ALTE DOCUMENTE
|
|||||
You can design your RIS server configuration to accommodate smaller localized networks as well as full scale corporate networks. In smaller networks of 100 or less client computers, you can minimize the number of RIS servers you need to service client requests for operating system installations. However, in larger network environments, you need to carefully consider the following:
Where to place RIS servers on the network so as to minimize the impact of RIS traffic.
Where RIS clients are located in proximity to the RIS servers that service them.
How many clients you intend to service.
How you distribute different operating system images to various user groups.
What security methods you apply to ensure secure operating system installations.
How you configure your Active Directory infrastructure to support RIS.
To accommodate full-scale corporate environments, you will need multiple RIS servers across your network, preferably using a combination of referral servers that accept, process, and forward client requests, and install servers, which provide the client with boot files, CIW screens, and the actual image download.
The way you design your RIS server configuration directly impacts its performance. For example, where you place your RIS servers on the network makes a difference because RIS servers generate heavy traffic during periods when clients are installing operating system images. Also, the number of RIS servers you have plays a role in installation performance because there is a limit to how 19119u208t many clients each RIS server can handle before time-outs occur during client service requests. In addition, by making use of multiple distribution points to provide different operating system images to RIS clients, you can mitigate network traffic and provide faster installation times to clients.
Another factor that impacts your RIS server configuration is the way you implement RIS server security. In corporate environments, you need to design a RIS server configuration that provides secure responses to clients requesting service. To do this, you need to set specific RIS server properties, provide security for non-prestaged clients, and secure the operating system images that you distribute to clients. You can also include prestaging RIS client computer accounts in Active Directory as part of your design, to maximize the security of RIS-based operating system installations.
When designing your RIS server configuration, your primary tasks are to define the following:
Network deployment configuration and the supporting Active Directory infrastructure
RIS server properties and other RIS configuration parameters.
RIS security configuration.
For a job aid to record your design decisions for your RIS server configuration, see "Designing the RIS Server Configuration" (ACIRIS_09.doc) on the Windows Server 2003 Deployment Kit companion CD (or see "Designing the RIS Server Configuration" on the Web at https://www.microsoft.com/reskit).
|
|
|
Note Although your Group Policy settings are part of your RIS server configuration, it is unnecessary to design them here because you should have already made those design decisions in "Designing for the RIS Deployment Mode" earlier in this chapter, and recorded them in job aid "Designing for the RIS Deployment Mode"(ACIRIS_08.doc). |
RIS servers are dependent on your network configuration: the way you deploy and manage your RIS servers on the network determines how they perform. Depending on how you place and configure your RIS servers, one operating system image can support multiple Active Directory sites, domains, and organizational units, or you can provide multiple customized images that you distribute to clients from strategically placed RIS servers.
Because each RIS server can only handle a limited number of simultaneous client installations, you might consider load balancing client service requests by using a RIS referral server. Figure . shows a basic RIS configuration unit that illustrates the relationship between PXE-enabled remote boot clients, a RIS referral server, and RIS install servers on the network that provide service to clients.
Figure 4. RIS Server Network Deployment
In Figure . , a PXE-enabled remote boot client requests the remote installation of an operating system. The request is passed to the RIS referral server, which is configured with the Do not respond to unknown clients option. This allows only prestaged clients to be acknowledged by the RIS referral server. The RIS referral server checks Active Directory to verify whether the client has a prestaged computer account and if it is configured to receive service from a specific RIS install server. If it finds a prestaged computer account and a designated RIS install server, the RIS referral server passes the request to the appropriate RIS install server (RIS Install Server 3) in Figure . . The client then downloads the CIW and begins the installation process.
RIS Install Servers 1, 2, and 3 are install servers that only provide operating system installations and do not respond to initial client requests for service. Conversely, the referral server does not provide image support, but does answer initial client service requests.
Figure . shows how RIS referral and install server configurations can work in an enterprise setting. In this configuration, you can apply tight control to which clients can access which RIS servers. This enables you to load-balance client service requests to ensure that each RIS server is not overloaded. You have this capability because you can specify which RIS server services which clients when you prestage client computer accounts in Active Directory. When you do this, be sure not to configure more than 75 clients per RIS server if you expect heavy service request traffic from clients. Alternatively, you can implement a simpler solution by configuring all RIS servers to respond and provide service to all RIS clients, however, this foregoes the additional security gained by using prestaged RIS clients.
To design a RIS server network deployment that includes configuration units such as the one depicted in Figure . , begin by deciding the following:
The number of RIS servers you require (including both RIS image and RIS referral servers).
Where you will place RIS servers.
How you will distribute RIS server images to clients.
The number of RIS servers you need is largely dependent upon how many RIS clients you need to support. You might need multiple RIS servers to support the clients in a large organization or only one RIS server if you are deploying Windows XP Professional on a small LAN or network segment.
