Provjereni scenariji za instalaciju sustava ERA

This section contain four verified scenarios for ERA deployment.

1.Deployment from ERA Server Appliance or Linux ERA Server to Windows targets not joined to a domain

2.Deployment from Windows ERA Server from Windows source not joined to a domain to Windows targets joined or not joined to the domain.

Preconditions:

Same local network.

Working FQDN names, e.g.: desktop-win7.test.local maps to 192.168.1.20 and vice versa

Installed clean operating system from MSDN with defaults

Targets:

Windows 10 Enterprise

Windows 8.1 Enterprise

Windows 7 Enterprise

1.Create an user with password that is member of Administrators group, e.g.: "Admin", open Microsoft Management Console by clicking the Start button, typing mmc into the search box, and then pressing Enter

2. In the left pane of MMC, click Local Users and Groups snap-in) on each machine

3.Open Network and Sharing Center

4.Change network to Private network from Public network using HomeGroup

5.Disable Windows Firewall for Private Network

6.Check that File and printer sharing is enabled for Private network in Change advanced sharing settings

7.Open regedit and locate HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

8.Create "LocalAccountTokenFilterPolicy" DWORD set to "1"

9.Create Agent Deployment Server task assigned to FQDN name of the machine (create a computer placeholder with full DNS name)

10. Set optional Server hostname to point to FQDN name or IP address of the ERA server

11. Set username to just "Admin" (no domain name or computer name prefix) and his password

12. Select Agent's certificate

13. Execute the task

For Windows XP Professional

1.Using MMC (Microsoft Management Console) and "Local Users and Groups" snap-in assign password to an user that is member of Administrators group, e.g.: "Admin"

2.Disable "Windows Firewall".

3.Check that "File and printer sharing" is enabled in "Network connections"

4.Open run dialog and execute "secpol.msc"

5.Select "Local Policies", "Security Options", "Network access: Sharing and security model for local accounts"

6.Set selected policy to "Classic - local users authenticate as themselves"

7.Create "Agent Deployment" task assigned to FQDN name of the machine (create a computer placeholder with full DNS name)

8.Set optional Server hostname to point to FQDN name or IP address of the ERA server

9.Set username to just "Admin" (no domain name or computer name prefix) and his password

10. Select Agent's certificate

11. Execute the task

3.Deployment from ERA Server Appliance or Linux ERA Server to Windows targets joined to a domain.

4.Deployment from Windows ERA Server from Windows source joined to a domain to Windows targets joined to the domain.

Preconditions:

Same local network.

Working FQDN names, e.g.: desktop-win10.era.local maps to 10.0.0.2 and vice versa

Installed clean operating system from MSDN with defaults

Created domain "era.local" with netbios name "ERA"

Created user "DomainAdmin" that is member of "Domain Admins" security group in domain controller

Each machine joined domain "era.local" with user "DomainAdmin" and this user is Administrator (Windows 10, 8.1, 7) or Standard user (power user on Windows XP)

"DomainAdmin" is able to log into each machine and perform local administration tasks

Windows ERA Server service is temporarily running under "ERA\DomainAdmin" credentials. After deployment "Network Service" is enough. (no changes necessary in the appliance or Linux)

 

Targets:

Windows 10 Enterprise

Windows 8.1 Enterprise

Windows 7 Enterprise