Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Friday, June 25, 2010

script at boot-up in ubuntu

scripts in /etc/rc.local will be run once after every boot.
run only once at every boot.

I'm not trying to create a "rc" service with update-rc.d, because it runs on almost two or three runlevels.

My goal is to execute this script only once, after the scripts of last runlevel execution. Is something like Micro$oft Window$ "autoexec.bat".

What is the best way to do it? The "rc.local" file is where one is "supposed" to place startup scripts, but I do it a different way.

Since the "cron" scheduler has directories for "hourly", "daily", etc... scheduled tasks, why not ADD to this common theme by having a "cron.boot" which runs at boot time?

If you like, you can do it. First, CREATE a new directory named "/etc/cron.boot". Copy the ".placeholder" file from one of the other directories into it.

Then, cut-n-paste the following and use it to REPLACE your "/etc/crontab" file:

# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the 'crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
# => NOTE! Scripts to be placed in /etc/cron.daily, weekly, etc
#          must have '#!/bin/sh' or '#!/bin/bash' as their FIRST
#          line or else they will not work!
# => NOTE! Scripts must be executable (i.e. chmod 0755)
# => NOTE! Scripts must not write to STDOUT, nor require input from STDIN.
#  *  *  *  *  *  *  command to execute && next command...
#  -  -  -  -  -  -
#  |  |  |  |  |  |
#  |  |  |  |  |  +--- run command as 'user'
#  |  |  |  |  +------ day of week (0-7) (sunday=0 or 7)
#  |  |  |  +--------- month (1-12)
#  |  |  +------------ day of month (1-31)
#  |  +--------------- hour (0-23)
#  +------------------ minute (0-59)
#   special string  meaning / description
#   ==============  =====================
#   @reboot         Run once, at bootup.
#   @yearly         Run once a year  [0 0 1 1 *]
#   @annually       (same as @yearly)
#   @monthly        Run once a month [0 0 1 * *]
#   @weekly         Run once a week  [0 0 * * 0]
#   @daily          Run once a day   [0 0 * * *]
#   @midnight       (same as @daily)
#   @hourly         Run once an hour [0 * * * *]


# min   hour    day     month   dow     user    command(s)
# ===   ====    ===     =====   ===     ====    ==========

# at bootup
  @reboot                               root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.boot )

# hourly at hh:05
  05     *       *       *       *      root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.hourly )

# daily at 05:20
  20    05       *       *       *      root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )

# weekly at 04:35 (0=sunday)
  35    04       *       *      00      root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )

# monthly at 03:50
  50    03      01       *       *      root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )

It's the same old crontab file, with comments added and also the "cron.boot" facility added.

Now, just stick any script you like into "/etc/cron.boot" and it will run at startup.

The script must be set executable (chmod 0755) and should have "#!/bin/bash" as it's first line.

proc directory info



AHCI (Advanced Host Controller Interface) is present on newer Intel chipsets such as 975X (ICH7), P965 (ICH8), and P35 (ICH9). AHCI mode is enabled in the BIOS and 3 settings are commonly available: IDE, AHCI, and RAID. The last two (AHCI and RAID) require a driver floppy and the F6 method when installing Windows XP otherwise the hard disks won't be detected.
AHCI mode brings 3 main advantages:

  1. Supports NCQ (Native Command Queuing) allowing SATA drives to accept more than one command at a time and dynamically reorder the commands for maximum efficiency.
  2. Supports hot plugging of devices
  3. Supports staggered spin ups of multiple hard drives at boot time
If you installed Windows in IDE mode (ie you didn't use F6 and supply a driver disk), then simply changing the BIOS setting to AHCI mode and rebooting will cause Windows to fail and will require a repair install. Most people have been advising to reinstall Windows if you want AHCI enabled.
I managed to enable AHCI on Windows XP Professional for a Gigabyte P35-DS4 (ICH9R) without needing to reinstall. This should work on any P35 ICH9 based board:
1. Go to Intel's download centre and download the latest version of the Intel Matrix Storage Manager (, 8/2/2007 at time of writing) for your OS:
Keep this file as you'll need it again in step 4.
2. Run the installer with the -a switch to extract the files. This will NOT install the software, just extract the files. Follow the prompts as if you were installing the software:
iata76_enu.exe -a
The above should extract the files to \Program Files\Intel\Intel Matrix Storage Manager.
There are two folders, \Drivers and \Drivers64 for 32-bit and 64-bit OS's, respectively.

Copy the file IaStor.sys from the Drivers folder to C:\Windows\System32\drivers\
3. copy the following registry file to your desktop (copy and paste into notepad) and save as ahci.reg
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#ven_8086&dev_2922&cc_0106] "Service"="iaStor" "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor] "Type"=dword:00000001 "Start"=dword:00000000 "Group"="SCSI miniport" "ErrorControl"=dword:00000001 "ImagePath"="system32\\drivers\\iaStor.sys" "tag"=dword:00000019 "DisplayName"="Intel AHCI Controller" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Parameters] "queuePriorityEnable"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Enum] "0"="PCI\\VEN_8086&DEV_2922&SUBSYS_B0051458&REV_02\\3&13c0b0c5&0&FA" "Count"=dword:00000001 "NextInstance"=dword:00000001
4. Double check you've copied the IaStor.sys file as part of step 2. Now do the following:
  • Run the ahci.reg file to add the entries into the registry
  • Reboot the computer and enter the BIOS - DO NOT allow it to start Windows yet.
  • Change the setting for the on board Intel controller to AHCI, save and exit BIOS
  • Boot into Windows
When Windows loads it will detect a new hard disk - cancel the wizard for installing the new hardware and run the Intel driver installer you downloaded in step 1.
Reboot the system again and you're good to go
Now, under Device Manager > IDE ATA/ATAPI controllers you should see Intel(R) ICH9 SATA AHCI Controller listed.
Hope someone finds this useful - I wanted to do this as I needed AHCI mode to dual boot Linux and I didn't have a floppy drive on the machine to allow me to install Windows XP in AHCI mode. This is one area Vista has moved forward - it will allow you to install drivers from devices other than A: such as a USB pendrive or CD.
If you want to enable write caching, see einshem's tip here:
2. All this process worth nothing if you forget at the end to go to device manager, double klick your hard-drive(s) under "disk drivers", go to "policies" tab and mark "Enable write caching for this disk" (I recommend adding this to the guide)
EDIT: Here is a Registry file that should work for 975X and P965 based boards:

