What does this button do?
Desktop imaging lessons learned
The more complex an application (and Ghost is immense), the greater the chance that some new piece of hardware can trip it up. As such it is a good idea to keep your copy of ghost up to date. In my years of using it, there are many times where a Ghost CD wouldn’t work with a particular computer’s combination of hardware, yet a Liveupdate and a burned CD later and Ghost is working just fine on that very same computer.
The downside to these “neat features” can be their quirkiness. Take as an example Ghost’s ability to save images as a VMDK. As might be expected with the ability of Vista (or newer) operating systems to sysprep themselves into a hardware-agnostic “genericised” version, these operating systems convert into virtual machines quite well. Older operating systems that lack this ability (such as Windows XP) are far more hit-or-miss. Ghost tries hard - its ability to defang the XP HAL, or even to genericise Linux boxes is quite good, but it doesn’t work all the time, or worse yet sometimes it works but not quite all the way.
Ghost does the best job of all the desktop deployment solutions I’ve examined at taking an image from one computer, genericising it and deploying it to computers with completely different hardware. Still, it can and does fall prey to some nasty field-wide bugs. Perhaps the most annoying bug has to do with AHCI mode and SATA drives.
Most Windows XP systems administrators will by now have run into at least one situation whereby Windows XP uses one set of drivers for a given motherboard when AHCI is on, and one set of drivers if AHCI is off. This can cause real problems when deploying desktop images. You can be deploying an image onto identical hardware, yet if AHCI is not configured identically on the target system compared to the donor system, then bad things ensue.
A large number of errors encountered with imaging applications are errors of procedure rather than technology. Imaging solutions such as Ghost or Clonezilla offer you the opportunity to image a partition to a file. (For example your boot drive onto a file residing on a larger data drive in the same system.) It is painful how many times I have seen administrators try to ghost an image of a partition into a file on the partition they are trying to image.
Forgetting to enable compression is another mistake. When you are imaging a 500GB hard drive, of which only 10GB is occupied, compression is a very good idea. A 500GB raw image containing 490GB of empty space will make your storage admin cry. Multicasting images to multiple desktops brings its own risks. Never forget the nature and topology of your network when working with multicast. Unless you have some very nice switches (ones that will not forward multicast packets unless there are listeners on that port), turning on a multicast desktop deployment can absolutely flatten a network.
The worst example I have heard was a smaller business using an appliance iSCSI server as both a central file storage device and as a back-end for some virtualization. This was not on a separate storage network but on the main LAN with everything else. A multicast desktop imaging deployment to five PCs was attempted, the image files for which were also stored on this iSCSI server. The results were rather unpleasant, and saw the corruption of several very important files that the virtual machines were running, as well as some very badly-imaged desktops.
Desktop imaging is one of the most useful and important tools in a system administrator’s tool bag. It can be used for backing up a system prior to making some major or experimental change, to lighten our workload by deploying a standard image to multiple computers or even just to deal with a system where “someone, not me” got a virus. It is however a complex technology - easy enough to understand the basics of, but mature and feature-rich. Considering the kind of damage that you can do with imaging applications, I thoroughly recommend taking the time to research the options available and test them out in a lab environment. Most importantly, do not use any of these tools in the field until you understand fully how they work, and more importantly how they can go wrong. ®
Sponsored: 2016 Cyberthreat defense report