Managing Large Windows 98 Installations Using Linux

Summary of Problems Addressed by this System

Problem: Windows'98 System Integrity

• Need to provide a consistent environment for each user that sits down at a workstation no matter what the previous user did to the system.
  NOTE: Windows 95, 98, ME does little or nothing to protect the C: file system.

Solution

• Have a small disk image on the local hard drive that can be repaired between individual login sessions by a disklessly booted Linux operating system. The main body of the applications resides on the application servers.

Problem: Security

• Need to provide an authentication system that cannot be readily cracked and can be easily upgraded.

Solution

• Authenticate user prior to starting Windows 98 using the Linux PAM (Pluggable Authentication Modules) and then start up Windows 98 using the auto login registry entries. One shot password files are created on the relevant servers for samba file mount authentication.

Problem: Application Software and Licensing

• Need for providing a protected application software image with different licensed software available in different locations without having duplicate images for each location.

Solution

• Mount application software using samba from a read-only partition on an application server. Use as a mount point, a template directory composed of symbolic links that can make specific portions of the software available from the master image stored on the Linux application server.

Problem: Home Directories

• Need to provide users with a directory containing their own personal files no matter where they log in.

Solution

• A Linux program creates a script after user authentication and before switching to Windows'98. The script, when run under Windows'98, mounts the user's home directory from the appropriate file server using samba.

Problem: Reliability

• Need for high reliability in critical resources such as application servers and user file servers.

Solution

• Use fail safe technologies such as multiple servers and RAID disks.

Problem: Ease of Installation

• Need for a Plug and Play approach to workstation installation.

Solution

• Develop scripts to automate the bootptab generation, key/rom code generation and Linux system profile generation.

Problem: Software Maintenance and Upgrade

• Need for a rapid means of updating software. Also a means for dealing with slight variations in the hardware without having a complete new image and the subsequent work in maintaining this image.

Solution

• Develop a program that will automate the production of Windows'98 disk images for rapid application additions and upgrades. Also develop a program that will allow minor variations in the disk image to accommodate hardware variations. On the Windows side special attention has to go into the production of the image.

Linux Implementation of the Solution

Windows'98 System Integrity

• In order to verify the integrity of the local software, external software is loaded from a trusted server via a boot prom located on the Ethernet card. This firm ware program loads a Linux kernel configured for diskless operation.
• An image synchronization program is automatically started up in the background as Linux starts all services contained in the rc scripts.
• The image synchronization program forks into two processes ( reader and MD4 hash generator) that check the image with the NFS mounted MD4 hash of original image. Dirty blocks are copied to the local hard drive on the second pass. All reads are done in sequence to avoid unnecessary disk seeks.
  

Security

• Once Linux has loaded X windows it displays the kdm display manager authentication window. The window has a selector that can choose between Windows'98 or Linux window managers. PICTURE
• The user enters login name and password and selects the desired window manager.
• If the PAM authentication succeeds and the user has chosen win98 then a program checks to make sure that the background image update has completed and then runs the netlogon script.
• The netlogon script runs a client program, set_passwd, which connects with a one shot passwd server, one_shot_pw, on each of the file servers that the client will be mounting shares from. The server, one_shot_pw, validates the client with an RSA algorithm and vice-versa. The server, one_shot_pw, creates a one shot password file valid only for that user on that host. The one shot password file will be used by the samba servers when Windows'98 requests for the shares to be mounted.
• The one shot password (returned by set_passwd), username, default directory and other relevant session specific information is then put in a registry edit script, win98.reg on the Windows partition of the local disk.
  

  NOTE:

  We stuff the auto logon registry entries with this information so that the user will not have to logon under Windows'98

• Linux then calls bootwin, a program that sets a flag in the CMOS that directs the boot prom not to boot off the network. Linux then executes the reboot system call.
• Windows then boots executing a script, autoexec.bat that causes the registry entries produced by netlogon to be inserted into the system registry prior to authentication.
• The auto-login registry entry causes the windows login to briefly be displayed and then carries on with remaining system initialization using the supplied username and password.

Application Software and Licensing

• The netlogon script also creates a DOS script file, shares.bat that contains commands that direct Windows'98 to mount the application share from the application server.
• When windows 98 boots and after the auto logon has completed the DOS shares script is run using the username and password supplied by the auto login for server authentication.
• The application share points to not to the actual applications directory but to the view of the application that is permitted by the licensing. This is accomplished under the Linux application server by using symbolic links the appropriate application files or directories.
  