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#ven_8086&dev_2821&cc_0106] "Service"="iaStor" "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor] "Type"=dword:00000001 "Start"=dword:00000000 "Group"="SCSI miniport" "ErrorControl"=dword:00000001 "ImagePath"="system32\\drivers\\iaStor.sys" "tag"=dword:00000019 "DisplayName"="Intel AHCI Controller" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Parameters] "queuePriorityEnable"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Enum] "0"="PCI\\VEN_8086&DEV_2821&SUBSYS_B0051458&REV_02\\3&13c0b0c5&0&FA" "Count"=dword:00000001 "NextInstance"=dword:00000001
1. from the research I made AHCI is quite usefull also for normal desktop PCs running windows.

2. All this process worth nothing if you forget at the end to go to device manager, double klick your hard-drive(s) under "disk drivers", go to "policies" tab and mark "Enable write caching for this disk" (I recommend adding this to the guide)
Control Panel;
Go to device manager
, double klick your hard-drive(s) under "disk drivers", go to "policies" tab and mark "Enable write caching for this disk" ONLY FOR THE DRIVES WHERE YOU WORK. Because the cache is needed to speed up the disk operations, while you don't need speed in a backup disk.
In the backup drives disable it (do not mark). Because with the cache enabled if anything happens (system block, power-down, accidental reset, ecc...) you will lose data ALSO IN THE BACKUP DISK!
ICH8M. I tried your second reg file, not the first one.
So, how can you "follow the steps in the first topic" if you "made all the operations with the Jmicro set to IDE"? At this point of the procedure (After loading the .reg file) you should change the settings in the BIOS as "AHCI", not ide, BEFORE letting Windows start.
You could try to add ALSO the registry keys wrote by Peter Shilkin in the page 3 of this discussion.

Read the instructions on
For the not Russian-challenged:
1) Downloaded and unpacked
2) In PREPARE\IMSM_PRE.inf, changed all instances of dev_2829 to dev_27C1
4) Rebooted and enabled AHCI in BIOS. Windows booted fine.
5) Installed the latest version of iata76_enu.exe from Intel's site and rebooted again.

Installing the PREPARE inf file didn't do anything for my system. Still can't get into Vista with AHCI enabled.
I didn't change the devices from dev_2829 to dev_27C1 because my controller is 2829 already (ICH8M).

  1. Make sure that the BIOS is disabled AHCI and do not forget to backup folder Windows. Also, I advise to make emergency boot disk
  2. Download 79im05ww.exe and extract, for example, in C:\DRIVERS\WIN\SATA
  3.  If you ICH7M, go to step (5)
  4. Edit C:\DRIVERS\WIN\SATA\PREPARE\IMSM_PRE.inf replacing all DEV_27C5 on the values corresponding to your southbridge:
    • ICH6R - DEV_2652 ICH6R - DEV_2652
    • ICH6M - DEV_2653 ICH6M - DEV_2653
    • ICH7R - DEV_27C1 ICH7R - DEV_27C1
    • ICH7DH - DEV_27C1 ICH7DH - DEV_27C1
    • ICH7M - DEV_27C5 ICH7M - DEV_27C5
  5.  Press Win+R , type C:\DRIVERS\WIN\SATA\PREPARE\INSTALL.CMD , click Ok
  6. Restart your PC and turn on AHCI in the BIOS support
  7. When you boot OS start wizard detect new devices:
    • No, not this time 
    • If Windows XP, click No, not this time , then Install from a list or specific location (Advanced) , and as a way to specify the C:\DRIVERS\WIN\SATA
I've an ASUS P5K-VM with ICH9 but like it has the 4 sata ports controller, the only mod needed to your reg file is change DEV_2922 into DEV_2923 and voila!
But after the intel drivers install didn't work, then i've to use the drivers for Vista that cames with the motherboard and they work
I did the registry edit on Microsoft's page to enable the AHCI driver for Vista.
Then I rebooted, went in to the bios for my P5N32-E SLI motherboard, which uses the Nvidia 680i chipset, turned on RAID mode, which also turns on I believe AHCI for the Nvidia SATA Controller, rebooted and noticed that my system was faster, and it works perfect.
The Vista registry edit, works on Vista 32 and Vista 64.
One final thing to be done is to update the drivers. Go to the following link and download
RAID/AHCI Software - Intel® Matrix Storage Manager [IATA62.EXE], and install.*%20XP%20Professional&lang=eng
Windows 2003, chipset ich9R:
For my Aspire 9920 I added more DEV's:

