The installation process for Windows Server 2003 is basically the same as in Windows 2000. You can perform network installations or CD-based installations, including booting from CD. Similar to the previous version, the setup process has several phases. There is a DOS-style initial phase for configuring and formatting drives and selecting the installation location. This is followed by a graphical (GUI) phase in which system hardware is detected; licensing is configured, including entering the license key; the computer name and administrator password are specified; network settings and regional options are configured; and the computer can be joined to a domain. All this is basically the same as in previous versions?the differences in the installation process are in the available options and what you can configure.
Just like in previous versions, you can perform an installation from the Windows CD or from source files across the network. We'll start with a walk-through of a CD-based install, specifically booting from CD, and then take a look at network-based installations. As we walk through the installation process, you'll note how similar it is to Windows 2000.
To start installing Windows Server 2003 on a new system, simply insert the Windows Server 2003 CD and turn on the system. If the system is configured to boot from CD and there are no configured disk partitions, the setup program launches automatically and begins installing Windows Server 2003. If disk partitions are configured, it displays the following prompt: Press Any Key to Boot from CD. You then must press a key to launch the setup program. If you don't have a bootable CD-ROM drive, you can boot to a DOS floppy disk with CD-ROM drivers and launch setup by running winnt.exe from the i386 directory of the Windows CD. Alternatively, if you have a previous installation of Windows on your system, you can perform an upgrade or fresh installation by running winnt32.exe, which is also in the i386 directory. We will look at upgrading from previously installed operating systems later in this chapter.
When booting from the Windows Server 2003 CD, the initial phase looks exactly like Windows 2000. You get the familiar blue Windows Setup screen, as shown in Figure 2.1.
If you need to install device drivers for your disk array, press F6 when prompted at the bottom of the screen, just like Windows 2000. After it detects initial hardware devices and loads the setup application, you are prompted to set up Windows, repair a previous windows installation, or quit.
Selecting Repair during the setup launches the recovery console. The recovery console, first introduced in Windows 2000, essentially provides a minimal DOS-style console where you can set the startup state of services (automatic, manual, disabled), manage drive partitions, copy files, and perform other diagnostic and repair functions.
Another setup option for disaster recovery is to press F2 when prompted when Setup first starts. This launches Automated System Recovery (ASR), which is a replacement for the Emergency Repair process. The Emergency Repair process in previous versions scans system and Registry files and attempts to repair any corruptions or differences based on a previously created Emergency Repair Disk. It really only ever works if you have missing or corrupted system files. The Automated System Recovery process is really an automated full system restore. Prior to performing ASR, you need to create an ASR disk. The ASR disk is created when performing an ASR backup using the Windows backup utility and contains the information necessary to restore the backup.
Assuming you choose to continue with the installation of Windows, the license agreement is displayed and you must press F8 to agree to the terms and continue. Next, you are given the opportunity to create/delete partitions and select the installation drive. When booting from CD, you can do just about anything to the drive partitions. You can create new partitions and delete any or all of the existing partitions. After you have the drives partitioned the way you want, select a partition on which to install Windows Server 2003. Next, setup detects whether there is an existing version of Windows on the partition you chose. If there is, you are prompted to upgrade it or erase it and start fresh. Next, you are prompted on what to do to the existing file system. You can format with NTFS, format with FAT, or leave it unchanged, just like Windows 2000. However, as shown in Figure 2.2, if previous partitions exist, you now have the option to perform quick formats with NTFS or FAT to save time.
The default is to format the partition using the NTFS file system. The system then formats the drive (if that's what you chose). It checks the integrity of the drive and then copies the Windows files. After the file copy is complete, setup reboots and the GUI phase starts.
The default installation directory for Windows Server 2003 is Windows, not WINNT like in Windows 2000 and Windows NT 4.0.
After the reboot following the DOS phase, Setup enters the GUI phase. The first option you have during the GUI phase of the installation is to configure Regional and Language options. Next is personalizing the installation by entering your name and company name. You are then prompted to enter the product license key and to select the licensing mode?per server or per seat. This is followed by the configuration of the computer name and administrator password. One new feature is an insecure password warning: If you enter an insecure password, as shown in Figure 2.3, Setup pops up with a message warning that your password is too simple and suggests criteria for a stronger password.
