How Remote Installation Services Extension Works
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
How Remote Installation Services Extension Works
In this section
Remote Installation Services Extension Architecture
Remote Installation Services Extension Protocols
Remote Installation Services Extension Physical Structure
Remote Installation Services Extension Processes and Interactions
Network Ports Used by Remote Installation Services Extension
Administrators configure Remote Installation Services Extension using the Remote Installation Services (RIS) server-side extension (SSE), accessed from the Group Policy Object Editor. There is no RIS client-side extension (CSE). This section describes how RIS Policy is configured in the SSE, and how those settings affect Remote Installation Services.
Remote Installation Services Extension Architecture
The following figure shows the high-level architecture of Remote Installation Services.
Remote Installation Services Extension Architecture
.gif "RIS Extension Architecture")
In the figure, RIS SSE is the Remote Installation Services (RIS) server-side extension (SSE). This is the Remote Installation Services node in the Group Policy Object Editor for the GPO.
Components significant to RIS are summarized in the following table.
Remote Installation Services Extension Architecture Components
| Component | Description |
|---|---|
Group Policy Object Editor |
The Group Policy Object Editor is an MMC server-side extension packaged as the dynamic-link library (DLL) named Gpedit.dll. Each of the nodes in the Group Policy Object Editor, including the Remote Installation Services node, is itself an extension. |
Remote Installation Services (RIS) server-side extension (SSE) |
The RIS SSE is a Group Policy Object Editor extension, packaged as the DLL named rigpsnap.dll. Administrators use the RIS extension to configure the Remote operating system Installation options presented to target users. |
Rigpsnap.dll |
Rigpsnap.dll is the RIS SSE component. |
Lightweight Directory Access Protocol (LDAP) |
LDAP is a communication protocol used to query Active Directory directory services. |
Server Message Block (SMB) |
SMB is a communication protocol used for file access between the RIS extension and Active Directory. |
Group Policy Container |
A Group Policy Container is a location in Active Directory where GPOs and their properties are stored. |
Group Policy Template (GPT) |
The GPT is the part of the GPO that consists of the domain controller file system, and in which most Group Policy settings are stored. |
Sysvol |
The Sysvol folder contains the subset of folders shared on each domain controller. These folders store file-system domain information, as compared to registry domain information. |
Pre-Boot Execution Environment (PXE) |
PXE is a combination of standardized protocols and services that enables remote startup of computers over a network. Remote Installation Services uses PXE. |
Boot Information Negotiation Layer (BINL) service |
BINL is a service that runs on the RIS Server. BINL handles client requests, authenticates clients with Active Directory, and confirms that correct policy and settings are applied to the client during remote installation. |
Trivial File Transfer Protocol (TFTP) service (daemon) |
TFTP is a RIS Server service that downloads the OSChooser, Client Installation Wizard (CIW) files, and other boot files during the RIS process. |
Client Installation Wizard (CIW) |
CIW is the graphical user interface that guides the user of a client computer through the remote installation of an operating system. CIW consists of screens and a program called OSChooser that displays the screens. |
Single Instance Store (SIS) service |
SIS is a pair of components used to save disk and main memory file cache space when two or more files share content. Other attributes of the files might be different, such as path, owner, access control lists, and so on. Writes to one file don’t necessarily affect the other files. SIS saves space by providing links that are semantically identical to independent files. |
SIS filter |
The SIS filter is one of the SIS components. The SIS filter is a kernel-level file system filter driver that implements links for identical files. |
SIS Groveler service |
The SIS groveler service is one of the SIS components that detects identical files and reports them to the SIS filter for link creation. |
DHCP |
Dynamic Host Configuration Protocol is the communication protocol used between the client and the RIS server (and the DHCP server). RIS uses DHCP, which follows the PXE architecture, to bootstrap the client computer. |
Bootp |
Bootp is the RIS Server. |
Remote Installation Services Extension Protocols
Protocols used by Remote Installation Services are shown in the previous RIS Architecture figure, and are described in the following table.