HTML Code:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_2922&CC_0106] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_282A&CC_0104] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_2829&CC_0106] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_2822&CC_0104] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_2821&CC_0106] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_2682&CC_0104] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_2681&CC_0106] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_27C3&CC_0104] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_27C6&CC_0104] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_27C1&CC_0106] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_27C5&CC_0106] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#VEN_8086&DEV_2653&CC_0106] "Service"="iaStor" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor] "Type"=dword:00000001 "Start"=dword:00000000 "Group"="SCSI miniport" "ErrorControl"=dword:00000001 "ImagePath"="system32\\drivers\\iaStor.sys" "tag"=dword:00000019 "DisplayName"="Intel AHCI Controller" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Parameters] "queuePriorityEnable"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Enum] "0"="PCI\\VEN_8086&DEV_2821&SUBSYS_B0051458&REV_02\\3&13c0b0c5&0&FA" "Count"=dword:00000001 "NextInstance"=dword:00000001
I just don't know what controller type used in my system, so this .reg makes a deal with all types!
Windows 2003 Enterprise 64
Intel Server Board 5000 VSA 4 DIMM
I have download that:
Then I dezip, then I copy the file IaStor.sys (64 bits) to C:\Windows\System32\drivers\
Then I copy the following registry file to your desktop (copy and paste into notepad) and save as ahci.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#ven_8086&dev_2922&cc_0106 ]
"Group"="SCSI miniport"
"DisplayName"="Intel AHCI Controller"
But I am not sure is the correct for my motherboard.
Then I double clic on the file to add in registery
Then I reboot, and in the bios I put AHCI Enable
Then The pc run and I see the logo Windows 2003 during 5 s then blue screen and the system reboot.
Asus M3A motherboard with an ATI SB600 chipset. I downloaded the official x64 driver for the AHCI controller, and then wrote this reg based off of the .inf in the driver source:

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#ven_1002&dev_4380&subsys_82311043] "Service"="ahcix64" "ClassGUID"="{4D36E97B-E325-11CE-BFC1-08002BE10318}" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ahcix64] "Type"=dword:00000001 "Start"=dword:00000000 "Group"="SCSI miniport" "ErrorControl"=dword:00000001 "ImagePath"="system32\\drivers\\ahcix64.sys" "tag"=dword:00000019 "DisplayName"="ATI AHCI Compatible RAID Controller" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ahcix64\Parameters\PnpInterface] "5"=dword:0x00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ahcix64\Settings\CAM] "EnableALPEDisableHotplug"=dword:0 "EnableCCC"=dword:1 "CCCTimeoutValue"=dword:10 "CCCCompletionValue"=dword:32 "NCQEnableDiskIDBits"=dword:0 "EnableHIPM"=dword:0 "EnableDIPM"=dword:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ahcix64\Enum] "0"="PCI\\VEN_1002&DEV_4380&SUBSYS_82311043\\3&13c0b0c5&0&FA" "Count"=dword:00000001 "NextInstance"=dword:00000001
I first had to identify my device with linux
sudo lspci -vvnn | less
The official driver has dozens of device entries and I wasn't about to do them all. This means anyone else that wants to use this probably has to change the device number to match what they have.
But it worked on the first try. WHOO. Other than the code, the procedure is the same as the original post
works just fine on Asus P5E WS Professional ... no probs at all
Confirmed working on Abit IP35 Pro Rev1.1 w/
RAID/AHCI Software - Intel® Matrix Storage Manager v7.8.0.1012 (11/9/2007 )
MB ASUS P5B-SE 975P (BIOS vers. 0709), I follow the steps in the first topic but didn't help so:
I have integrated the Jmicro and Intel AHCI drivers into the WinXP istallation CD with nLite, installing windows: no help (HDD not recognized)
I reinstall everything using the floppy created with the 32-bit Floppy Configuration Utility for Intel Matrix Storage Manager, press F6 when required, no help (HDD not recognized)
I connect the HDD to the jMicro controller, set the Intel SATA to AHCI, start windows to install the AHCI drivers but in the device manager were found two new hardware, a second Jmicro controller and a PCI device, there was no way to install their drivers so, also this operation was aborted and back to IDE configuration reconnecting the HDD to SATA 1 port and Intel controller to IDE.
All this operations were done with the Jmicro always set to IDE in the BIOS, I always play with the Intel SATA settings. Any suggestions?

In following code replace SUBSYS_ and REV_ values to correct ones:

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CriticalDeviceDatabase\pci#ven_8086&dev_2929&cc_0106] "Service"="iaStor" "ClassGUID"="{4D36E96A-E325-11CE-BFC1-08002BE10318}" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor] "Type"=dword:00000001 "Start"=dword:00000000 "Group"="SCSI miniport" "ErrorControl"=dword:00000001 "ImagePath"="system32\\drivers\\iaStor.sys" "tag"=dword:00000019 "DisplayName"="Intel(R) ICH8M-E/ICH9M-E SATA RAID Controller" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Parameters] "queuePriorityEnable"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Enum] "0"="PCI\\VEN_8086&DEV_2929&SUBSYS_02331028&REV_03\\3&61aaa01&0&FA" "Count"=dword:00000001 "NextInstance"=dword:00000001
SUBSYS_ and REV_ values could be obtained using livecd with integrated drivers (see my previous post on previous page) or "PCI & AGP Info tool" from Hiren's BootCD (menu "System Info Tools").

Drivers for RAID can be treated the same way
You can boot the Windows disk using any controller in legacy mode and enable AHCI/RAID on another controller, then when Windows loads, just point the driver search to the relevant drivers (I prefer to extract them rather than run packed EXE files) and that should automatically do the same thing suggested above - sets up the device and any relevant services. Shut down, move the drive to the RAID or AHCI controller and all should be sweet.