The next step is entering the date, time, and time zone. Setup then detects any network components (such as network cards) that might be installed and prompts you to configure them. If you have multiple cards, you can configure the settings independently for each card. You have the option to configure with Typical Settings (Client for Microsoft Networks, File and Print Sharing for Microsoft Networks, TCP/IP configured to use DHCP) or Custom Settings.
Selecting Custom Settings enables you to specify static IP addresses or add/remove services and protocols. Next is the option to join a domain or specify a workgroup. After that, Setup finishes copying files and configuring the system, reboots, and starts Windows Server 2003. The first time you log on, the Manage Your Server Wizard starts and enables you to configure your server for its custom role, as shown in Figure 2.4.
You might have noticed that, unlike Windows 2000, there is no opportunity in the installation process to specify which server components and services (DNS, WINS, DHCP, RIS, IIS, and so on) to install. Installation and configuration of server components are performed after the OS is installed, unless you specify otherwise in an unattended installation script. You build those scripts the same way that you did in Windows 2000; for more details, search Windows Server 2003's online Help and Support Center for "unattended installation". We'll also touch on unattended installs later in this chapter.
Installing Windows Server 2003 from the network is basically the same as installing from CD?there is just an extra initial phase for copying the setup files prior to the DOS-based setup phase. It is also the same as in Windows 2000; you simply map a drive to the network location containing the Windows Server 2003 CD files and run winnt.exe or winnt32.exe from the i386 directory. The main difference between running Setup using winnt.exe or winnt32.exe (either across the network or from CD) and running it by booting from CD is the restrictions on what you can do when partitioning drives in the DOS phase. When installing from the network, the files for the Setup program itself must be downloaded to the local system. Consequently, the partition containing those files cannot be deleted during the drive partition phase of setup.
The choice of whether to run winnt.exe or winnt32.exe is dependent on the existing operating system. winnt32.exe is sometimes referred to as the upgrade setup because it can be run from previous Windows operating systems. If you have Windows NT or Windows 2000 installed, you can run winnt32.exe to upgrade the OS. If you don't have an existing operating system (in other words, you boot from a DOS boot disk), you must run winnt.exe.
After Setup gets past the drive configuration step, the rest of the setup process for a network-based install is identical to a CD-based install.
A new feature of Windows Server is Emergency Management Services. This new feature is available on systems that have special hardware that supports firmware console redirection and have a Serial Port Console Redirection (SRPC) table. Essentially, Emergency Management Services provides out-of-band access to your servers. It is a sort of text-mode console into the server even when the operating system is down. This gives you access to do anything on the server, short of physically removing and installing hardware.
As such, it provides an additional option for installing Windows Server 2003. For example, you could perform remote installations of Windows Server 2003. After the console is redirected, you can insert the Windows Server 2003 CD, boot the system, and run through an install. Unfortunately, because of the way Emergency Management Services works, you won't be able to see the GUI phase of setup. Consequently, when Setup reaches the end of the DOS phase, it prompts to automatically configure the GUI portion. Selecting this option enables you to proceed with the GUI installation; however, you won't have any choice in what it installs. It installs with the default options, but at least it gets the OS installed. One way to overcome this drawback is by using an automated install using an unattended answer file.
For the most part, unattended installations are the same as in Windows 2000: They can be launched from the network or CD using winnt.exe or winnt32.exe. Windows Server 2003, however, supports the use of an unattended installation file and an optional uniqueness database file to specify the answers to setup questions.
The documentation for the unattended installation files is now ref.chm instead of unattend.doc in the deploy.cab file. You can access the contents of deploy.cab (or any .cab file) by using WinZIP or a similar shareware application.
Because new and different features and components are available in Windows Server 2003, the main differences from Windows 2000 are in the answer files themselves and the methods for creating them.
The Windows Setup program is hard-coded to look at the floppy drive for a file called winnt.sif. If the file exists and is in the proper format, it reads it and performs an automated setup based on the answers in the file.
