Blog Posts tagged with K2000 Remote Site Appliance (RSA)

Ask a question

How to Setup a K2000 RSA on an ESX Server

Greetings everyone, Recently I've been working on getting our Remote Site Appliances set up for our offices and after creating this guide I thought I would share it with the good folks at ITNinja. While this isn't a generic guide for every situation on setting up a RSA on an ESX, it's my hope that people in similar situations to myself will find this guide helpful. Follow the steps below to create a KACE Remote Site Appliance on an ESX server. This allows you to manage computer inventory, deploy software and image computers even across the world.

    1. Make sure you have the latest RSA OVF files. At the time of writing it’s 3.4.62457. You can find the location to download the latest OVF HERE.
    2. Copy the OVF file and vmdk files over to the site you’re planning on to deploy the RSA to.
      1. I.e. if you’re deploying to a geographically remote site , copy the OVF files to the file server prior to trying to deploy the template.
    3. Open up vSphere and log into the ESX server you want to deploy it on and choose File -> Deploy OVF Template. When it asks for the source paste the location and file name of the OVF file that you copied over in Step 2.
      1. i.e. \\UKSERVER\Software\K2000 RSA 3.4\k2000_extender_3.4.62457.ovf
    4. Click Next on the OVF Template Details page. Then name the RSA along this naming scheme: SITEVMRSA and click next.
      1. i.e. UKVMRSA, INVMRSA, KOVMRSA, etc.
    5. Select the datastore you’ll use then click next.
      1. You’ll want to double check with the system admin or IT manager to make sure you’re good to carve out 250GB+ for this RSA.
    6. Choose Thin Provision and click Next. Click Next on Network Mapping as well.
    7. Don’t check “Power on After Deployment” and click finish. It will now build the RSA server. This may take around 15-20 Minutes
    8. Select the RSA server in vSphere and choose Edit Virtual Machine Settings. Then change the Network Adapter’s Network Label if needed. Click OK to close. And power on the RSA.
    9. Open the console and when prompted for the username enter konfig and when prompted for the password enter konfig. (These are the default credentials for the RSA)
    10. When asked for a language make sure English is highlighted and hit enter. (Unless English isn't your language of course)
    11. When prompted for the network setup follow this guide:
      1. Host Name: SITEVMRSA (i.e. KOVMRSA, INVMRSA, UKVMRSA)
      2. Domain Name: Your Domain
      3. IP Address, Default Gateway, Subnet Mask
      4. Leave Network Speed as Auto-negotiate
      5. Primary DNS: IP address of local DC (i.e. KOVMDC01 = 172.X.X.X)
      6. Secondary DNS: HQ DNS server: 172.X.X.X
    12. Tab down to the bottom and hit save.
    13. Pull up your browser and type in rsaserver/login (i.e. kovmrsa/login or invmrsa/login) (Don't forget you need a DNS entry to hit it like this, otherwise you'll need to use the IP address in step 11.3.)
    14. Accept the End User Agreement.
    15. Login with username admin password admin. (These are the default credentials)
    16. Click the Alert that leads you to Registration and Licensing. Click Edit. Enter Company Name, Organization Name is set to the name of the site (i.e. Zeeco India, Zeeco Asia), and put in the KACE Administrator’s email address. Send Crash reports to KACE.
    17. Click Add License Key. Input the License you received for your K2000 then Save.
    18. Log back in and click the alert to change the time settings. Select the Time zone closest to the location of the site.
    19. Then go to Settings & Maintenance -> Kace Linking and enable KACE Linking. The default options are fine.
    20. Go to Control Panel -> Managed Linked Appliances -> Choose Action -> Add New Linked Appliance. Input k2000name.domainfor the host name and paste in the Linking Key from the K2000.
      1. For the Linking Key you’ll need to log in to the K2000 go to Settings & Maintenance -> KACE Linking and copy the linking key.
    21. Log in to the K2000 and go to Settings & Maintenance -> Managed Linked Appliances -> Choose Action -> Add New Linked Appliance. Input rsaserver.domainand paste the linking key from the RSA Server.
      1. For the Linking Key you’ll need to log in to the RSA and go to Settings & Maintenance -> KACE Linking and copy the linking key.
    22. When linking the remote site to the main K2000 use rsaserver.domain this is due to KACE needing to do a reverse lookup so without the domain it doesn’t recognize it.
    23. In the K2000 go to Deployments -> Remote Sites -> Choose Action -> Add New Remote Site Appliance -> Select the remote site you just linked. In steps 20 and 21. Then click Next.
    24. Input Site Remote Site K2000 in the notes, set the update scheduling to go through every day at 12 PM. Then checkmark the installations and boot environments you want to bring over. Click Save and Sync.
    25. Go to the DHCP server for that location and under IPv4 server options set Option 66 to the IP address of the RSA server and then set Option 67 to kbox2000.0
    26. At this point the server will sync and you’ll be ready to use your Remote Site Appliance!

