Tuesday, August 23, 2011

Use BGP maximum-paths eibgp with Caution

Under the BGP command process, "maximum-paths" enables BGP to perform load-sharing among multiple paths. There are 3 options:
  1. maximum-paths: only allow equal-cost path load-sharing
  2. maximum-paths ibgp: enable both equal-cost and unequal-cost path load-sharing for internal BGP
  3. maximum-paths eibgp: enable both equal-cost and unequal-cost path load-sharing for both internal and external BGP
If you have 2 or more edge BGP routers on same AS and is using both iBGP and eBGP, use the "maximum-paths eibgp" with caution. The Cisco routers would assign iBGP routes with same administrative distance (i.e. 20) as eBGP. You could end up with a routing loop if you design eBGP to be preferred over iBGP paths.

Monday, August 8, 2011

Part 4: Lite-Touch Installation using MDT 2010 and WDS

Earlier in Windows Deployment Part 1, I mentioned about using WinPE and ImageX (with a network share) to build, capture and deploy OS images. Using the Windows DISM tool, you can also service the OS images whenever you need to update any application patches or drivers. This is a heavy imaging method and is tedious to manage in a long run. In part 2, I mentioned about using Windows Deployment Services to automate the OS image deployment. However, this method alone does not allow you to service your images or install applications automatically. Nevertheless, Microsoft calls both methods as "Heavy-Touch" installation.

Microsoft Deployment Toolkit (MDT) 2010 allows you to combine both methods (WinPE/ImageX and WDS) for Lite-Touch Installation (LTI). This toolkit automates the manual tasks for WinPE and ImageX processes. It also facilitates the new "thin image" deployment concept. "Thin image" deployment does not include all applications and drivers on the base OS image, as constrasted to the traditional "heavy image" approach. Instead, new applications, patches and drivers are installed dynamically when you perform OS deployment.

There are several good blog posts that show you the step-by-step. I found these series of blog posts particularly helpful. In summary, I would just mention the typical overall steps:
  1. Prepare the necessary infrastructure, including AD, DNS, DHCP, WDS and file servers.
  2. Download Windows AIK and MDT2010. Install them on a technician computer.
  3. Open up the Deployment Workbench. Create a deployment share.
  4. Import Operating System. Try not to use WDS images option. See this forum.
  5. Create a task sequence and follow the wizard. Typically, it's "Standard Client Task Sequence" for new deployment.
  6. Add the necessary applications and third-party device drivers.
  7. Update Deployment Share by right-clicking on the "MDT Deployment Share"
  8. Several files will be created on the network share. Add the newly created boot image to your WDS server.
  9. PXE boot your target computer (can be a VM for initial testing). Select the Lite Touch boot option.
  10. Resolve all installation errors (if needed). Thoroughly test the target computer.
  11. Upon successful deployment, you can choose to create another Task Sequence to sysprep and capture the image, which is completely optional (good for hybrid Thin-Thick imaging). You can use this new capture image for subsequent WDS deployment.

Thursday, August 4, 2011

Display currently logon terminal services users

To display the currently logon users on a terminal server or session host on Windows Server 2008, use this command:

query session /counter [ /server:servername ]

For example, to count the number of active users:

query session /counter | find /c " Active "

find filters the output that contains "Active" and count them with the "/c" option.