out"
                          then the I386 directory is not empty. You should delete the contents of the
                          D:\I386 directory and then continue with Step 6.
         7) Left-click on the "OK" button in the "Add New Drive Letter or Path" window
C) Remove "STORAGE" Drive Letter
         1) In the bottom, right window pane, Right-click on the partion block labeled
              "STORAGE (F:)" and select "Change Drive Letter and Path..." from the context
              menu that appears
         2) In the "Change Drive Letter and Path for STORAGE (F:)" window that appears, left-
              click on the "Remove" button
         3) In the "Confirm" message that appears, left-click on the "Yes" button
         4) Now the partion label should have chanbed from "STORAGE (F:)" to "STORAGE"
D) Change Drive Letter Assignment for existing removable media peripheral (i.e., Zip, Jaz, CD,
    etc)
         1) In the bottom, right window pane, down the left side is the listing of the different hard
              drives and removable media installed on the computer. After any hard drives
              (labeled as "Disk0", "Disk1", etc.), the removable media devices will be listed.
              Repeat the following instructions for each removable media device starting from the
              top of the list down.
                    a) Right-click on the removable device in the left side of the bottom, right
                          window and select "Change Drive Letter and Path..."
                    b) In the "Change Drive Letter and Path for %DEVICENAME%
                          (%DRIVELETTER%:)" window that appears, left-click on the "Edit"
                          button (where "%DEVICENAME%" is the device and
                          "%DRIVELETTER%" is the assigned drive letter)
                    c) Change the Drive letter to the next available drive letter alphabetically.
                                i) In the "Edit Drive Letter or Path" window that appears, left-click
                                       on the arrow next to the current drive letter.
                                ii) In the drop down menu that appears, use the up arrow to select the
                                       first available drive letter.
                                iii) When you left-click on the first available drive letter, the context
                                       menu will disappear
                    d) Left-click on the "OK" button to close the "Edit Drive Letter or Path"
                          window
                    e) In the "Confirm" message that appears, left-click on the "Yes" button
                    f) Now the drive letter assignment should have changed from the old drive
                          letter to the new drive letter
                    g) Follow steps a)-f) for the next peripheral




                                        57
Appendix H: Lazarus v0.0.3 Source
     ;Part one of "Lazarus" - "Laz"
     ;v0.0.3
     ; moved Pause function to top of script - Now, no changes are made to
        the system until the user has reach
     ;      the "point of no return", the point at which he is unable to back
        out of the action

     ;v0.0.2
     ; modified Laz to remove "Read-Only" attribute from autoexe.bat as well
        as the "Hidden" attribute

     ;v0.0.1
     ; 1) Modify the Boot.ini so that the system boots immediately into DOS
        on the next boot up
     ;      a) Have 3 "Boot.ini" files - 1) Boots to Windows 2000 regularly,
        2) Boots to DOS immediately, 3) Currently active Boot.ini (will
        alternate between the first two)

     ;Added Extenders
     AddExtender("wwwnt34i.dll")

     Pause ("Rebooting", 'Click "OK" to Reboot your Computer')
     ;Remove the file attributes from the boot.ini and autoexec.bat files
     FileAttrSet("c:\boot.ini","rsh")
     FileAttrSet("c:\autoexec.bat","rh")

     ;Copying and renaming the boot.dos file to c:\boot.ini, overwriting the
        previous boot.ini file
     FileCopy ("c:\df\boot\boot.dos","c:\boot.ini",@FALSE)

     ;Copying and renaming the autoexec.dos file to c:\autoexec.bat,
        overwriting the previous autoexec.bat file
     FileCopy ("c:\df\boot\autoexec.laz","c:\autoexec.bat",@FALSE)

     ;Reboot the local computer
     wntShutdown("",'Your computer will now reboot and beginning loading the
        Default System State. This will take several
        minutes.',5,@FALSE,@TRUE)




                                     58
Appendix I: Lazarus Ghost command switch files
     Ruswitch.txt — descriptions in bold following
     -batch
     -clone,mode=pload,SRC=e:\ghost\images\0-image.gho:1,DST=1:2
     -quiet
     -fnf
     -sure
     -rb

     -batch = Prevents abort messages that wait for user acknowledgement.
     -clone,mode=pload,SRC=e:\ghost\images\0-image.gho:1,DST=1:2
     -clone = specifies the cloning operation that you want Ghost to perform
     mode=pload = loading a partition instead of a full image
     SRC=e:\ghost\images\0-image.gho = give path to source image
     :1 = use 1 partition on source image, needed even if it only contains one partition
     DST=1:2 = tells location of destination partition, here it is on hard drive #1, partition #2
     -quiet = QUIET mode. No user intervention allowed and no screen display.
     -fnf = Turns off Fingerprint creation.s
     -sure = Used in conjunction with -CLONE to avoid the final proceed prompt.
     -rb = In batch mode, this forces automatic reboot after completion.




                                               59
Appendix J: SnapShot v1.2.0.0 Source
     ;"SnapShot"
     ; -Pre-emptive Disaster Recovery tool

     AddExtender("wwwnt34i.dll")

     utils=("C:\DF\SYS\")

     GoSub ABOUT

     curPid=(Environment("USERNAME"))

     mvf=("D:\Temp\DF\sto_mv")

     If !(DirExist(mvf)) Then
        DirMake(mvf)
     EndIf

     sys=("C:\DF\SYS")

     If !(DirExist(sys)) Then
        DirMake(sys)
     EndIf

     RunHideWait(Environment("COMSPEC"),"/c %utils%mountvol >
        C:\DF\SYS\parguids.txt")
     pguid=(FileOpen("C:\DF\SYS\parguids.txt","READ"))

     A = ""
     B = ""

     while (B != "*EOF*")
        A = B
        B = StrTrim(FileRead(pguid))
        If B == "*** NO MOUNT POINTS ***" Then

              fex=FileExist("C:\DF\SYS\i386.txt")
              Switch fex
                     Case 0
                            i386 = FileOpen("C:\DF\SYS\i386.txt","WRITE")
                            FileWrite(i386,"%A%")
                            FileClose(i386)
                            Break
                     Case 1
                            storage = FileOpen("C:\DF\SYS\storage.txt","WRITE")
                            FileWrite(storage,"%A%")
                            FileClose(storage)
                            Break
              EndSwitch

        EndIf
     EndWhile

     stotxt=FileOpen("C:\DF\SYS\storage.txt","READ")
     stoguid=FileRead(stotxt)
     FileClose(stotxt)

     RunHideWait(Environment("COMSPEC"),'/c %utils%mountvol
        "D:\Temp\DF\sto_mv" %stoguid%')
     FileClose(pguid)




                                        60
lstSnp=FileExist("D:\Temp\DF\sto_mv\SnapShot\Snap\snapshot.gho")
hisExist=FileExist("D:\Temp\DF\sto_mv\SnapShot\Snap\snapshot.his")