The Setup Manager Wizard, which is used to create the answer files, has been improved to ease the creation of automated installation files. It walks through all the questions asked during setup, allowing you to specify the answers. It then creates the appropriate unattended installation file(s) based on your answers. The Setup Manager Wizard can be installed by extracting setupmgr.exe from deploy.cab in the Support\Tools directory of the Windows Server 2003 CD (Windows 2000 also requires an additional file, setupmgx.dll). The Setup Manager Wizard on the Windows Server 2003 CD can be used for creating answer files for all Windows XP and Windows .NET editions, except Data Center. To create answer files for Windows 2000, use the Windows 2000 Setup Manager Wizard.
The main improvement in the Setup Manager Wizard is the interface. Rather than a screen-by-screen prompt for each question and answer, all the main options are on one screen, as shown in Figure 2.5.
The Windows Server 2003 Setup Manager Wizard also includes a number of additional options. First, in Windows 2000, the Setup Manager Wizard does not prompt for the product license key, so you have to manually edit the answer files or get prompted for the license key during setup. In the Windows Server 2003 Setup Manager Wizard, you can specify the product license key to use.
The Setup Manager Wizard has one quirk. If you click Next to advance between each of the configuration options, when you get to the Product Key the cursor is in the second to last field, not the first one. More than once I've started filling in the product key only to have it entered in the wrong fields. Very annoying.
Another problem with the Windows 2000 wizard is specifying the local administrator password. If you enter it in the wizard, it is stored in the answer file in clear text. Obviously, anyone who has access to the file would then know the local administrator password, which is a potential security risk. In the Windows Server 2003 Setup Manager Wizard, not only can you specify the local administrator password, but you also have the option to encrypt it in the answer file. This eliminates the potential security risk of the local administrator password being stored in clear text.
One annoying thing about encrypting the password is that the option is available only for the local administrator account. There is no option to encrypt the password for the account used to join the domain. The domain account is potentially a more security sensitive account, so it's odd that Microsoft does not provide a mechanism to encrypt it.
Two additional options the Windows Server 2003 Setup Manager Wizard prompts for that the Windows 2000 one does not are Windows Components and Additional Commands. Windows Components enables you to specify the installed Windows Components, such as World Wide Web Service, SMTP Service, Remote Installation Service, Terminal Server, and so on. Additional Commands enables you to automatically run programs after the unattended setup completes while the computer is starting up. This can be used to further customize the installation by installing programs or setting configuration settings?anything that can be executed without requiring a user to be logged on.
Just like the Windows 2000 version, the Setup Manager Wizard in Windows Server 2003 creates the answer file, the udf file, if any, and a sample batch file based on the answers provided. You can then use these files as is to automate your deployments or further customize with a text editor.
For an explanation of unattended installations in Windows 2000, visit http://www.samspublishing.com/ and enter this book's ISBN number (no hyphens or parenthesis) in the Search field; then click the book cover image to access the book details page. Click the Web Resources link in the More Information section, and locate article ID# A010202.
Yet another method for deploying Windows Server 2003 is by using third-party imaging software. The process is largely the same as in Windows NT 4.0 and Windows 2000. A reference machine is prepared with all software installed and configured the way you like it. The sysprep.exe utility is then run to remove all machine-specific information, such as SID, computer name, and so on. This generic installation is then copied to a network share using third-party imaging software, which makes an exact bit-by-bit copy of the hard drives on the system. The image is stored on a server and later downloaded to one or more target machines. When the target machine boots up from the deployed image, a mini-setup wizard starts asking for all the machine-specific information removed by sysprep, such as the computer name, license key, and the like. When it's done, a brand-new system is up and running with a hardware and software installation identical to the original.
Windows Server 2003 supports deployment via imaging, just like previous versions. What's new is the sysprep.exe file that is used to strip out the computer-specific information.
A nice feature of the new sysprep is that it is more forgiving of different hardware. A switch (?bmsd) can be used to generate a list of available mass storage devices for sysprep.inf. You can then specify any additional mass storage devices that the mini-setup wizard should attempt to detect.
Running sysprep /? displays a list of the available switches.