Sunday, June 20, 2010

Change primary DNS suffix when Domain membership changes

What is the difference if it is checked or not?
With an XP machine on a Windows 2000 or 2003 domain, you can just leave them at the defaults, ie as they are shown in your screen shot. Once you've joined the domain, the DNS Suffix will automatically default to the domain you've joined, in your case and the NETBIOS name will be the same as your computer name pro10
NETBIOS is really only used with legacy (Pre NT) machines such as Windows 98.
Q How does modifiy registration (registering connections address in DNS & using DNS suffix in registration) affect Active directory?
A I guess I don't understand the question.  What do you mean by registration?
When your machine boots up you talk to your DHCP server and get a lease.  DHCP may then talk to DNS on your behalf and create an A record for your device in your DNS domain (NOT AD domain...) along with a pointer if there is a reverse zone available.
You get 2 things from DNS... name resolutions & service announcements.  DNS tells you that equals some IP address. It also tells you which server to go to to logon to your domain and where to find a Global Catalog server when you're browsing AD objects.
Changing your local DNS suffix affects none of these things.  All changing your local DNS suffix does is to automatically append that suffix to host names when talking on the network.
For instance... if my DNS suffix is ACME.COM and I type in "ping server1" I will get a reply that says "Pinging server1.ACME.COM".  My machine then contacts my DNS server and asks it how to get to to which the DNS server replies with the IP address of server1 in domain ACME.COM.
So... since you access resources most of the time in a single domain it makes sense for you to make that your primary DNS suffix.  It doesn't mean that you cannot resolve names in other DNS domains, it just means that the first one it tries... the one displayed to you... is the primary.
Does that help any more?  Changing your DNS suffix doesn't have anything to do directly with Active Directory.  If you mess up your name resolution you might not be able to connect to a particular resource though.
Q Normally the check box "register this connections address in DNS is checked" and one may also check "use this connections DNS suffix in registration".  So,  was wondering AD would function any differently when these options are used or not used?
Essentially, these affect what name your computer registers with DNS.  Your computer's DNS registration is primarily used when other devices on the network attempt to connect to your computer.  If you have "domainA.local" as your suffix, when you get your DHCP address your computer registers "name.domainA.local" with the selected DNS server and registers your IP address as a reverse lookup to that same name.
The default configuration is to use your local AD domain name in this fashion as well as to check the box.  This is because you are expected to be accessing resources in your own domain most often.  In addition, it is expected that other devices trying to connect to your computer would be expected to be in your own domain.
The only reason why you would want to use a domain other than your own default would be if you expected devices in another domain to connect to your computer and you wanted to make sure your DHCP-enabled computer registered a name within the OTHER DNS domain name in addition to or instead of your own AD DNS domain name.
So, unless you're publishing data on desktop computers to people in the other domains don't worry about this.  If someone in another domain needs to be able to connect to a server in your domain you may need to put a static entry in DNS for them to be able to connect by name, but you probably won't even need to do that.
Q What about the primary DNS suffix:  What if it were not used and we joined the AD domain with this box unchecked:  "Change primary DNS suffix when domain membership changes" ?
A Examples
You have 2 domains, DomainA and DomainB.
Your servers are in mostly in DomainA except for a domain controller in DomainB.
You have clients in both domains.  The clients all use resources in both domains.
Your clients in DomainA have their primary DNS suffix set to "DomainA" and your clients in DomainB have their primary DNS suffix set to "DomainB".
There is a trust between the domains.  All computers in each domain have a DNS server for their own domain selected in their IP configuration.  No WINS is available and broadcast traffic does not span the 2 domains (so NetBIOS won't work).  Basically we force all to use DNS for name resolution.
Scenario 1:
All clients have the "Change primary DNS suffix when domain membership changes" set.  You move a client from DomainA to DomainB.  Before the move, the primary DNS suffix for that client was "DomainA".  After the move, the primary DNS suffix automatically changes to "DomainB".
Scenario 2:
You do NOT check "Change primary DNS suffix when domain membership changes". You move a client from DomainA to DomainB.  Before the move, the primary DNS suffix for that client was "DomainA".  After the move, the primary DNS suffix remains "DomainA".
Scenario 3:
DNS is shared between both domains.  You have a client in DomainB trying to access Server1 in DomainA. The client queries DNS for the IP address of Server1.DomainA.  That address is returned to the client.
Scenario 4:
DNS is NOT shared between domains.  The client in DomainB tries to access Server1 in DomainA.  The client queries DNS for the IP address of Server1.DomainA.  The DNS server tells the client that it has no record of Server1.
Scenario 5:
Workstation1 in DomainB registers it's name with DNS using "DomainB" for the DNS suffix.  Workstation2 in DomainA attempts to access Workstation1.  Workstation2 queries DNS for ""
.  Since Workstation1 registered its name in DomainB but Workstation2 is querying for Workstation1 in DomainA the query fails and no resolution is made.
Scenario 6:
Workstation1 in DomainB registers it's primary suffix as "DomainB" but registers an additional DNS suffix for "DomainA".  Workstation2 queries DNS for "".  Since Workstation1 registered with both DNS domain names the query returns an IP address for Workstation1.
Q What about this scenario:  You do NOT check "Change primary DNS suffix when domain membership changes" AND not primary DNS suffix is blank to begin with?
A If you have no DNS suffix then when you go to a command line and type "ping server1" for instance. Then Windows does not automatically append "DomainA" to "server1".  The Change primary DNS suffix" option only applies when moving a client between domains.  The rest of the time it is ignored.
So then the question becomes... can you resolve "ping server1".  If you have no WINS and you cannot broadcast for "server1" and you don't have "server1" in cache then you cannot.
For more on how name resolution works on a Windows client check out
The best practice is to use DHCP to put your home AD DNS domain name in the DNS suffix.  You can add other domains also if you are likely to interact with them.  Never specify this kind of thing directly on the client unless you have some sort of special exception.

Saturday, June 19, 2010

RAID slipstreamer

Email me if you have any queries =

Download RAID Slipstreamer v5.4 Build 090424 (4.4Mb) *** NEW ***

v5.4 Build 090424
* MD5 - 5439D152E7CA8F2DE96435FE8C09E2DD
* SH1 - 9B9AACE2E2ACE312A0EDDB932311187E8C45EA74

NOTE - local Administrative privilege is a MUST!

