WDS Server Setup

This section documents the steps necessary to set up a system for use in the campus WDS infrastructure. It is assumed that you begin with a fully-patched Windows Server 2008 R2 x64 system that is domain-joined, with disk space for images and other purposes allocated as drive F:.

  1. Place the server object into the WolfTech-WDS-Servers group located at Servers\WDS in ADUC.
  2. Verify that the WolfTech-WDS-Admins group is in the Administrators group.
  3. In Windows Firewall with Advanced Security, enable the following rules:
    • Windows Firewall Remote Management for RPC and RPC-EPMAP connection types.
    • Remote Event Log Management rules for RPC and RPC-EPMAP connection types.
    • Remote Volume Management for all connection types. (Also: ensure that you have this set of rules enabled for your management workstation!)
    • Remote Service Management for RPC and RPC-EPMAP connection types.
    • Windows Management Instrumentation for all connection types.
  4. Open an elevated (ie, “Run as Administrator”) Powershell command prompt and type “Enable-PSRemoting” and answer yes to the prompts it generates.
  5. Add the File Services role and configure with these role services: File Server, DFS Namespaces, DFS Replication. Select the “Create a namespace later” option – in reality, a namespace has already been created and we will never create a new namespace via this wizard.
  6. Create DFS target shares:
    • DriverRepository$
    • Location: F:\DriverRepository
    • Description: DFS share for WDS legacy driver repository
    • Share permissions:
    • Everyone: Read
    • Administrators: Full Control
  7. Security:
    • Auth Users: Read & Execute, List folder contents, Read
    • Administrators: Full Control
  8. Offline Settings: Only the files and programs that users specify are available offline
  9. Staging$
    • Location: F:\Staging
    • Description: DFS share for WDS staging directory
    • Share permissions:
    • Everyone: Full Control
  10. Security:
    • Auth Users: Modify, Read & Execute, List folder contents, Read, Write
    • Administrators: Full Control
  11. Offline Settings: Only the files and programs that users specify are available offline
  12. Configure DFS to replicate and point to the new server.
    • Add the new server as a member to the DriverRepository and Staging replication groups.
    • The new server should replicate with all other members in each replication group.
    • The new server should have a staging quota set to match the staging quotas set on the other members of the replication group.
  13. Add the new server as a folder target of the DriverRepository and Staging folders.
    • Set the new server as a disabled folder target until you have verified that replication has completed!
    • Once replication has completed, enable the new server as a folder target.
  14. Add the WDS role to the server, with both Deployment and Transport Server enabled as Role Services.
  15. Configure the WDS server to use F:\RemoteInstall as the remote installation folder, and respond only to known client computers.
  16. Create another file share, defined as follows:
    • Share Name: RemoteInstall$
    • Description: DFS share for replication of WDS installation data
    • Security: Auth Users: Read & execute, List folder contents, Read
    • Share Permissions:
    • Location: F:\RemoteInstall
    • Offline Settings: Only the files and programs that users specify are available offline
  17. Add the new server to the RemoteInstall DFS replication group.

 

Authorizing the WDS server

* If you are using a custom DHCP template that directs PXE clients to your server, you can skip this step. See [[../../Separating DHCP From WDS|Separating DHCP From WDS]] (also known as Cross-VLAN PXE booting to WDS) for more info.

Have a domain admin login to one of the domain controllers, select the DHCP admin tool, then “authorize servers”. Add in the IP address of the new server.