   If (lstSnp==1) Then

      snpCreateDate=(FileYmdHms("D:\Temp\DF\sto_mv\SnapShot\Snap\snapsho
   t.gho"))
   Endif

If (lstSnp==1) && (hisExist==0) Then
   txt1=("A previous SnapShot was found but the corresponding History
   file is missing. ")
   txt2=("The SnapShot history will not be available. This is NOT a
   Critical error. ")
   txt3=("%@crlf%%@crlf%You can continue without problems and a new
   SnapShot History file will be generated.")
   txtFull=StrCat(txt1,txt2,txt3)

   Message("SnapShot - Missing History File",txtFull)
EndIf

If (hisExist==0) Then
   snpHisNew=(FileOpen("D:\Temp\DF\sto_mv\SnapShot\Snap\snapshot.his","A
   PPEND"))
   FileWrite(snpHisNew,"#ACTION*DATE*USER")
   If (lstSnp==1) Then
       FileWrite(snpHisNew,"take*%snpCreateDate%*unknown")
   Endif
   FileClose(snpHisNew)
EndIf

While ((lstSnp==2) || (hisExist==2))
   Message("File in Use",'A needed file is currently being used by
   another program. Please close all programs and then click "OK"')
EndWhile

Switch lstSnp

   Case 0
      lstPid="No Previous Snapshot Present"
      lstDate="No Previous Snapshot Present"
      lstAct="No Previous Snapshot Present"
      lstCrtDate="No Previous Snapshot Present"

      Break

      Case 1

      snpHis=(FileOpen("D:\Temp\DF\sto_mv\SnapShot\Snap\snapshot.his","R
   EAD"))
      nxtLine=""
      lstLine=""

      While (nxtLine!="*EOF*")
             lstLine=nxtLine
             nxtLine=FileRead(snpHis)
      EndWhile

      FileClose(snpHis)

      lstPid=StrSub(lstLine,26,-1)
      lstAct=StrSub(lstLine,1,4)




                                61
   lstDateLong=StrSub(lstLine,6,19)
   lstDateY=StrSub(lstDateLong,1,4)
   lstDateM=StrSub(lstDateLong,6,2)
   lstDateD=StrSub(lstDateLong,9,2)
   lstTimeH=StrSub(lstDateLong,12,2)
   lstTimeM=StrSub(lstDateLong,15,2)
   lstTimeS=StrSub(lstDateLong,18,-1)
   delTime=":"
   delDate="/"

   lstDate=StrCat(lstDateM,delDate,lstDateD,delDate,lstDateY)

   If Int("%lstTimeH%")<12 Then AMPM=0
   Else AMPM=1

   Switch AMPM
          Case 0
                   morn=" AM"

   lstTimeAM=StrCat(lstTimeH,delTime,lstTimeM,delTime,lstTimeS,morn)
                 Break
          Case 1
                 eve=" PM"
                 lstTimeHPM=Int("%lstTimeH%")-int("12")

   lstTimePM=StrCat(lstTimeHPM,delTime,lstTimeM,delTime,lstTimeS,eve)
                Break
   EndSwitch

   lstCrtDateY=StrSub(SnpCreateDate,1,4)
   lstCrtDateM=StrSub(SnpCreateDate,6,2)
   lstCrtDateD=StrSub(SnpCreateDate,9,2)
   lstCrtTimeH=StrSub(SnpCreateDate,12,2)
   lstCrtTimeM=StrSub(SnpCreateDate,15,2)
   lstCrtTimeS=StrSub(SnpCreateDate,18,-1)
   delCrtTime=":"
   delCrtDate="/"
   delCrtSpace=" on "


   lstCrtDay=StrCat(lstCrtDateM,delCrtDate,lstCrtDateD,delCrtDate,lst
CrtDateY)

   If ((Int("%lstCrtTimeH%")<=11) || (Int("%lstCrtTimeH%")==24)) Then
AMPM=0
   Else AMPM=1

   Switch AMPM
          Case 0
                   morn=" AM"

   lstCrtTime=StrCat(lstCrtTimeH,delCrtTime,lstCrtTimeM,delCrtTime,ls
tCrtTimeS,morn)
                 Break
          Case 1
                 eve=" PM"
                        lstCrtTimeHPM=Int("%lstCrtTimeH%")
                        If lstCrtTimeHPM>12 Then
                               lstCrtTimeHPM=lstCrtTimeHPM-int("12")
                        EndIf

   lstCrtTime=StrCat(lstCrtTimeHPM,delCrtTime,lstCrtTimeM,delCrtTime,
lstCrtTimeS,eve)



                                62
                      Break
      EndSwitch

       lstCrtDate=StrCat(lstCrtTime,delCrtSpace,lstCrtDay)
       Break
EndSwitch

GoSub MENU

While ((snpAction!=1) && (lstSnp==0))
   GoSub MENU
EndWhile

newAction=""
newDateTime=TimeYmdHms()
delHis="*"

Switch snpAction
   Case 1

      If lstSnp==1 Then
             q=AskYesNo("Previous Snapshot Found","A previous Snapshot
   was found. If you Take a Snapshot, the previous Snapshot will be
   overwritten.%@crlf%%@crlf%Do you wish to continue?")

                   If q==@NO Then
                          Message("SnapShot Canceled", "You have chosen
   not to continue. The SnapShot utility will now exit.")
                          GoSub Leave
                   EndIf

      EndIf

      newAction="TAKE"

      Break
   Case 2
      snpAge=(TimeDiffDays(newDateTime,lstDateLong))

      txtLoad1="Loading a Snapshot will overwrite any changes made to
   your computer since the Snapshot was taken."
      txtLoad2='%@crlf%%@crlf%The Snapshot to be loaded is %snpAge% days
   old.%@crlf%%@crlf%Select "YES" to begin loading the Snapshot or "No"
   to abort.'
      txtLoadFull=StrCat(txtLoad1,txtLoad2)
      q=AskYesNo("Loading Snapshot",txtLoadFull)

      If q==@YES Then

              If snpAge>14 Then
                           GoSub OLD
              Else

                      If snpAge<0 Then
                             GoSub INVALID
                      EndIf

              EndIf

      EndIf

              If q==@NO Then




                                  63
                       Message("SnapShot Canceled", "You have chosen not to
   continue.     The SnapShot utility will now exit.")
                       GoSub Leave
                EndIf

      newAction="LOAD"

      Break

EndSwitch

GoSub CONFIRM

newDateTime=TimeYmdHms()

newHis=StrCat(newAction,delHis,newDateTime,delHis,curPid)
newSnpHis=FileOpen("D:\Temp\DF\sto_mv\SnapShot\Snap\snapshot.his","APPEND
   ")
FileWrite(newSnpHis,"%newHis%")
FileClose(newSnpHis)