NOTE - Windows Vista x86/x64 users are required to install this Kixforms.Net MSI

(screen capture from v5.3 Build 080626)

Supported Drivers (2003, 2000, XP, AMD64)

Posted Image Posted Image Posted Image Posted Image

PS. During slipstream, it will create and copy all the RAID drivers to the "\I386\$OEM$\$1\Drivers\RAID" folder (x86 OSes) and "root\$OEM$\$1\Drivers\RAID" folder (x64 OSes) . You may need to add this string in your UNATTEND.TXT, WINNT.SIF or SYSPREP.INF answer file:


Trace IP addresses to a location

In a cmd box use tracert and note the last
ip address
go to
Enter it and see...

Imaging a machine

...across the network

DD over Netcat for a Cheap Ghost Alternative

Recently I have seen several people ask “How can I clone my hardrive over Ethernet” on several forums that I read. There are several commercial options, such as Nortons Ghost, but I prefer the much cheaper solution of using the GNU DD utility (part of the fileutils package) and redirecting the results through Netcat (the GNU version can be found here). While it is not exactly the fastest solution out there, it is a decent enough of a solution, and I typically am never in a situation where I need to clone quickly through a network.

For the uninitiated, let me explain what these two tools do and how this whole trick plays out. First lets look at DD. From the DD Man page, DD will “copy and convert files”. Now you may be saying “So what”, but this description does not really do DD justice. DD is developed in such a way that is particularly suited to working with block devices, so it has a number of options for conversions. DD can also display the contents of those files to the standard output, or receive input via the standard input. Hard disk devices are usually accessible device files, usually under /dev, under *nix systems. So if I wanted to copy the contents of /dev/hda (usually the first IDE hard disk under Linux) to /tmp/harddisk_image, I could run the following command:

dd if=/dev/hda of=/tmp/harddisk_image

If I omit the “of=” option, it will stream onto the standard output device.  For more information about the options that DD supports, consult the man page. Alternatively, I found this article about using DD for forensic analysis.

Netcat is a tool that is called “the hackers swiss army knife”. That too is a description that I feel does not do this tool justice. The feature I will look at here is its ability to create a basic dummy connection. Basically we will create a simple listening socket on the target, and connect to it on the source system. This article describes this feature far better than I could, so I will not try to reinvent the wheel. Using the description provided by this article, if I wanted to copy a file from one system to another over a network, I would do something like this:

And on the target system first run
nc –l –p 7000 > file.txt

On the source system I would run:
cat file.txt > nc 7000 –q 10

This will do a basic copy of files from one system to another. Now, as I mentioned above, devices in *nix are files. So we are going to use this same principle to copy the contents of 1 hard drive one a machine to another, except instead of redirecting the standard inputs/outputs, we will pipe them to/from DD. To do so I would run the following commands:

On the target system I would run:
nc –l –p 7000 | dd of=/dev/hda

On the source system I would run:
dd if=/dev/hda | nc 7000 –q 10

Wait several hours and your good to go. You just saved yourself money on Ghost. There are other options here as well. If you’re worried about bandwidth, you can pipe the streams through gzip to compress the data transfer. So to do this, you would run the following commands:

On the target system:
nc –l –p 7000 | gzip –dfc | dd of=/dev/had

And on the source system:
dd if=/dev/hda | gzip  -cf | nc 7000 –q 10

In my opinion this has several advantages. If I have a central server, I can easily make disk images that I can use to remotely re-image a machine in the event of an issue. This works great in Standard Operating Environments, or environments where downtime needs to be cut down to a minimum and other fail over techniques have failed. In order to accomplish this, I would run something like this to create the disk image:

dd if=/dev/had | gzip –cf | dd of=source-192_168_1_120.img (or .zip, or whatever compressed format your comfortable with, such as tarball)

Now, when I need to re-image a machine, I can have the user either put in a special floppy disk or CD with a small image that simply boots and automatically runs the command to image to the target system. On the source system, since I already have a disk image ready to roll, I can run this command to send directly to the target system:

dd if= source-192_168_1_120.img | nc 7000 –q 10

I have been using this technique for several years now, and it works great. There are some caveats, of course. First, the target hard disk size must greater than or equal to the source disk size. If the disk is greater, you will have left over space on the drive, since this copy the partition tables exactly as they are. You can use a utility like Partition Magic, or I found this article explaining how to do this with NTFS using Knoppix. I am fairly certain that qtparted will also work on ext2/3 partitions as well. I will experiment with partition resizing and follow up with it. However, partition resizing is done at your own risk, and I would advise trying in a QA environment prior to using in any production environment. Also, if you create a disk image, you have to take into account system updates and patches. On a *nix system, you can mount the image and chroot to apply updates, however if you are using this on a Windows systems, this is not an option.
Netcat v1.10
Download windows version directly from:
If the new machine won't boot:
Modern Linux boxes need to have an new initrd made for the new machine.
Look here for more help
More recent versions of the netcat command (nc) will not allow the -p and -l options to be used at the same time, so instead of:
nc -l -p 9000 | dd of=/dev/sda
you would type:
nc -l 9000 | dd of=/dev/sda
If you are using nc with dd to transfer an image of a partition from one machine to the other, one of the problems is that dd and netcat won't show you a progress bar of the operation. One solution to this is to install pipe viewer by Andrew Wood. It then allows you to pipe the netcat command to the pipe viewer, allowing you to view the progress of the entire operation and for debugging.
target machine:
nc -l 9000 | pv | dd of=/dev/sda
source machine:
dd if=/dev/sda | nc 90000
Use dd conv=noerror,sync
otherwise you'll have problems with bad sectors on your source disk.
You wrote your tutorial using the char "–" (hexa code 80 93) instead of "-" (hexa code 2D E2).
I've copied that directly from my browser to my CLI, and got this error:
–l: forward host lookup failed: Unknown host
Things work better with the good dash.
I don't know where the change came from, but thank it may be helpfull to notice it. 
FOG (Free Opensource Ghost)
FOG is a free open-source cloning/imaging solution/rescue suite. A alt. solution used to image Windows XP, Vista PCs using PXE, PartImage, and a Web GUI to tie it together. Includes featues like memory and disk test, disk wipe, av scan & task scheduling.
Installing FOG on Ubuntu 8.10
FOG Server Install