Home Directories

• During the running of the netlogon script, the script determines the users home directory and home directory server and inserts the relevant information in the DOS shares script, shares.bat.
• When windows 98 boots and after the auto logon has completed the DOS shares script, shares.bat is run. The home directory server is contacted and samba authenticates the connection using the one shot password provided during the initial authentication phase.

Reliability

• The servers in the palab and cplab have proved to be very stable over the past 6 months. Over this period of time the servers have hung only once and have never crashed (except when we tried to install some flaky memory).
• The RAID disks have also proved to be very reliable. Our main problem had been with the drive trays that tend to have seating problems when physically handling the server. I the computer science department we have replaced hard drives with only minor down time (10 min). Because the RAID is able to function with a single dead drive, the down time can be delayed until a time more convenient for the users.
• The Windows'98 software has proven to be extremely stable and if client workstations do not work, the cause is always hardware related. Knowing that the image is being restored to a known state at each reboot saves human resources that would otherwise be tied up in reinstalling the software to verify that the problem is not with the software.
• The security of the system in terms of damage by virus attacks has been minimal since the only place that the virus can infect the system is in the user's home directory.

Ease of Installation

• Over the past few months we have been working on automating the installation process so that running a single script and answering a few basic questions is all that is necessary to get a new computer up and running on the net. Currently there is a four step process that is required to set up a computer assuming that the hardware is supported by Windows'98.
1. Add the computer name to the name server
2. Generate boot-prom image with keys and add the keys to the know hosts file.
3. Add an entry to the /etc/client_profiles file and run mkservprof
4. Plug the computer into the net and allow it to boot.
• If the computer has different hardware then 3 added steps are necessary:
1. Build a Linux kernel that supports the special hardware
2. Configure the system to come up in run level 3 and run X -configure to generate the appropriate XF87Config file that can be added to the profiles.
3. Build a new Windows'98 image on the computer either from scratch or from one of the stock images assuming that it can succeed in building a new drivers data base.

Software Maintenance and Upgrade

• To aid in the task of building new Windows'98 images or upgrading existing images a number of scripting tools are available. newsoft when run on the server will allow a client to reboot continually into Windows'98 without updating the image. Once this option is enabled the Windows install process can proceed on the standard way including the multiple reboots. Once the image is satisfactory then the server script can be notified and upon the next reboot it will grab the image form C: and generate a new MD4 checksum file. The image is now ready to go on all machines with that configuration.
• Some times slight modifications are necessary as when a new graphics card must be replaced and so as not to have to generate a whole new image there is a gen_diff script that is similar to the script above except that it will store the differences between the images. The script is run from the application server and the instructions that it prints will step you through the whole process.
• There are a number of factors that must be considered when building Windows'98 images.

Flow of Control in Windows'98 Management System

The following diagram outlines the various stages involved in implementing out Windows 98 management strategy. Note that the components have been color coded to make it clearer which aspect of our system is responsible for those functions (see the key below).

Side Benefits

• The computer workstations are dual boot and can also run numerous opens source programs that are available under Linux.
• The following is a list of just a few of the cool packages that are on the latest image that we are working on:
  1. StarOffice
  2. Corel Photopaint
  3. Netscape 6.0
  4. Mozilla
  5. Kdevelop
  6. Sniff Ide
  7. Glimmer
  8. Visual Tcl
  9. Eric (Python ide)
  10. Dia
  11. Kdiff
  12. Cervisia
  13. DDD
  14. Kprof
  15. MakeTool
  16. Gvim
  17. VDK Builder
  18. Glade
  19. WordPerfect 8.0
  20. Qt Designer
  21. Kdbg
  22. Perl Composer
  23. Code Crusader
  24. Quanta
  25. WebDesigner
  26. BlueFish
  27. Kstudio
  28. Forte (java ide)
  29. Octave (matlab clone)
  30. R+

Future Plans

• Continue to work on the automatic configuration scripts and programs to create a truly plug and play workstation environment.
• To develop a script for generating diskless Linux images from standard distributions and there by cut down the time required to get the new distributions into production.
• To do research into the use of domain logins so as to provide roving profiles for the users.
• To continue research into the automatic generation of windows images for different hardware types. (Currently hardware homogeneity is almost a requirement)

Acknowledgments

• Steven Inkpen
• Paul Sherren
• Darryl Clarke
• Julian Squires
• Rod Campbell
• World Wide Linux Support Organization