 

So there you have it! I hope this will help others in a similar situation. If anyone has any questions or suggestions please don't hesitate to comment and let me know!

View comments (5)

Capturing WIM images locally with custom KBE

Since K2 v3.5 takes away the ability to capture WIM images to the RSA (which was made available with the 3.4 KNIT) I have been searching for a good method to restore this ability.  A helpful KACE support rep showed me how to incorporate GimageX, which is a third party tool that is basically a graphical shell of imagex, into my KBE.  But it requires opening a command prompt and calling a batch file to start the tool up.  Not the most user-friendly process for people who were used to pointing and clicking to start a capture.

Also, imagex is technically not supported with Windows 8 or Server 2012, and I didn't have much success capturing a Windows 8 image using GimageX as a result.  The remaining option is to use the /Capture-Image command with DISM, which was made available in WinPE 4.  Except...the K2 doesn't use WinPE 4 yet.  So, what is the solution?

I am experimenting with a custom KBE using the WinPE boot.wim from the ADK (which is WinPE 4) with custom commands added to the startnet.cmd file.  If you don't know how to manipulate boot.wim, research "custom WinPE" to get started, it's not very difficult.  You upload your finished boot.wim with the KBE Manipulator using the "Custom .iso" option.

I decided to post this experiment here for feedback, and to see if anyone else could benefit from this in some way.  It may seem like a lot of work when I could just capture to the K2 using the existing method, but in my environment that is not a good solution because we have 80+ locations and I can't manage separate images for each one.

Here is the basic example of my startnet.cmd:

@echo off

title Follow the prompts to capture your image

wpeinit

SET /P School=What is your school number?:

net use t: \\%School%m\%School%m\image password /user:dsdut\image

SET /P Name=What would you like to name your image?:

Dism /Capture-Image /ImageFile:T:\ImageStore\%Name%.wim /CaptureDir:C:\ /Name:"%Name%"

echo Finished.

Exit

As you can see, after the "wpeinit" command the user will be prompted to provide input that will be used as a parameter for the "net use" command.  That line maps the T: drive to a server share that is named according to school number.  For instance, typing "402" at the prompt will turn "\\%School%m\%School%m\image" into "\\402m\402m\image", where the ImageStore folder resides.

The next line asks for input again, and uses it to supply the name of the .wim file in the same basic fashion.  With the "@echo off" statement, all the user will see in this KBE is an empty command prompt window as WinPE is initializing, then it will display each question along with the user-inputted response, and finally the capture progress.  After the capture is complete it will exit the KBE and the computer will reboot automatically (which doesn't happen in the official KBE, and if desired you can eliminate the "Exit" command to stop this from happening).

I have a second custom KBE that's slightly more in-depth:

 @echo off

 title Follow the prompts to capture your image

 wpeinit

 SET /P School=What is your school number?:

 IF /I "%School%" == "cts" GOTO Image1

IF "%School%" GEQ "146" GOTO Image2

 :Image1

net use t: \\image1\image1\%School% password /user:dsdut\image
GOTO End

 :Image2

net use t: \\image2\image2\%School% password /user:dsdut\image

 :End

 SET /P Name=What would you like to name your image?:

 Dism /Capture-Image /ImageFile:T:\ImageStore\%Name%.wim /CaptureDir:C:\ /Name:"%Name%"

 echo Finished.

 Exit

In this case, we have two separate servers setup as image shares, and certain schools are assigned to each one.  I didn't want to build two separate KBEs if I could use the school number parameter to determine which share to map.  Using the GEQ (greater than or equal) variable or any of its counterparts appropriately, I can tell it to map T: to \\image2 if the school number was 146 or higher, and if 145 or lower it will automatically use \\image1 by default.  I even have a little caveat in there for our tech department, so if I type "cts" it will also map to \\image1 since we use that server also (and since I can't use "cts" along with the GEQ variable).