1 Install Ubuntu

I Wanted a GUI so I went with the desktop Ubuntu, you may want to go with Ubuntu server. So go to their website, download the workstation x86 ISO and burn it.
1. English
2. Install Ubuntu
3. English
4. Select your Time Zone
5. Suggested Option
6. Use Entire Disk
7. Enter User Information and Computer information, I named mine 'foghat' with foguser
8. Install
9. Restart
10. Login

2 Install FOG

1. Open Firefox
2. Go to and download FOG.
3. Open Terminal Applications->Accessories->Terminal
4. cd Desktop (Remember Linux is case sensitive)
5. tar -xvzf fog*
6. cd fog*
7. cd bin
8. sudo ./
9. Select opt 2 Enter
10. N Enter
11. Default IP Enter
12. You dont need to set up a router IP but I will in case I ever use the server for DHCP.
13. Set up a DNS IP, just accept the default.
14. No do not change the default network interface.(you may not get this prompt if you have 1 nic)
15. I will not be using FOG for DHCP. (will require changing my current DHCP server.)
16. Note your IP settings and continue.
17. Enter to Acknowledge.
18. (I like to notify the FOG group, they have made a great product and deserve my feedback, choice is yours here)
19. gksu gedit /var/www/fog/commons/config.php and put your mysql password you typed during install in "MYSQL_PASSWORD", "" save and close. It has been noted that you also should change the MYSQL password here while you are at it /opt/fog/service/etc/config.php.
20. Browse to http://localhost/fog/management
21. Click install!
22. Click to log in. You can now reach this webpage from anywhere on the network where your server is installed by using it's ip address. eg I would reccomend putting an A record in your DNS called FOGSERVER this will make things easier to remember. default: fog/password

3 Set up DHCP (For Windows DHCP)

1. Log onto your Windows DHCP server
2. Open DHCP console.
3. Right Click Scope Options -> Configure Options
4. Scroll Down to number 66 check and give the hostname of FOGSERVER
5. Scroll down to number 67 check and give the value pxelinux.0
6. Apply and close.

4 Install FOG service on client (Host)

1. Log onto the PC
2. Browse to http://FOGSERVER/fog/client
3. Click to download
4. Open
5. Run Setup.exe in the Fogservice folder
6. Accept defaults (FOG does not like to be installed in locations other than default)
7. Enter the ip or preferrably the hostname if you created one. FOGSERVER
8. Save Changes, Done, Close.
9. Open services Start->Run->services.msc
10. Scroll down and start "Fog Service"
11. This would also be a good time to make sure that PXE is your primary boot option in BIOS, you might need to enable it.

5 Create an image file.

1. Click on Image management.
2. New Image
3. Give it a name, description, default storage group, filename, and Image type (choose wisely). For dell computers with a utility partition you will HAVE to select multiple partition single disk.
4. Add.

6 Assign Image to Host

Assign the Image to a host, this will be the image the host uses to restore and deploy from, You can assign this image to as many PCs as you want. Useful for group Deployment.
1. Click on Host management.
2. List all hosts.
3. Click Edit next to your machine.
4. In Host Image select the proper image that you created in the previous step from the dropdown.

7 Upload an image.

1. From another machine log onto http://FOGSERVER/fog/management login with fog/password
2. Click on Tasks (The Star)
3. List all Hosts
4. Click Upload next to the PC.
5. Upload image.
6. Click on active Tasks, and either wait for the PC to check in and autoreboot or Reboot it manually.

8 Test Restore/Deploy

1. Click on Tasks (The Star)
2. Click Deploy next to your PC.
3. Click image All computers.
4. Verify image by booting computer and making sure everything works.

Disk duplication

The Microsoft policy concerning disk duplication of Windows XP installations


The K2000 K-image format is file based so that images can be easily edited, eliminating the need to rebuild images. Its single instancing technology minimizes the time, bandwidth and storage required to capture and archive disk images. Efficient state management allows for lightning-fast reimaging of systems by bypassing redundant file transfers and only applying changes to the original image. The agentless feature of other K2000 components extends to disk imaging. Administrators have the ability to execute fully automated bare metal system build-outs.

Pre and Post Installation Tasks

A vast amount of work needs to be performed both before and after the deployment of an image. Performing this work manually negates the benefits achieved by partially automating the deployment process. The K2000 Deployment Appliance supports pre and post installation tasks to be included as part of the image deployment process. By utilizing pre and post installation tasks, administrators can fully automate systems deployment and work with thin images—key components of systems deployment best practices. K2000 pre installation tasks include disk, RAID and BIOS configuration while post installation tasks include sysprep automation, domain joining, service packs, and application and script deployment.

Change the SID and computer name of a cloned virtual machine

Acronis SnapDeploy can deploy Win7 & 2008 images. Paid product claims to work with Win7.
Can also be used in tandem with Clonezilla to do massive cloning across network.
For XP, Vista and Win 7.
MDT is prolly alot easier in my opinion, no hardware dependence, only 1 image per OS...
Injects drivers just before the image starts, automates all syspreping when creating the image.
Put it this way, to create a new image, I boot a computer into a PXE environment (usually a virtual), let it install the OS, Software, patches, registry tweaks etc, sysprep, reboot, capture the image, upload image to the server.
That entire task, I have hit F12, and clicked the OS i want the image based on and hit next, and walked away.
The put a image on a computer, I hit F12 into sysprep, choose the OS Image I want to use, type in computer name, hit next, walk away, and it'll image, inject drivers, boot into mini-setup, join to the domain with the right name, install any specific software for that lab (based on computer name).
This is in an education environment, a whole new lab can be up and running without having to worry about creating a whole new image for a new set of hardware, all i need to do is pull the drivers into MDT, it takes care of the rest, so a room can be unpacked and setup in roughly 1 hour.