The number of RIS servers you will need is impacted by the demand for new, upgrade, or custom operating system installations. As a result, you will need to determine your needs prior to deploying a standard desktop configuration of Windows XP Professional or other operating systems to your clients. Once you determine your needs, you can calculate how many RIS servers to deploy. You can base your estimate on the following metric for best case scenarios: one RIS server can send multiple operating system images over the network for up to 75 clients simultaneously.
The speed of your network and the hardware you use on your RIS server to support image distribution can also have a bearing on how many RIS servers you need. If you have slower network connections or RIS server hardware with marginal capabilities, you will need more RIS servers to handle client service requests to avoid network traffic bottlenecks during periods when RIS servers are active. If you follow the hardware recommendations specified in "Evaluating RIS Server Hardware Requirements" earlier in this chapter, you will be able to maintain support for the maximum number of clients per RIS server.
For load balancing and security reasons, consider using prestaged clients with a RIS referral and install server configuration. If you decide in favor of this configuration, then you must also determine the number of RIS referral servers you need to use. A RIS install server should be in close proximity to the clients it services, but a RIS referral server can pass client service requests to RIS install servers that are located across routers and domains. This is possible as long as the routers are enabled to pass DHCP traffic and there is a trust relationship between domains. As a general guideline for calculating how many RIS referral servers you will need, you can use a metric of one RIS referral server for every three RIS install servers.
For this part of your RIS server configuration design process, use the "RIS Network Deployment Configuration" section in job aid "Designing the RIS Server Configuration" (ACIRIS_09.doc) on the Windows Server 2003 Deployment Kit companion CD (or see "Designing the RIS Server Configuration" on the Web at https://www.microsoft.com/reskit) to record the total number of clients you need to support and the total number of RIS servers you need to provide image services. Also include the total number of RIS referral servers that you will need.
The primary issues concerning RIS server placement involve where you physically locate the server and where you place it in your Active Directory infrastructure. For more information about designing your Active Directory infrastructure, see "Designing the Active Directory Infrastructure" later in this chapter.
As a general guideline, place RIS servers in close physical proximity to the client computers they service rather than making connections across a WAN link. However, it might be necessary for your clients to locate a RIS server across a router or domain. When this is the case, the router must be configured to pass DHCP packet traffic and there must also be a trust relationship between domains. When considering RIS server placement in your network, you might also consult your DHCP scopes to analyze your domain structure.
In large organizations, do not place your RIS server on a DHCP server. This avoids potential failures in DHCP service if the RIS server becomes overloaded with client service requests. For more information about RIS server placement on the network, see "Assessing RIS Server Placement" earlier in this chapter.
Other placement issues are associated with the type of network connection you use to integrate RIS servers into your environment. Slow connections to RIS servers can hinder the speed of your entire network during periods when RIS is active. Inappropriate RIS server hardware that cannot support network demands can do the same thing. As a practical example, if your organization has branch offices, it is best to place a RIS server in each branch rather than attempting to have clients connect to a RIS server across a slow WAN connection.
For this part of your RIS server configuration design process, use the "RIS Network Deployment Configuration" section of job aid "Designing the RIS Server Configuration" (ACIRIS_09.doc) on the Windows Server 2003 Deployment Kit companion CD (or see "Designing the RIS Server Configuration" on the Web at https://www.microsoft.com/reskit) to record the following:
The network location or site name.
The names of RIS install servers that provide service to specific clients.
Whether you need to enable DHCP on routers for cross-domain client service requests.
Whether you need to establish cross domain trusts.
The names of your RIS referral servers and the Active Directory domains/subnets which they support.
Depending on the size of your network and the number of clients you have, you might need to create a scheme for managing the distribution of multiple operating system images from different RIS servers to ensure quick installations across the network. You can do this by using multiple RIS servers that provide custom operating systems installations to specific clients. To provide specific operating system images to clients from designated RIS servers, you will need to do the following:
Create the operating system images you want on each RIS server using Risetup.exe or Riprep.exe.
Create unique answer files and associate them with specific operating system images on each RIS server.
Set security permissions on the answer files to configure which users or user groups can access the images.
You can also create unique versions of the CIW process with custom .osc files on each RIS server to manage how you identify and distribute images associated with each RIS server. By distributing operating system images from different RIS servers in this manner, you can mitigate network traffic and accelerate the installation process for designated RIS clients.
For this part of your RIS server configuration design process, use the "RIS Network Deployment Configuration" section of job aid "Designing the RIS Server Configuration" (ACIRIS_09.doc) on the Windows Server 2003 Deployment Kit companion CD (or see "Designing the RIS Server Configuration" on the Web at https://www.microsoft.com/reskit) to record whether you intend to use multiple RIS servers to handle the distribution of a single operating system or multiple operating systems. If you choose multiple operating systems, record the operating system image names, the RIS servers that will host them, and whether you want to use a corresponding custom CIW process on each RIS server.
For more information about creating operating system images, see "Designing for the RIS Installation Type" earlier in this chapter. For more information about customizing the CIW process see "CIW Design Tasks" earlier in this chapter.
|
