Quote: Originally Posted by WindowsStar
Same image on many machines with the same name. You cannot do that unless they are all on different domains????
An example would be to build on machine A, join AD, make image, drop image onto another machine, use both machines.
Ensuring both machines are of exact motherboard specs/chipsets, this will work without the disk or OS crashing.
Perhaps I should specify two terms we also use regarding images: Gold, and Prep. Gold
images are build on 3 machines, all identical. These images do not get deployed anywhere except these three machines, solely for the purpose of using Box2 to build ImageA, Box3 for ImageB, Box4 for ImageC. When finished building ImageA, deploy ImageD to Box2. When finished with ImageB, but need more work on ImageA, deploy ImageA on Box3. Prep
images, are the above mentioned Gold's, which have run through the sysprep procedure. At reboot, the image is taken before restarting.
The Prep images are the ones that get deployed to the field.
Respectfully this is a rookie mistake. If you pull a machine and don't remove it from the domain you will most likely forget to remove the name from AD. It is best if you are removing a machine to just un-join it that way you are sure you have done it right. I know there are times you CANNOT do this hard drive crashes (etc.) but in that case you would be removing the name from AD manually while re-imaging the machine to get it back on line. I see so many AD's that are polluted with all kinds of names that never get removed because they don't un-join the machine or forget to remove the name from AD. This gets much much worse when you have 4, 5 or 10 Administrators and everyone is just removes the machine without any thought to AD. Then you get some junior admin trying to add a machine with a name that is already in AD and they don't know why and spend 3 days trying to figure it out, huge waste of time. -WS
Our dev domain is full of obsolete machines that have been reimaged without prior disjoining.
The senior site techs who do the imaging in the production labs/classrooms should be aware of the proper procedure you describe. They should
be disjoining the current machine before deploying a new/updated Prep image.
We dont do this in dev.
Once deployed, the machine is restarted. During sysprep, several custom scripts are run. One picks up the machine name from DNS, and attempts to join AD. But if it already exists in AD (error 5?), then a random alphanumeric name is created and used instead.
This is partly to ensure the machine gets joined flawlessly for the enduser in the morning.
2nd partly, if a machine fails to boot due to whatever error (tweaking failed, virus, etc.) and the machine cannot boot to the OS to be able to be disjoined, The machine simply get reimaged.
The latter is what would be most contributing to any obsolete items in the production AD.
So you're most certainly not wrong.
But we also have several systems that need to work together, so we do have a couple 'less than ideal' ways of going about things. But it all works, and it all works very well in the end.