Tiny PE

Creating the smallest possible PE executableThis work was inspired by the Tiny PE challenge by Gil Dabah. The object of the challenge was to write the smallest PE file that downloads a file from the Internet and executes it.
In the process of writing increasingly smaller PE files for the challenge I learned a lot of interesting details about the PE file format and the Windows loader. The goal of this document is to preserve this knowledge for future reference. In this, I have followed the example of the famous Whirlwind Tutorial on Creating Really Teensy ELF Executables for Linux.
SummaryIf you are too busy to read the entire page, here is a summary of the results:
  • Smallest possible PE file: 97 bytes
  • Smallest possible PE file on Windows 2000: 133 bytes
  • Smallest PE file that downloads a file over WebDAV and executes it: 133 bytes
The files above are the smallest possible PE files due to requirements of the PE file format and cannot be improved further. Take this as a challenge if you wish ;-)
UPDATE: Many before me had made similar claims and just like them I turned out to be wrong. Thanks to Peter Ferrie for pointing out that you can remove the last field from the 137 byte file and bring the file size down to 133 bytes.
You can also download an archive with all source code and executables from this page:
For details about how these results were achieved, read below.
Smallest possible PE file

STPD.sys error

SCSI Pass Through Direct Layer (duplex secure) - uninstall!
It's from Daemon tools and alchohol 120%. This little bugger is a time bomb. It should work fine with those programs but for some such as myself it will malfunction and crash windows. Expect a BSOD from then on whenever loading normally. On top of that it can cause safe mode to freeze up. Expect a lot of trouble when this software goes bad and make sure to delete it if you don't need it.
caused a BSOD: 0x0000007e error
Couldn't get into safe mode without pressing esc to cancel it loading
Blue screen with the 0x000000D3 stop error code and sptd.sys
Ultimate Boot CD utility Avira NTFS4DOS Personal was able to go into the hard drive and delete the sptd.sys in the windows/system32/drivers directory and thus fix the issue.
Posible Solution 
Safe Mode:
Once there, look for sptd.sys and delete it.
Also, click start, run, type msconfig and press enter - look under startup or services for Daemon Tools - uncheck it (sptd IS part of that process and obviously something has gone awry) and this will stop Daemon Tools from starting.
SPTD.sys will not, afaik, delete when you remove Daemon Tools - it HAS to be done manually.
There is another file named sptdXXX.XX (some random number I believe) but I can't remember the extension at the moment.
SolutionIsn't that the daemon tools driver? Are you able to boot into safe mode at all? (Press F8 at boot time - I don't recall which option lets you see which drivers get loaded - I think it's boot logging enabled - it may ask you if you want to load sptd.sys then just say no) and if you manage to get into safe mode uninstall daemon tools and see if that works.
Another thing you can do is boot into your Windows XP CD, and pick repair and choose the recovery console
Then type listsvc to see the list of services and drivers.
sptd.sys may be listed in there. 
Then type disable (name of driver - may be sptd.sys may be something else) to disable it the next time you boot.
Then type exit to reboot

The Machine SID Duplication Myth

You can use the Sysinternals PsGetSid tool to view a machine’s SID by running it with no command-line arguments:
Here, the revision number is 1, the authority is 5, and there are four subauthority values. At one point during the design of Windows NT, the machine SID might have been used for network identification, so in order to assure uniqueness, the SID that Setup generates has one fixed subauthority value (21) and three randomly-generated subauthority values (the numbers following “S-1-5-21” in the output). 
Even before you create the first user account on a system, Windows defines several built-in users and groups, including the Administrator and Guest accounts. Instead of generating new random SIDs for these accounts, Windows ensures their uniqueness by simply appending a per-account unique number, called a Relative Identifier (RID), to the machine SID. The RIDs for these initial accounts are predefined, so the Administrator user always has a RID of 500:
After installation, Windows assigns new local user and group accounts with RIDs starting at 1000. You can use PsGetSid to view the name of the account for a specified SID, and here you can see that the local SID that has a RID of 1000 is for the Abby account, the name of the administrator account Windows prompted me to name during setup:
In addition to these dynamically created SIDs, Windows defines a number of accounts that always have predefined SIDs, not just RIDs. One example is the Everyone group, which has the SID S-1-1-0 on every Windows system:
Another example, is the Local System account (System), which is the account in which several system processes like Session Manager (Smss.exe), the Service Control Manager (Services.exe) and Winlogon (Winlogon.exe) run:


The New Best Practice

It’s a little surprising that the SID duplication issue has gone unquestioned for so long, but everyone has assumed that someone else knew exactly why it was a problem. To my chagrin, NewSID has never really done anything useful and there’s no reason to miss it now that it’s retired. Note that Sysprep resets other machine-specific state that, if duplicated, can cause problems for certain applications like Windows Server Update Services (WSUS), so Microsoft’s support policy will still require cloned systems to be made unique with Sysprep
We knew it was bound to happen. M$ has started to "mess" with the original Systernals files. The following was posted in Exetools today by MarkusO:
"Today I checked if there where any updates for one or several of my Sysinternals tools. To my suprise, all Sysinternals tools have been rebuilt on November 1st, 2006.
I compared what was changed. It seems like most code is just a recompile with different compiler settings. Microsoft has also placed a giantic new EULA in each and every executable. (all *.EXE have about the 2x - 4x the size they had before)
When Microsoft took over Sysinternals, they just packed the old executables together with new licenses. Now it seems they are messing around.
If you still want to get the latest "Sysinternals" version of your beloved tools, you should do it quickly, since nobody knows how long the old links will be working."
MarkusO then pointed out that:
"Just go to the new Sysinternals homepage, grab a link (like and replace "download" with "www". This way you can still get the old (working... ) versions of the tools."
To make this process somewhat easier for those of you who might not have the patience to complie a list of the available files, here is one I put together from what others posted there and my additions to the list, comparing it to my own download of the Systernals site in August before they went M$ing. If you put this list in your favorite download manager, you can grab the files while they still remain available.

