Feeds

What does this button do?

Desktop imaging lessons learned

  • alert
  • submit to reddit

Internet Security Threat Report 2014

The more complex an application (and Ghost is immense), the greater the chance that some new piece of hardware can trip it up. As such it is a good idea to keep your copy of ghost up to date. In my years of using it, there are many times where a Ghost CD wouldn’t work with a particular computer’s combination of hardware, yet a Liveupdate and a burned CD later and Ghost is working just fine on that very same computer.

The downside to these “neat features” can be their quirkiness. Take as an example Ghost’s ability to save images as a VMDK. As might be expected with the ability of Vista (or newer) operating systems to sysprep themselves into a hardware-agnostic “genericised” version, these operating systems convert into virtual machines quite well. Older operating systems that lack this ability (such as Windows XP) are far more hit-or-miss. Ghost tries hard - its ability to defang the XP HAL, or even to genericise Linux boxes is quite good, but it doesn’t work all the time, or worse yet sometimes it works but not quite all the way.

Ghost does the best job of all the desktop deployment solutions I’ve examined at taking an image from one computer, genericising it and deploying it to computers with completely different hardware. Still, it can and does fall prey to some nasty field-wide bugs. Perhaps the most annoying bug has to do with AHCI mode and SATA drives.

Most Windows XP systems administrators will by now have run into at least one situation whereby Windows XP uses one set of drivers for a given motherboard when AHCI is on, and one set of drivers if AHCI is off. This can cause real problems when deploying desktop images. You can be deploying an image onto identical hardware, yet if AHCI is not configured identically on the target system compared to the donor system, then bad things ensue.

A large number of errors encountered with imaging applications are errors of procedure rather than technology. Imaging solutions such as Ghost or Clonezilla offer you the opportunity to image a partition to a file. (For example your boot drive onto a file residing on a larger data drive in the same system.) It is painful how many times I have seen administrators try to ghost an image of a partition into a file on the partition they are trying to image.

Forgetting to enable compression is another mistake. When you are imaging a 500GB hard drive, of which only 10GB is occupied, compression is a very good idea. A 500GB raw image containing 490GB of empty space will make your storage admin cry. Multicasting images to multiple desktops brings its own risks. Never forget the nature and topology of your network when working with multicast. Unless you have some very nice switches (ones that will not forward multicast packets unless there are listeners on that port), turning on a multicast desktop deployment can absolutely flatten a network.

The worst example I have heard was a smaller business using an appliance iSCSI server as both a central file storage device and as a back-end for some virtualization. This was not on a separate storage network but on the main LAN with everything else. A multicast desktop imaging deployment to five PCs was attempted, the image files for which were also stored on this iSCSI server. The results were rather unpleasant, and saw the corruption of several very important files that the virtual machines were running, as well as some very badly-imaged desktops.

Desktop imaging is one of the most useful and important tools in a system administrator’s tool bag. It can be used for backing up a system prior to making some major or experimental change, to lighten our workload by deploying a standard image to multiple computers or even just to deal with a system where “someone, not me” got a virus. It is however a complex technology - easy enough to understand the basics of, but mature and feature-rich. Considering the kind of damage that you can do with imaging applications, I thoroughly recommend taking the time to research the options available and test them out in a lab environment. Most importantly, do not use any of these tools in the field until you understand fully how they work, and more importantly how they can go wrong. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
DEATH by COMMENTS: WordPress XSS vuln is BIGGEST for YEARS
Trio of XSS turns attackers into admins
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.