Switch snpAction
   case 1
       FileAttrSet("c:\boot.ini","rsh")
       FileCopy("\df\boot\boot.dos","c:\boot.ini",@FALSE)
       FileAttrSet("c:\autoexec.bat","rsh")
       FileCopy("\df\boot\autoexec.snp","c:\autoexec.bat",@FALSE)
       break
   case 2
       FileAttrSet("c:\boot.ini","rsh")
       FileCopy("\df\boot\boot.dos","c:\boot.ini",@FALSE)
       FileAttrSet("c:\autoexec.bat","rsh")
       FileCopy("\df\boot\autoexec.sht","c:\autoexec.bat",@FALSE)
       break
EndSwitch

RunHideWait(Environment("COMSPEC"),'/c %utils%linkd "D:\Temp\DF\sto_mv"
   /d')

GoSub REBOOT

;SUB-ROUTINES

:LEAVE
RunHideWait(Environment("COMSPEC"),'/c %utils%linkd "D:\Temp\DF\sto_mv"
   /d')
Exit

:ABOUT
snpAboutFormat=`WWWDLGED,5.0`

snpAboutCaption=`About SnapShot`
snpAboutX=166
snpAboutY=118
snpAboutWidth=182
snpAboutHeight=193
snpAboutNumControls=15

snpAbout01=`14,6,156,DEFAULT,STATICTEXT,DEFAULT,"SnapShot is a utility
   for taking an image of the current"`
snpAbout02=`14,16,156,DEFAULT,STATICTEXT,DEFAULT,"status of your
   computer. You can also use SnapShot to"`




                                   64
snpAbout03=`14,26,156,DEFAULT,STATICTEXT,DEFAULT,"load a previously taken
   snapshot to restore your system"`
snpAbout04=`14,36,156,DEFAULT,STATICTEXT,DEFAULT,"to it's previous
   configuration. This can be useful as a"`
snpAbout05=`14,46,156,DEFAULT,STATICTEXT,DEFAULT,"disaster recovery
   method when you are attempting to change"`
snpAbout06=`14,56,156,DEFAULT,STATICTEXT,DEFAULT,"the configuration of
   your computer, i.e when you are"`
snpAbout07=`14,66,156,DEFAULT,STATICTEXT,DEFAULT,"installing new programs
   or device drivers."`
snpAbout08=`14,88,156,DEFAULT,STATICTEXT,DEFAULT,"NOTE: While SnapShot
   does have some archival qualities it is"`
snpAbout09=`14,98,156,DEFAULT,STATICTEXT,DEFAULT,"not meant as a
   Backup/Archive Solution. It's purpose is for"`
snpAbout10=`14,108,156,DEFAULT,STATICTEXT,DEFAULT,"'short term' system
   backup. A snapshot older than one week"`
snpAbout11=`14,118,156,DEFAULT,STATICTEXT,DEFAULT,"can be severely
   outdated depending on the amount of"`
snpAbout12=`14,128,156,DEFAULT,STATICTEXT,DEFAULT,"changes you have made.
   "`
snpAbout13=`20,164,64,DEFAULT,PUSHBUTTON,DEFAULT,"Continue",1`
snpAbout14=`98,164,64,DEFAULT,PUSHBUTTON,DEFAULT,"Cancel",2`
snpAbout15=`14,146,156,DEFAULT,STATICTEXT,DEFAULT,"RESTORE OLDER
   SNAPSHOTS AT YOUR OWN RISK!"`

aboutBP=Dialog("snpAbout")

If aboutBP==2 Then GoSub Leave

Return

:OLD
snpOldFormat=`WWWDLGED,5.0`

snpOldCaption=`WARNING - OLD SNAPSHOT`
snpOldX=115
snpOldY=145
snpOldWidth=170
snpOldHeight=96
snpOldNumControls=6

snpOld01=`14,10,144,DEFAULT,STATICTEXT,DEFAULT,"The Snapshot you are
   about to load is %snpAge% days old."`
snpOld02=`24,68,52,DEFAULT,PUSHBUTTON,DEFAULT,"Continue",1`
snpOld03=`90,68,52,DEFAULT,PUSHBUTTON,DEFAULT,"Abort",2`
snpOld04=`14,48,110,DEFAULT,STATICTEXT,DEFAULT,"You may continue but do
   so at your own risk."`
snpOld05=`14,18,144,DEFAULT,STATICTEXT,DEFAULT,"Loading an Old Snapshot
   is not advisable since many"`
snpOld06=`14,26,134,DEFAULT,STATICTEXT,DEFAULT,"changes to the computer
   have likely taken place."`

oldBP=Dialog("snpOld")

If oldBP==2 Then GoSub Leave

Return

:INVALID
snpInvAgeFormat=`WWWDLGED,5.0`

snpInvAgeCaption=`INVALID SNAPSHOT AGE`
snpInvAgeX=115



                                 65
snpInvAgeY=145
snpInvAgeWidth=160
snpInvAgeHeight=96
snpInvAgeNumControls=6

snpInvAge01=`14,10,134,DEFAULT,STATICTEXT,DEFAULT,"The SnapShot utility
   has returned an invalid Age for"`
snpInvAge02=`20,64,52,DEFAULT,PUSHBUTTON,DEFAULT,"Continue",1`
snpInvAge03=`84,64,52,DEFAULT,PUSHBUTTON,DEFAULT,"Abort",2`
snpInvAge04=`14,46,110,DEFAULT,STATICTEXT,DEFAULT,"Load Snapshot at your
   own risk."`
snpInvAge05=`14,18,126,DEFAULT,STATICTEXT,DEFAULT,"the current Snapshot.
   The validity of the Snapshot"`
snpInvAge06=`14,26,50,DEFAULT,STATICTEXT,DEFAULT,"cannot be verified."`

invBP=Dialog("snpInvAge")

If invBP==2 Then GoSub Leave

Return

:MENU
snpFormat=`WWWDLGED,5.0`

snpCaption=`SnapShot Selection Menu`
snpX=115
snpY=145
snpWidth=151
snpHeight=148
snpNumControls=15

snp01=`8,126,44,DEFAULT,PUSHBUTTON,DEFAULT,"Take SnapShot",1`
snp02=`54,126,44,DEFAULT,PUSHBUTTON,DEFAULT,"Load SnapShot",2`
snp03=`100,126,44,DEFAULT,PUSHBUTTON,DEFAULT,"Cancel",3`
snp04=`12,50,74,DEFAULT,STATICTEXT,DEFAULT,"Date of last Snapshot
   activity:"`
snp05=`12,82,74,DEFAULT,STATICTEXT,DEFAULT,"Snapshot action perfomed
   by:"`
snp06=`94,50,52,DEFAULT,VARYTEXT,lstDate,""`
snp07=`94,82,52,DEFAULT,VARYTEXT,lstPid,""`
snp08=`12,4,128,DEFAULT,STATICTEXT,DEFAULT,"Press 'Take SnapShot' to
   capture a system snapshot."`
snp09=`12,16,128,DEFAULT,STATICTEXT,DEFAULT,"Press 'Load SnapShot' to
   restore a system snapshot."`
snp10=`12,28,128,DEFAULT,STATICTEXT,DEFAULT,"Press 'Cancel' to abort the
   SnapShot utility."`
snp11=`12,66,36,DEFAULT,STATICTEXT,DEFAULT,"Action taken:"`
snp12=`94,66,52,DEFAULT,VARYTEXT,lstAct,""`
snp13=`12,98,64,DEFAULT,STATICTEXT,DEFAULT,"Creation date of current"`
snp14=`12,106,64,DEFAULT,STATICTEXT,DEFAULT,"Snapshot image:"`
snp15=`94,98,52,DEFAULT,VARYTEXT,lstCrtDate,""`

snpAction=Dialog("snp")