AccessEnum v1.32 (SRC).zip

AccessEnum -

AdRestore v1.1 (SRC).zip


Autologon v2.1 (SRC).zip




BlueScreen Screen Saver

CacheSet v1.0 (SRC).zip





Ctrl2Cap v3.0 (SRC).zip





DiskExt v1.0 (with SRC).zip

Diskmon v2.01 for

Diskmon v2.01 for




FAT32 for Windows NT 4.0

Filemon v7.03 for

Filemon v7.03 for



Fundelete v2.02 (SRC).zip

Fundelete v2.02.exe -




Junction v1.04 (SRC).zip







Netstatp (SRC).zip

NewSID - -

NTFS for Windows 98 v2.0 (Read-Only).exe

NTFSCHK v1.0.exe

NTFSDOS Professional v4.01 (Read-Only).zip



NTFSInfo v1.0 (SRC).zip


NTRecover v1.0 (Read-Only).exe


PendMoves and MoveFile



Process Explorer v10.2 for

ProcFeatures v1.1 (with SRC).zip







PsLoggedOn v1.32 (SRC).zip











Remote Recover v2.0 (Read-Only).exe


SDelete v1.51 (SRC).zip


ShareEnum v1.6 (SRC).zip








Tokenmon v1.01 (SRC).zip





Copy this list to your favorite text editor and copy all the URL's you want to a download manager and get them all (or all you want).
Some of these files are outdated by updates which apparently work on multiple systems, such a Debugview, Filemon, and Regmon, but they are included for the sake of completion of potential files still available.
By the way, M$ is offering a packed zip file of the "New" versions of these tools. This file contains all the individual (New Compiled, bloated) tools and help files:
(notice the "download" where the "www" is/should be to get the "original" files) The "" link is now part of M$ technet.

Check your SID using PsGetSid


As more and more people using virtualization, they face the problems like having two same SIDs on the network.
Using NewSid to change SID. NewSid is officially not supported by Microsoft anymore, so your virtual machine who’s SID was changed with NewSid is not supported anymore. Microsoft recommends using sysprep as a method to change SID on your operating system.
If you just need to change Security Identifier (SID) on at least two operating systems, because by coping virtual hard disk of the first operating system you have also copied it’s SID. The best way to do this is to use free software called NewSID (currently in version 4.10), developed by Sysinternals. In this post I’m gonna describe you how to use NewSID to change SID of your operating system. This tool, which packed size is only 68kb can be downloaded at Technet.
Unzip the newsid.exe application, start it and agree with the licence terms. You will see Welcome screen which tells you what NewSID is and tells you to backup your system before using it.

NewSID is not supported on Windows Server 2008 R2 and Windows7.
To change SID, use sysprep as described in tutorial How to change SID on Windows 7 and Windows Server 2008 R2 using sysprep?

I’ll show you how to use it in my next post, but today I’ll show you how easy is to check your SID, using free tool from Sysinternals called PsGetSid.
First you have to download PsGetSid from PsGetSid download page. Then extract it from the archive PsTools (for example on your desktop). You’ll see PsGetSid among the other PsTools.
Using Command Prompt navigate to that folder, and use simple command:
where COMPUTERNAME is the name of your computer.
PsGetSidIn my case I used psgetsid WS2008R2-3.


Also, there are other possibilities, and usage is as follows:
Usage: psgetsid [\\computer[,computer[,...] | @file] [-u username [-p password]]] [account|SID]
PsGetSid works for sure on Windows Server 2008 R2 , but it should work also on Windows XP, Windows Server 2003, Windows Vista, Windows 7
PsGetSid download page and instructions
PsGetSid direct download link

How to change SID on Windows 7 and Windows Server 2008 R2 using sysprep

sysprep 2.0 (that came on the XP CD) does not work with Windows 7 at all.
Tried the Windows 7 version of sysprep in C:\Windows\system32\sysprep, but that goes through the entire OOBE process again (and it runs again at every reboot!)
All I want it to do is prompt for a computer name and reset the SID of the system.
In the past we have used NewSID on Windows XP and that has worked (as far as I know). I've read that sysprep is preferred over this. It's an old-ish product (2005) so resetting Windows 7 SIDs it on a production network (~400-500 machines) irks me a little.
Would NewSID work on Windows 7? If not, what SID-resetting software would you guys recommend??

AnswerNew SID is not officially supported by Microsoft. I recommend you do not use it especially with Windows 7 or Windows Server 2008 R2
The official way to change SID is using sysprep which is built into Windows 7
select Generalize if you want to change SID
In terms of doing the Windows 7 deployment, Microsoft provides a free toolkit called Microsoft Deployment Toolkit (MDT) 2010 which is specifically designed for imaging/deploying Windows 7 machine into businesses
Microsoft Wellington
Deploy Windows 7 and Windows Server 2008 R2 with the newly released Microsoft Deployment Toolkit 2010. MDT is the recommended process and toolset for automating desktop and server deployment. MDT provides you with the following benefits:
Unified tools and processes required for desktop and server deployment in a common deployment console and collection of guidance.
Reduced deployment time and standardized desktop and server images, along with improved security and ongoing configuration management.
Fully automated Zero Touch Installation deployments by leveraging System Center Configuration Manager 2007 Service Pack 2 Release Candidate and Windows deployment tools. For those without a System Center Configuration Manager 2007 infrastructure, MDT leverages Windows deployment tools for Lite Touch Installation deployments.