How to securely map a Drive for Deployment Server 7.x / 8.0 / 8.1 and 8.5 – Part II

Part 2: How to use loginw in a run script task

There are multiple ways of using the generated .pwl File in scripts. I will show you how you could use it in two examples. The First example is a very simple one. The second example is a little bit more complex but it allows greater flexibility in an Enterprise Environment.

Simple (single Server Environment)

Lets start with a simple environment with a single SMP Server. NBS and Task Server is installed on the SMP Server.

Open the SMP-Console and navigate to Manage -> Jobs and Tasks create a new „Run Script“ Task (see Screenshot)

loginw.exe -f "x:\SymcSMP.pwl" -c "Your SMP Server Name" -d "Your Domain" - t 30
net use S: \\Your SMP Server Name\nscap
Every Client has a single connection to the SMP Server

Enterprise (multi Server Environment)

In the most Enterprise Environments you have multiple Site Servers (PXE Servers, Package Servers and maybe also Task Servers).

Wouldn´t it be a good idea to dynamically map a drive to the Site Server where the Clients is already connected to? 

Most of the time this is a server very close to the client. So to map a drive to this server is a very good idea because it saves you a lot of network traffic in case you copy large files to the client or back to the Site Server.

I want to explan how to map a drive to the SMP Server and also at the same time dynamically a drivemapping to the „correct“ Site Server. This works using Environment Variables. If your PXE-Servers are not installed on the Package Servers you have to use a different method to dynamically map a drive to the „correct“ Site Server.

In case you are not running PXE-Services and Package Server Services on the same server you have to create a Token for a Package Server or create a Token for a Task Server where the PXE-Server is installed on. At the end of this Article I´ll provide a token for a Task Server and also provide a Link to a Broadcom Community Article which explains how to create one for a Package Server.

In this case we assume that the PXE Server is installed on every Package Server so we are able to use the Environment Variables from WinPE.

Now we are ready to make use of this file using a Run Script Task. Open the SMP-Console and navigate to Manage -> Jobs and Tasks create a new „Run Script“ Task (see Screenshot)

loginw.exe –f „x:\SymcSMP.pwl“ –c „YOUR SMP Server;%ALTIRIS_PXE_SERVER%“ –d „Your Domain“ –t 30

Instead of using %ALTIRIS_PXE_SERVER% you could also use the Environment Variable %ALTIRIS_PXE_IP%
details of the commandline

After authenticating to the Servers listed above (in this case to our SMP Server and dynamically to all Site Servers running PXE Services) you are able to use the net use command-line as normally but without specifing a Username and a Password in „clear-text“. In the example unterneath the SMP Agent and the Packages are (installed) stored on the D:\ Drive if you are using a different Driveletter for storing your Package Server Packages then use this Driveletter instead.

Each Client has a connection to the central SMP Server and a second drive mapping to the decentral Site Server

PKGSvrHostX$ (where X represents the Driveletter where you installed your Package Server) is a hidden Share availaible on every Package Server.

You can also create and make use of your custom tokens in case you have created a token for a Package Server which isn´t available out-of-the-box.

If you do not have a standardizied Environment where somethimes your PXE Servers are your Package Server and sometimes this is not the case you could script around a little bit but keep in mind have to manually modify the script every time your Enviroment changes…

Here is a example of how this could work,…

if %ALTIRIS_PXE_SERVER%=="Server1" goto Site1
if %ALTIRIS_PXE_SERVER%=="Server2" goto Site2

:Site1
net use T: \\SERVER1\PKGSvrHostX$
goto end

:Site2
net use T: \SERVER2\PKGSvrHostX$
goto end

:end
exit

If you want to create a Token for your Package Servers just take a look here: https://www.symantec.com/connect/forums/there-token-deployment-site-server-76?cid=11342971

If your Task Server is also your Package Server then use the following SQL Query to create a Token:

select c.name from TaskTargetDeviceCache vc left outer join Inv_Client_Task_Resources ctr on ctr._ResourceGuid = vc.Guid And vc.Guid = '%COMPUTERID%' left outer join Inv_Client_Task_Servers cts on cts.ClientTaskServerGuid = ctr.ClientTaskServerGuid Join vcomputer c on cts._ResourceGuid = c.guid

Enhancement Request: It would be really helpful to be able to use Package Server, Task Server and PXE Server Tokens out-of-the box. Please provide these Tokens out-of-the-box and ready for use in a future Version of the Product or in a Release Update! It would also be great if you bring back the BootDisk Creator Wizard in a HTML5 Frontend into DS 8.x with a progress bar to check if BDC is still running or finished.

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

WordPress.com-Logo

Du kommentierst mit Deinem WordPress.com-Konto. Abmelden /  Ändern )

Google Foto

Du kommentierst mit Deinem Google-Konto. Abmelden /  Ändern )

Twitter-Bild

Du kommentierst mit Deinem Twitter-Konto. Abmelden /  Ändern )

Facebook-Foto

Du kommentierst mit Deinem Facebook-Konto. Abmelden /  Ändern )

Verbinde mit %s