If snpAction==3 Then GoSub Leave

If ((snpAction==2) && (lstSnp==0)) Then
   Message("NO SNAPSHOT TO LOAD",'A Snapshot cannot be loaded because no
   Snapshot was found. Click "OK" to return to the Snapshot Selection
   Menu')
EndIf
Return




                                   66
:CONFIRM
confirmFormat=`WWWDLGED,5.0`

confirmCaption=`REBOOTING`
confirmX=115
confirmY=145
confirmWidth=161
confirmHeight=83
confirmNumControls=5

confirm01=`10,10,144,DEFAULT,STATICTEXT,DEFAULT,"SnapShot needs to reboot
   your computer to begin the utility. "`
confirm02=`10,28,136,DEFAULT,STATICTEXT,DEFAULT,"Click "OK" to reboot
   your computer and run SnapShot"`
confirm03=`10,40,92,DEFAULT,STATICTEXT,DEFAULT,"Click "Cancel" to abort
   Snapshot"`
confirm04=`22,62,48,DEFAULT,PUSHBUTTON,DEFAULT,"OK",1`
confirm05=`90,62,48,DEFAULT,PUSHBUTTON,DEFAULT,"Cancel",2`

confirmBP=Dialog("confirm")

If confirmBP==2 Then GoSub Leave
EndIf
Return

:REBOOT
wntShutdown("","Your computer will now reboot and run SnapShot.   This
   will take several minutes.",10,@FALSE,@TRUE)
Return




                                   67
Appendix K: SnapShot “Snap” Ghost command switch files
     Snswitch.txt – for taking a snapshot
     -batch
     -clone,mode=pdump,SRC=1:2,DST=e:\SnapShot\Snap\snapshot.gho
     -quiet
     -z
     -fnf
     -sure
     -rb

     -batch = Prevents abort messages that wait for user acknowledgement
     -clone,mode=pdump,SRC=1:2,DST=e:\SnapShot\Snap\snapshot.gho
     -clone = specifies the cloning operation that you want Ghost to perform
     mode=pdump = dumping a partition to an image
     SRC=1:2 = gives location of partition to create image from. The
        specified partition is on Hard Drive #1, Partition #2
     DST=e:\SnapShot\snapshot.gho = destination and file name to which
        the partition image will be saved
     -quiet= QUIET mode. No user intervention allowed and no screen display.
     -z = Compression rate at which to save the image. –Zx where x is
        a number between 1 and 9. 1 is the fastest compression and is
        also the default if no number is given with the –Z switch.
     -fnf = Turns off Fingerprint creation.
     -sure = Used in conjunction with -CLONE to avoid the final proceed prompt.
     -rb = In batch mode, this forces automatic reboot after completion.




                                      68
Appendix L: SnapShot “Shot” Ghost command switch files
     Shswitch.txt – for taking a snapshot
     -batch
     -clone,mode=pload,SRC=e:\SnapShot\Snap\snapshot.gho,DST=1:2
     -quiet
     -fnf
     -sure
     -rb
     -batch = Prevents abort messages that wait for user acknowledgement
     -clone,mode=pload,SRC=e:\SnapShot\Snap\snapshot.gho,DST=1:2
     -clone = specifies the cloning operation that you want Ghost to perform
     mode=pdump = dumping a partition to an image
     SRC= e:\SnapShot\snapshot.gho = source path and file name of
         image to be loaded
     DST=1:2 = destination of image to be loaded. The destination
         partition listed here is on Hard Drive #1, Partition #2
     -quiet= QUIET mode. No user intervention allowed and no screen display.
     -fnf = Turns off Fingerprint creation.
     -sure = Used in conjunction with -CLONE to avoid the final proceed prompt.
     -rb = In batch mode, this forces automatic reboot after completion.




                                        69
Appendix M: RMounter v1.2.1.0 Source Code
     ;Rmounter
     ; Used after SYSPREP image is loaded to setup the proper "SourcePath",
        STORAGE Partition directories, Lazarus and Snapshot shortcuts, and
        drive letters and mount points

     regkey=RegOpenKey(@REGMACHINE,"SOFTWARE\Microsoft\Windows\CurrentVersion\
        Setup")
     RegSetValue(regkey,"[SourcePath]","D:\")
     RegSetValue(regkey,"[ServicePackSourcePath]","D:\")
     RegCloseKey(regkey)

     ;Place Lazarus and Snapshot shortcuts in the All Users' Administrative
        Tools
     LnkDes=("D:\Documents and Settings\All Users\Start
        Menu\Programs\Administrative Tools")
     LnkSrc=("C:\DF\ReMounter")
     lazLnk=("%LnkDes%\Lazarus.lnk")
     snpLnk=("%LnkDes%\Snapshot.lnk")

     If !(FileExist(lazLnk)) Then
        FileCopy("%LnkSrc%\Lazarus.lnk","%LnkDes%\",@False)
     EndIf

     If !(FileExist(snpLnk)) Then
        FileCopy("%LnkSrc%\Snapshot.lnk","%LnkDes%\",@False)
     EndIf

     ;Create the STORAGE Partition directory structure and copy ghost.exe to
        it

     snapdir=("F:\SnapShot\Snap")
     ghostdir=("F:\Ghost")

     If !(DirExist(snapdir)) Then
        DirMake(snapdir)
     EndIf

     If !(DirExist(ghostdir)) Then
        DirMake(ghostdir)
     EndIf

     ghostSrc=("C:\DF\ReMounter\ghost.exe")
     ghostDes=("%ghostdir%\ghost.exe")

     If ((FileExist(ghostSrc)) && (!(FileExist(ghostDes)))) Then
        FileCopy("%ghostSrc%","%ghostDes%",@FALSE)

     ;Hide Partitions and reassign drive letters
     utils=("C:\DF\SYS\")

     RunHideWait(Environment("COMSPEC"),"/c %utils%mountvol > volids.txt")
     volids=FileOpen("volids.txt","READ")

     RunHideWait(Environment("COMSPEC"),"/c %utils%delrp d:\I386")
     DirMake("d:\I386")

     A = ""
     B = ""
     i386ID = ""
     storageID = ""