This is the only method I can think of for capturing Windows 8 images directly to the RSA.  If someone has a different method I would be interested in knowing about it.  I've noticed that hardly anyone is very interested in capturing directly to the RSA (and apparently KACE saw this too and thus nixed the ability in 3.5) and I wish we didn't need to, but our structure dictates it.  Plus, I like having the raw WIM files to mount and edit.

Thanks for reading!

 
Be the first to comment

RSA Drivers on K2000 3.6 not deploying

If you find the task is failing on 3.6 RSA with drivers. Try this.

Make a new postinstall task using Runtime Environment:

Then upload copy_drivers.vbs from the peinst/hta/ folder call it

cscript.exe copy_drivers.vbs save it

Add to the mid leve task.

 

Troubleshooting Steps.

Check drivers are synced under the rsa share \\rsa\peinst

Make sure is checked and save sync

Be the first to comment

How to use Ninite with the K2000

This tutorial is to assist others in installing and maintaining multiple applications such as Adobe Reader, Shockwave, Silverlight, etc. Once you have completed the below steps you will be given an installer, keep this in a safe place so you can rerun or incorporate it in other places.

Step 1. Go to www.ninite.com you will then see a bunch of applications. (See Below image)

 

Step 2. Check the boxes of all the applications you’d like the installer to include.  Please note that the installer is only a matter of 300 kb at most.  This installer will go online, download and install/update any of the checked applications.

 

Step 3. Click the “Get Installer” button once you have selected all of the applications you’d like to include. You will then be prompted to save the executable. To save time and make it easy to locate save the file to your desktop.  Once this has been completed rename the installer to whatever you’d like. I am using Temp_Ninite.exe in this tutorial. 

Step 4.  Go to you K2000 appliance and select Library>Postinstallation Tasks and create a new Action “Add new Application”. Once the screen has loaded select a name to give to the installation. I used Ninite for this tutorial. It’s a good practice to add what programs are being installed with your version of ninite in the “Notes” section of the Post Task install.  Click “Browse” and navigate to your Desktop or wherever you saved & renamed your installer and select it.  In the “Command Line” section use the full name of the executable.  For my instance I have used “Temp_Ninite.exe”. (See below image)

  

Step 5. Add the task into any Scripted or K-Image flows that you’d like it in. I usually put it near the end as it requires you to click “Close” when it’s finished.

In closing please note that this installer will require you to click the “Close” button after the installation is completed unless you or your company purchase the pro version.  The pro version also includes switches in the executable to make things completely silent and require no user interaction.  This program will install or upgrade any of the programs that are selected in the earlier steps.  This means that if it sees that you already have the latest version of a program it will automatically skip that installer and move onto the next one.  With this being said this is also a very helpful tool to run with your K1000 in helping you keep any application in the above list up to date without the need to create separate Managed Installs for each of them.  I hope this helps anyone that is looking to making his or her lives a bit easier. I will be creating a tutorial on adding this as a managed install in a later tutorial and will link it here once it’s been completed!

View comments (1)

K2000 Multicast feature

K2000 v3.6 now includes a multicast feature for image deployment. 

There are a few things you need to be aware of in order to multicast an image.  V3.6 can only multicast wim files.  You can only have 1 partition because its only going to multicast the first wim.  The image appears to have to be deployed to the same drive letter it was captured from.  You can only multicast from the K2000 itself, RSA does not have multicast support. Multicast has a builtin throttle with a maximum limit of 8MB/s which in my opinion is to low.  That means if you have 1Gb to the desktop and you want to multicast, your going to be throttled way way down. Just as an example, I multicasted a small image.  Kace unicast to 1 PC over 1Gb took 12 and a half minutes.  Kace multicast to 1 PC over 1Gb with max throttle took an hour and 12 minutes.  I have not been able to test multicasting a large image yet but I know Kace unicast to 1 PC over 1Gb with a large image took me 2 and a half hours.  With the 8MB/s throtle, I expect that to be 20+ hours which is rediculous.

I saved the biggest thing for last which is that it uses PGM protocol for multicasting which may or may not be supported on your network equipment.  We have multicasted with Ghost for more than a decade (it uses IGMP) but our core Cisco switch doesnt support PGM.  That basically means we cant multicast between buildings.  Since RSA does not have the multicast feature, the only building we can muticast in is the building the K2000 is physically in which is not helpfull to us at all.  I can only hope they include it in RSA, otherwise I dont know if we can ever use this feature in production.

View comments (2)
Showing 1 - 5 of 7 results

Top Contributors

Talk About Best Practices