Additionally, a new Factory Mode is available. If sysprep is run with the ?factory switch, when the system reboots and you log on, it comes up into Factory Mode, as shown in Figure 2.6, instead of running the mini-setup wizard. When in this mode you can perform other operations, such as installing software or drivers, which helps to minimize the number of base images you need to store. You can store a few images sysprepped to boot to factory mode; then when it comes time to deploy, you can download the image to a target machine and load the software and drivers for the particular machine type. Finally, you can select the reseal option to run sysprep again to clean up, and the system will be ready to be imaged again to be deployed en masse.
Windows Server 2003 has a new anti-piracy feature for ensuring software licensing compliance?Windows Product Activation. When Windows is installed, you are prompted to enter a license key, which forms the basis for your product ID.
If you're using a Volume License copy of Windows Server 2003, such as one obtained through the Microsoft Select program, you must enter a volume license key instead of a license key. When using a volume license key with a volume license copy of Windows Server 2003, you don't have to perform product activation. This issue is examined in more detail in the next section.
When activating Windows Server 2003, a hash is created from the existing hardware in your machine. This hardware hash is then used to uniquely identify your machine and is sent to Microsoft, along with your product ID, when you activate Windows Server 2003. This associates the product ID to your specific hardware, thus ensuring that the product license key cannot be used on other hardware.
You can see your product ID by looking at system properties (right-click My Computer and select Properties). The product ID is the 20-digit code in the Registered To section.
Once installed, you have a limited time (30 days) before you have to "activate" the installation. If the Windows Server 2003 is not activated within the grace period, it ceases to function. A reminder pops up in the Notification Area until you activate it. Clicking the reminder balloon brings up the Activate Windows screen shown in Figure 2.7.
As you can see, a couple of different methods are available for activating Windows. You can activate it immediately by selecting Yes, Let's Activate Windows Over the Internet Now. Alternatively, you can call Microsoft to obtain an Activation Key and manually enter it. If you call Microsoft, you need to provide the installation ID for your system (a 54-character numeric string). You will then be given a corresponding 42-character string that you must enter?talk about tedious! Obviously, activating over the Internet is much easier, provided you have an Internet connection.
After you have activated Windows, if you attempt to install Windows Server 2003 on a different machine using the same product license key, Windows Activation fails. Because you are using the same product license key, you will have the same product ID; however, because it is a different machine, you will have a different hardware hash. When this information is sent to Microsoft during Windows Activation, the hardware hash won't match and the activation request will be rejected. Upgrading the hardware in an existing machine can potentially cause Windows Activation to fail. If too much hardware is upgraded, the hardware hash could be different. Obviously, valid reasons exist for using the same license on different hardware, such as replacing the existing machine with a newer one. You can still use the product license key in these situations, but you must call Microsoft to obtain an Activation Key and then use that key to manually activate Windows.
The process outlined previously is required for any retail or original equipment manufacturer (OEM) version of Windows Server 2003. The product license keys obtained in retail copies of Windows Server 2003 require activation.
What about volume licenses? Must you activate every installation of Windows Server 2003? For large organizations, this could be particularly troublesome because large corporations usually purchase Microsoft licenses in bulk via one of the volume licensing programs such as Select or Open license. These programs generally have a single license key for each platform that is used for installation of all the machines for the respective platform. What are these organizations to do? Must they call Microsoft and manually key in the Activation Key for every installation after the first? Of course not?that would be ridiculous and the industry would revolt.
If an organization purchases a Select or Enterprise license agreement, it obtains a special installation CD that has a setup program coded to automatically enter the Select program license key. This special license key does not require activation. If you use this Select CD, you aren't prompted to enter a product license key during setup and you also don't have to activate Windows after installation.
Other license programs, such as the Open license agreement, allow you to purchase a single physical copy with a single product license key, but you are allowed to install it on multiple machines because you have purchased (on paper) the appropriate server licenses. In these cases, a single product license key is used for hundreds, even thousands, of installations. With these license programs, a special volume license key is obtained from Microsoft that bypasses the Windows Activation, thus machines installed with these keys do not require activation.