                                     70
jazID = ""
cdromID = ""

while (B != "*EOF*")
   A = B
   B = StrTrim(FileRead(volids))

   If ((B == "E:\") | (B == "*** NO MOUNT POINTS ***"))      Then
      i386ID = A
   EndIf

   If B == "F:\" Then
      storageID = A
   EndIf

      If B == "G:\" Then
      jazID = A
   EndIf

   If B == "H:\" Then
      cdromID = A
   EndIf

EndWhile

ie_i386ID=ItemExtract(4,i386ID,"\")
ie_storageID=ItemExtract(4,storageID,"\")
ie_jazID=ItemExtract(4,jazID,"\")
ie_cdromID=ItemExtract(4,cdromID,"\")

RunHideWait(Environment("COMSPEC"),"/c %utils%mountvol d:\I386
   \\?\%ie_i386ID%\")

RunHideWait(Environment("COMSPEC"),"/c   %utils%mountvol   E:\   /D")
RunHideWait(Environment("COMSPEC"),"/c   %utils%mountvol   F:\   /D")
RunHideWait(Environment("COMSPEC"),"/c   %utils%mountvol   G:\   /D")
RunHideWait(Environment("COMSPEC"),"/c   %utils%mountvol   H:\   /D")

RunHideWait(Environment("COMSPEC"),"/c %utils%mountvol E:\
   \\?\%ie_jazID%\")
RunHideWait(Environment("COMSPEC"),"/c %utils%mountvol F:\
   \\?\%ie_cdromID%\")

FileClose(volids)

Exit




                                71
Appendix N: Example of mount.vol GUID list
     Creates, deletes, or lists a volume mount point.

     MOUNTVOL [drive:]path VolumeName
     MOUNTVOL [drive:]path /D
     MOUNTVOL [drive:]path /L

         path         Specifies the existing NTFS directory where the mount
                        point will reside.
         VolumeName   Specifies the volume name that is the target of the mount
                        point.
         /D           Removes the volume mount point from the specified
                        directory.
         /L           Lists the mounted volume name for the specified
                        directory.

     Possible values for VolumeName along with current mount points are:

         \\?\Volume{5cc6e393-495b-11d5-8fb9-806d6172696f}\
             C:\

         \\?\Volume{5cc6e391-495b-11d5-8fb9-806d6172696f}\
             D:\

         \\?\Volume{69f25d58-6cbe-11d5-9bd3-806d6172696f}\
             P:\

         \\?\Volume{5cc6e38d-495b-11d5-8fb9-806d6172696f}\
             Z:\

         \\?\Volume{5cc6e38e-495b-11d5-8fb9-806d6172696f}\
             X:\

         \\?\Volume{5cc6e38f-495b-11d5-8fb9-806d6172696f}\
             Y:\

         \\?\Volume{5cc6e38c-495b-11d5-8fb9-806d6172696f}\
             A:\




                                        72
Appendix O: “Test-Lab User GP”

       pushed to w2k-pilot.vt.edu/VT/TEST-LAB OU (v1.3, 011129)

Computer Configuration settings=Enabled
User Configuration settings=Enabled

Figure 18: Test-Lab GPO Properties




                                          73
Computer Configuration
Administrative Templates

Administrative Templates Network

Administrative Templates NetworkOffline Files

Figure 19




                                              74
   ***Event logging level=[Not configured] Enabled – 3 (Log „server offline‟, „net stopped‟ and „net
       started‟, and „server available for reconnection‟)

Figure 20




                                                75
       ***Subfolders always available offline=[Not configured] Enabled

Figure 21




                                               76
User Configuration
Windows Settings

Windows Settings Internet Explorer Maintenance  Security

Figure 22




                                               77
   ***Security Zones and Content Ratings=[blank] Under the “Security Zones” section, I clicked
           “Modify Settings” which brought up a typical IE Security configuration window. I
           selected “Trusted Sites”, clicked on the “Sites” button, added “tron.test-lab.w2k-
           pilot.vt.edu”, and unchecked “Require server verification (https:) for all sites in this
           zone”. I added this object to fix an issue with opening an Access DB from the user’s My
           Documents/Desktop Folder.

Figure 23




                                                 78
Figure 24




Figure 25




            79
Windows Settings Folder Redirection (Right-click on the individual component and select properties to
modify the policy)

Figure 26




                                                  80
   ***Desktop=[No administrative policy specified] Basic – Redirect everyone‟s folder to the same
      location; Target folder location: \\tron.ais-pilot.w2k-
      pilot.vt.edu\Stores\Users\%username%\Desktop
      [Settings Tab -- clear the “Grant the user exclusive rights to Desktop” box]

Figure 27




                                                81
   ***My Documents=[No administrative policy specified] Basic – Redirect everyone‟s folder to the
      same location; Target folder location: \\tron.ais-pilot.w2k-pilot.vt.edu\
      UsersData\%username%\My Documents
      [Settings Tab -- clear the “Grant the user exclusive rights to My Documents” box]

Figure 28




                                               82
       ***My Pictures=[ No administrative policy specified] Follow the My Documents folder

Figure 29




                                               83
Administrative Templates

Administrative TemplatesStart Menu & Taskbar

Figure 30




                                                84
       ***Add Logoff to the Start Menu=[Not configured] Enabled

Figure 31




                                              85
Administrative TemplatesDesktop

Figure 32




                                   86
       ***Remove My Documents icon from desktop=[Not configured] Disabled

Figure 33




                                             87
       ***Prohibit user from changing My Documents path=[Not configured] Enabled

Figure 34




                                              88
Administrative TemplatesNetworkOffline Files

Figure 35




                                             89
       ***Synchronize all offline files before logging off=[Not configured] Enabled

Figure 36




                                                 90
   ***Action on server disconnect=[Not configured] Enable – Action: Work offline (Server‟s files are
      available to local computer

Figure 37




                                                91
       ***Disable 'Make Available Offline'=[Not configured] Enabled

Figure 38




                                               92
   ***Administratively assigned offline files=[Not configured] Enabled – Specify network files and
      folders that are always available offline (\\%computername%\Documents and
      Settings\%username%\My Documents; \\%computername%\Documents and
      Settings\%username%\Desktop)

Figure 39




Figure 40




                                                93
   ***Event logging level=[Not configured] Enabled – 3 (Log „server offline‟, „net stopped‟ and „net
       started‟, and „server available for reconnection‟)

Figure 41




                                                94
Administrative TemplatesSystemLogon/Logoff

Figure 42




                                           95
   ***Exclude directories in roaming profile=[Not configured] Enabled – Temporary Internet Files;
       History; Temp; Windows; Start Menu

Figure 43




                                                96
Appendix P: “Slow Link Policy” GPO

       pushed to entire test-lab.w2k-pilot.vt.edu/Laptops OU (v1.2, 020208)

Computer Configuration settings=Enabled
User Configuration settings=Disabled

Figure 44: Slow Link GPO Properties




                                           97
Computer Configuration
Administrative Templates

Administrative TemplatesSystemLogon

Figure 45




                                        98
   ***Do not detect slow network connections=[Not configure] Disabled

Figure 46




                                               99
   ***Slow network connection timeout for user profiles=[Not configured] Endabled – Connection
       speed (Kbps): 500 or Time (milliseconds): 120

Figure 47




                                              100
   ***Prompt user when slow link is detected=[Not configured] Enabled

Figure 48




                                               101
   ***Timeout for dialog boxes=[Not configured] Enabled – Time (seconds): 45

Figure 49




                                              102
Administrative Templates NetworkOffline Files

Figure 50




                                             103
   ***Enabled=[Not configured] Enabled

Figure 51




                                         104
   ***Disable user configuration of Offline Files=[Not configured] Enabled

Figure 52




                                                105
   ***Synchronize all offline files before logging off=[Not configured] Enabled

Figure 53




                                                106
   ***Action on server disconnect=[Not configured] Enabled – Work offline

Figure 54




                                              107
   ***Administratively assigned offline files=[Not configured] Enabled – Specify network files and
      folders that are always available offline (\\%computername%\Documents and
      Settings\%username%\My Documents; \\%computername%\Documents and
      Settings\%username%\Desktop)

Figure 55




Figure 56




                                                108
       ***Subfolders always available offline=[Not configured] Enabled

Figure 57




                                               109
Appendix Q: “Add Users” .csv file syntax
      [User]
      UserName,FullName,Password,Comment,HomeDriveAndPath,Profile,Script,
       [Global]
      GlobalGroupName,Comment,UserName, ...
       [Local]
      LocalGroupName,Comment,UserName, ...




                                          110
Appendix R: W2k-Pilot “AddUser.csv”
     [User]
     Username,username(reverse) ,,,,\\tron.test-lab.w2k-pilot.vt.edu\UserData\%username%\Profile\,




                                              111
Appendix S: Populus v1.0.0.0 Source
     ;POPULUS -- beta v.1 --
     ; Local program to automate the creation of the Profile and Redirected
        Folders directories on TRON and set the proper NTFS permissions,
        %username% Full, System Full
     ;      Will create directories one PID (just enter the PID in the field)
        at a time or multiple PIDs (using a line-delimited text file)

     localpath = FilePath(WinExeName(""))

     ;Add Required WIL Extender(s)
     AddExtender("wwwnt34i.dll")

     ;Remove previous InvalidUsers.log and create a new one
     If FileExist("%localpath%InvalidUsers.log") == 1 Then
        FileDelete("%localpath%InvalidUsers.log")
     EndIf

     ;Run the OPTION Sub-Routine
     GoSub OPTION

     ;Check for the existence of the E:\UserData folder
     path = "E:\UserData"
     If !DirExist(path) Then
        Message("Directy Path Doesn't Exist","Verify the Existence of the
        Directory Path and Re-run Populus.%@CRLF%Path should be E:\UserData")
        GoSub LEAVE
     EndIf

     While chk1 == "0"
        Message("Invalid Selection", "You must choose at least one Folder to
        create.")
        GoSub OPTION
     EndWhile

     Switch rad1
        Case 1
            pid = "PID"
            While ((pid == "") | (pid == "PID"))
                   IndFormat=`WWWDLGED,5.0`

                  IndCaption=`Individual User`
                  IndX=61
                  IndY=82
                  IndWidth=104
                  IndHeight=75
                  IndNumControls=4

                  Ind01=`14,8,64,DEFAULT,STATICTEXT,DEFAULT,"Enter the User's
        PID"`
                  Ind02=`12,24,64,DEFAULT,EDITBOX,pid,"PID"`
                  Ind03=`12,42,36,DEFAULT,PUSHBUTTON,DEFAULT,"OK",1`
                  Ind04=`54,42,36,DEFAULT,PUSHBUTTON,DEFAULT,"Cancel",2`

                  listBP=Dialog("Ind")

                  If listBP==2 Then GoSub LEAVE

                  If ((pid == "") | (pid == "PID")) Then
                         Message("Invalid PID", "You Must Enter A PID")
                  EndIf



                                     112
      EndWhile
   Break
   Case 2
      list = "USERLIST"
      While ((list == "") | (list == "USERLIST"))
             IndFormat=`WWWDLGED,5.0`
             IndCaption=`Multiple Users`
             IndX=61
             IndY=82
             IndWidth=100
             IndHeight=67
             IndNumControls=4

             Ind01=`14,8,76,DEFAULT,STATICTEXT,DEFAULT,"Enter the User
   List Location"`
             Ind02=`12,24,64,DEFAULT,EDITBOX,list,"USERLIST"`
             Ind03=`12,42,36,DEFAULT,PUSHBUTTON,DEFAULT,"OK",1`
             Ind04=`54,42,36,DEFAULT,PUSHBUTTON,DEFAULT,"Cancel",2`

             listBP=Dialog("Ind")

             If listBP==2 Then GoSub LEAVE

             If ((list == "") | (list == "PID")) Then
                    Message("Invalid Selection", "You Must Enter a valid
   path")
              EndIf
       EndWhile
   Break
EndSwitch

If rad1 == 1 Then
   GoSub ONE
Else
   GoSub MULTI
EndIf

:LEAVE
Exit

Return

:OPTION
PopulusFormat=`WWWDLGED,5.0`

PopulusCaption=`Populus`
PopulusX=61
PopulusY=82
PopulusWidth=144
PopulusHeight=88
PopulusNumControls=10

Populus01=`16,24,50,DEFAULT,CHECKBOX,chk1,"Roaming Profile",1`
Populus02=`16,36,50,DEFAULT,CHECKBOX,chk1,"My Documents",2`
Populus03=`16,48,50,DEFAULT,CHECKBOX,chk1,"Desktop",4`
Populus04=`86,24,52,DEFAULT,RADIOBUTTON,rad1,"Individual User",1`
Populus05=`30,68,36,DEFAULT,PUSHBUTTON,DEFAULT,"Process",1`
Populus06=`84,68,36,DEFAULT,PUSHBUTTON,DEFAULT,"Cancel",2`
Populus07=`86,48,48,DEFAULT,RADIOBUTTON,rad1,"Multiple Users",2`
Populus08=`94,36,36,DEFAULT,STATICTEXT,DEFAULT,"OR"`
Populus09=`10,8,60,DEFAULT,STATICTEXT,DEFAULT,"FOLDERS TO CREATE"`
Populus10=`78,8,58,DEFAULT,STATICTEXT,DEFAULT,"NUMBER OF USERS"`




                               113
optBP=Dialog("Populus")

If optBP==2 Then GoSub LEAVE

Return

;Sub-Routine for Single User
:ONE
   GoSub CREATE

Return
;Sub-Routine for Multiple Users
:MULTI

pid = ""
pidlist = FileOpen(list,"READ")

;Process the PID List and look for invalid PIDs

time = Timedate()
noExistLogCreate = FileOpen("%localpath%InvalidUsers.log","WRITE")
FileWrite(noExistLogCreate,"%time% -- Invalid User Log")
FileClose(noExistLogCreate)

While (pid != "*EOF*")
   pid = StrTrim(FileRead(pidlist))
   noExist = wntUserExist("\\BONOBOS","%pid%")
       If noExist == 0 Then
              noExistLogAppend =
   FileOpen("%localpath%InvalidUsers.log","APPEND")
              FileWrite(noExistLogAppend,"%pid%")
              FileClose(noExistLogAppend)
       EndIf
EndWhile

FileClose(pidlist)

;Show the InvalidUsers.log file to the operator so he can determine if
   there are invalid accounts. Anything between the Date line and the
   *EOF* line are invalid accounts.
RunWait("notepad.exe","%localpath%InvalidUsers.log")
invPIDs = AskYesNo("Any Invalid Accounts?", "Were there invalid
   accounts?%@CRLF%Select 'YES' to exit Populus and edit the user
   list.%@CRLF%Otherwise, select 'NO' to continue.")
   If invPIDs == @YES Then
       GoSub LEAVE
   EndIf

;Use PID list to create the User Folders and Set Permissions
pid = ""
nextpid = ""
pidlist = FileOpen(list,"READ")

While (pid != "*EOF*")
   pid = StrTrim(FileRead(pidlist))
       If pid == "*EOF*" Then
              Break
       EndIf
   GoSub CREATE
EndWhile

Return




                                  114
;Sub-Routine for creating the folders
:CREATE
fullpath = StrCat(path,"\",pid)

DirMake(fullpath)

Switch chk1
   Case 0
       Message("Invalid Variable","Invalid 'chk1' variable.   Debug and
   re-run Populus.%@CRLF%Value cannot = 0 (zero)")
       GoSub LEAVE
   Break
   Case 1
;      GoSub PROFILE
       GoSub PERMS
   Break
   Case 2
       GoSub MYDOCS
       GoSub PERMS
   Break
   Case 3
;      GoSub PROFILE
       GoSub MYDOCS
       GoSub PERMS
   Break
   Case 4
       GoSub DESKTOP
       GoSub PERMS
   Break
   Case 5
;      GoSub PROFILE
       GoSub DESKTOP
       GoSub PERMS
   Break
   Case 6
       GoSub MYDOCS
       GoSub DESKTOP
       GoSub PERMS
   Break
   Case 7
;      GoSub PROFILE
       GoSub MYDOCS
       GoSub DESKTOP
       GoSub PERMS
   Break
EndSwitch

Return

;:PROFILE
;prof = "Profile"
;ProfilePath = StrCat(fullpath,"\",prof)
;DirMake(ProfilePath)
;Return

:MYDOCS
docs = "My Documents"
MyDocsPath = StrCat(fullpath,"\",docs)
DirMake(MyDocsPath)

Return

:DESKTOP



                               115
desk = "Desktop"
DesktopPath = StrCat(fullpath,"\",desk)
DirMake(DesktopPath)

Return

;Sub-Routine for setting the proper NTFS permissions on the users'
   directories, %username% - Full, SYSTEM - Full
:PERMS

svrname = "BONOBOS"
uncpath = StrCat("\\",svrname)
acct = StrCat("W2k-Pilot","\",pid)

wntAccessAdd(uncpath,fullpath,acct,300,"Dir2K:Full",4)
wntAccessAdd(uncpath,fullpath,"SYSTEM",300,"Dir2K:Full",4)
;wntAccessMod(uncpath,fullpath,300,2,1)

Return




                               116
Appendix T: Procedure for Adding a new user to the AIS/W2k-Pilot

   1.   Create the user
            a. Create a ―comma separated value (csv)‖ text file containing the following syntax and user
                 attributes (For a large number of users, you can create the file in a spreadsheet program,
                 such as Excel, and then save it as a .csv file, then rename the .csv file it to a .txt file)
                        i. SYNTAX
                                 1. User Name , Full name, Password, Description, HomeDrive,
                                      Homepath, Profile, Script
                       ii. ATTRIBUTES
                                 1. User Name = PID
                                 2. Full name
                                 3. Password
                                 4. Profile = Full path to the storage location of the users Roaming Profile,
                                      i.e. \\Fully Qualified Domain Name
                                      (FQDN)\UserData\%username%\Profile\
                      iii. TEXT FILE EXAMPLE: (For the attributes that aren‘t used, still add the
                            commas)
                                 LINE 1:
                                      [User]
                                 LINE 2:
                                      <PID1>,<fullname1>,<password>,,,,\\servername.test-lab.w2k-
                                            pilot.vt.edu\UserData\%username%\Profile\
                                 LINE 3 (and following):
                                      <PID2>,<fullname2>,<password>,,,,\\servername.test-lab.w2k-
                                            pilot.vt.edu\UserData\%username%\Profile\
                      iv. SAMPLE TEXT FILE (Lines shouldn‘t wrap):
                                 [User]
                                 msmith,Mike Smith,changeme,,,,\\tron.test-lab.w2k-
                                      pilot.vt.edu\UserData\%username%\Profile\
                                 ndoe,Nancy Doe, changeme,,,,\\tron.test-lab.w2k-
                                      pilot.vt.edu\UserData\%username%\Profile\
                                 jluser,Joe L. User, changeme,,,,\\tron.test-lab.w2k-
                                      pilot.vt.edu\UserData\%username%\Profile\
            b. Save the text file to a location that is accessible by a Domain Controller (DC) of the
                 domain in which the user accounts will reside or copy the file to a floppy disk
            c. Also save a copy of the ―addusers.exe‖ utility from the Windows 2000 Server Resource
                 Kit to the same location as the text file (either network share or floppy disk)
            d. Login to the DC of the domain in which the user accounts will reside and download the
                 txt file (or copy it from the floppy disk)
            e. Open up DOS window by typing ―cmd‖ from the ―Run…‖ utility
            f. Change the prompt to the location in which you save the addusers.exe file and the text
                 file by using the ―cd‖ command
                        i. If you saved the files to c:\temp\utility\ directory, at the command prompt type
                            the following
                                 <type>
                                      cd \                                   Goes to the root level
                                      cd temp\utility                 changes to the c:\temp\utility>
            g. Run the addusers.exe with the following variables, where DC Name is the NetBIOS name
                 of the DC, FilePath is the location of the comma-delimited text file, and FileName.txt is
                 the actual name of the text file:
                                 <type>
                                      addusers \\DC Name /c c:\FilePath\FileName.txt




                                                   117
         h.   Text should begin to stream by in the DOS window, displaying either that the account
              was created or it failed
                   i. If an account creation failed, check the following:
                           1. See if an account by this name already exists, if so either user a
                                 different name or delete the already created account
                           2. Verify that the correct syntax is used for the individual account in the
                                 text file
         i.   In Active Directory Users and Computers, verify that they accounts have been created
              and move them to the proper Organizational Unit (OU)
         j.   NOTE—by default, all user accounts created via the addusers.exe utility are set to ―User
              must change password at next login‖. To disable this, use the ―/p‖ switch when you run
              addusers.exe

2.   Use the ―Populus‖ utility to create user data folders in the UserData share and set ACLs on the
     folders [NOTE—Populus verifies the existence of the user accounts before it creates the folders so
     the account creation must be done first]
          a. Preparations prior to running Populus
                    i. For the creation of data folders for INDIVIDUAL USERS, simply run Populus
                       and follow the instructions
                   ii. For the creation of data folders for MULTIPLE USERS, create a line-delimited
                       text file containing the user account names only (no preceding or trailing
                       carriage returns) [NOTE--If you created a text document from an Excel
                       spreadsheet for the User Account Creation, you can save the first column, which
                       contains the User Name attribute, to a text file and save it.]
                            1. SYNTAX
                                      a. User Name
                            2. ATTRIBUTES
                                      a. User Name = PID
                            3. TEXT FILE EXAMPLE:
                                      LINE 1:
                                           user01
                                      LINE 2:
                                           user02
                                      LINE 3:
                                           user03
                                      LINE 4:
                                           etc.
                            4. SAMPLE TEXT FILE:
                                      msmith
                                      ndoe
                                      jluser
                  iii. Save the text file to a location that is accessible by a TRON or copy the file to a
                       floppy disk
                  iv. Log into TRON and copy the Populus text file to a location on TRON. A good
                       place is in the same directory as the Populus utility, E:\0_Installed\Populus.
          b. POPULUS LOCATION:
                    i. Populus is located on TRON.TEST-LAB.W2K-PILOT.VT.EDU at
                       E:\0_Installed\Populus\Populus.exe
                   ii. You can run Populus by either of the following methods
                            1. Click on ―Start‖‖Run…‖; In the ―Run‖ window that appears, type
                                  ―E:\0_Installed\Populus\Populus.exe‖ and click the ―OK‖ button
                            2. Via Windows Explorer or My Computer, browse to
                                  ―E:\0_Installed\Populus‖ and double click on ―Populus.exe‖
          c. SINGLE USER
                    i. For creation of data folders for a single user, run Populus and select the
                       following:


                                                118
                             1.   Under ―FOLDERS TO CREATE‖, select
                                      a. My Documents
                                      b. Desktop
                                      c. Do not select ―Roaming Profiles‖, this folder will be created
                                           auto-magically when the user first logs on and his/her profile
                                           is generated. Future versions of Populus will remove this
                                           folder option.
                             2.   Under ―NUMBER OF USERS‖, select
                                      a. ―Individual User‖
                             3.   Click the ―Process‖ button

Figure 58: Options Dialog Box – selecting individual user




                             4.   In the ―Individual User‖ window that appears
                                       a. Enter the User‘s PID in the ―PID‖ field and click the ―OK‖
                                            button to create the user data folders selected and set the
                                            proper user NTFS Permissions

Figure 59: Individual User




                                                 119
            d.   MULTIPLE USERS
                    i. For creation of data folders for a multiple users, run Populus and select the
                       following:
                            1. Under ―FOLDERS TO CREATE‖, select
                                     a. My Documents
                                     b. Desktop
                                     c. Do not select ―Roaming Profiles‖, this folder will be created
                                         auto-magically when the user first logs on and his/her profile
                                         is generated. Future versions of Populus will remove this
                                         folder option.
                            2. Under ―NUMBER OF USERS‖, select
                                     a. ―Individual User‖
                            3. Click the ―Process‖ button

Figure 60: Options – selecting multiple users




                              4.   In the ―Multiple Users‖ window that appears
                                        a. Enter the full path to the location of the Populus text file
                                            created in the ―Preparations prior to running Populus‖ section
                                            (for example, ―E:\0_Installed\Populus‖) and click the ―OK‖
                                            button to have Populus process the text file and verify the user
                                            accounts existence.

Figure 61: Enter User List Location




                                                   120
                               5.   Populus will then open up ―InvalidUsers.log‖ in Notepad and display
                                    any user accounts in the Populus text file that do not have
                                    corresponding domain user accounts.
                                        a. If there are no invalid user accounts, the file will be displayed
                                             like the following:

Figure 62: Invalid Users Log file – no invalid users in user list




                                        b.   If there are invalid user accounts, the file will be displayed
                                             like the following, with ―blah4‖ and ―blah5‖ being invalid
                                             user accounts:

Figure 63: Invalid Users Log file –invalid users found in user list




                                                    121
                              6.   Populus will wait to continue until you have closed Notepad at which
                                   time it will present you with the ―Any Invalid Accounts?‖ message box
                                       a. If there are invalid accounts, click on the ―Yes‖ button to
                                            cancel Populus. Create the needed accounts or fix the entries
                                            in the Populus text file and re-run Populus
                                       b. If there are no invalid accounts, click on the ―No‖ button and
                                            Populus will finish processing the text file and create the user
                                            data folders selected and set the proper user NTFS
                                            Permissions

Figure 64: Cancel box if invalid users were found in user list




                                                   122
           e.   Post-Populus Permission Cleanup
                     i. The current version of Populus does not remove the NTFS File Inheritance
                        option for the file permissions. This must be done manually. This is due to a
                        limitation in the Winbatch programming language and should be fixed with a
                        new version of Populus when Winbatch is updated.
                             1. After the user data folders are created, modify the NTFS Permissions to
                                 remove permissions for the ―Authenticated Users‖ group and the
                                 ―Domain Admins‖ group.
                                       a. Browse to ―E:\UserData‖, right-click on the user data folder
                                            just created (the folder named with his/her PID), and select
                                            ―Properties‖ from the context menu that appears.
                                       b. In the ―%FolderName% Properties‖ window, click on the
                                            ―Security Tab‖ and uncheck the option ―Allow inheritable
                                            permissions from parent to propagate to this object‖

Figure 65: Post-Populus Permission Cleanup




                                                 123
                                      c.   In the ―Security‖ window that appears, click on the ―Remove‖
                                           button

Figure 66: Remove Inherited Permissions




                                      d.   In the ―%FolderName% Properties‖ window, click on the
                                           ―Advanced‖ button
                                      e.   In the ―Access Control Setting for %FolderName%‖, click to
                                           enable the ―Reset permissions on all child objects and enable
                                           propagation of inheritable permissions.‖ option and click the
                                           ―OK‖ button

Figure 67: Reset Permissions on all child objects




                                                    124
                                     f.    In the ―Security‖ message that appears, click on the ―Yes‖
                                           button

Figure 68: Permission Reset Verification




                                     g.    Click on the ―OK‖ button to close the ―%FolderName%
                                           Properties‖ window

Figure 69: Closing the Security Window




                                                 125

								
To top