Remote Installation Services Protocols
| Protocols | Description |
|---|---|
Trivial File Transfer Protocol (TFTP) |
TFTP is the service that hosts file download from the RIS Server to the client during remote operating system installation. |
Lightweight Directory Access Protocol (LDAP) |
LDAP is a communication protocol used by the RIS SSE on the Administrator computer to query Active Directory directory services. |
Server Message Block (SMB) |
SMB is a protocol used by the Administrative computer to access the Sysvol on the Domain Controller. SMB is the primary file and print sharing protocol. |
NTLM v1 |
Windows 2000 uses NTLM v1 for encryption. |
NTLM v2 |
Windows Server 2003 uses NTLM v2 for encryption. |
DHCP |
The client uses Dynamic Host Configuration Protocol (DHCP) to send out a DHCP discover asking for an IP address and a PXE boot server. The RIS Server and DHCP server respond using DHCP. |
Remote Installation Services Extension Physical Structure
The following figure shows the RIS file structure.
RIS Policy Files
.gif "RIS Policy Files")
The following table summarizes the files used by Remote Installation Services and the RIS extension.
Remote Installation Services Policy Physical Structure Components
| Component | Description |
|---|---|
Setup Installation Files (.sif) |
The RIS Server uses Setup Installation Files to communicate the installation options to the RIS client. These files have the .sif extension. |
.osc files |
The RISetup.exe tool, used to setup the RIS Server, installs a default set of Client Installation Wizard files. These files have an .osc extension, and are stored in the \OSChooser\English folder on the RIS Server. These files are text files formatted in OSCML, and can be modified. |
Client Installation Wizard (CIW) files |
CIW files are .osc files that guide the user through a remote operating system installation on the client. |
Winnt.sif |
Winnt.sif is a Setup Installation File downloaded from the RIS Server to the client and used to detect the client hardware abstraction layer (HAL) type. |
Ntldr |
Ntldr is the executable that starts the CIW. Ntldr is on the client, and is the same as the oschoice.exe file on the RIS Server, copied and saved as Ntldr on the client. |
Startrom.com file |
Startrom.com is a file located in the \\RIS_server_name\REMINST\oschooser\i386 folder on the RIS server. Startrom.com is the first file downloaded by Ntldr to start the client boot process. |
Welcome.osc file |
The Welcome.osc file provides the first Client Installation Wizard screen presented to the client during the Client Installation Wizard. |
Choice.osc file |
The Choice.osc file stores all possible remote operating system installation choices that can be presented to the client user. |
Oscfilter.ini |
The Oscfilter.ini file stores settings made in the RIS SSE, and it determines which of the possible operating system installation options in Choice.osc, are presented to the client. |
Oschoice.osc |
The Oschoice.osc file stores the remote operating system installation list (if more than one) presented to the client user as determined by the oscfilter.ini file and choice.osc file combination. |
Remote Installation Services Extension Processes and Interactions
A high-level overview of the remote installation of an operating system follows.
How a Remote Operating System Installation Works
The RIS Server and the RIS Client both must be connected to the wired network. Wireless connection to the network is not supported.
When the client user presses the F12 key, the client’s BIOS initiates a PXE boot by sending a DHCP discover and implementing PXE option tags. The BinL service on the RIS Server, which monitors port 4011, receives the DHCP discover from the client. The server downloads the startrom.com file image to the client using TFTP. The server loads the network driver on the client using the Uniform Network Device Interface (UNDI). The client transmits the client’s GUID/MAC to the server, which records the GUID/MAC. The server sends the Ntldr (oschoice.exe saved as Ntldr on the client) to the client using TFTP, and the client starts Ntldr/OSChoice.exe.
The server downloads the winnt.sif file to the client to detect the hardware abstraction layer (HAL) type. The client and server negotiate an OSC connection on port 401. Ntldr presents Client Installation Wizard (CIW) screens for user entry. Settings in Active Directory, the Registry, and files on the RIS Server determine the content of these screens.
One of the CIW screens is the Installation Choices screen. The RIS server queries the Active Directory Sysvol to determine the remote operating system installation options to display in this screen. The Active Directory Sysvol stores operating system choice settings in the oscfilter.ini file. You can determine the settings in the oscfilter.ini file using the Remote Installation Services node in the GPO editor. The Remote Installation Services node provides an interface for you to control the remote operating system installation options displayed on this one screen in the CIW. You can manually edit the oscfilter.ini file in Notepad to obtain the same result.
Note
- You can also control the client installation process by manually editing the .osc and .sif files on the RIS server. For more information, see the Remote Installation Services help, which is available from the Windows Server 2003 family Group Policy Object Editor.
Depending on which of the remote operating system installation choices the client user makes, OSChoice receives the name of the next application to start, and sets the fully qualified path to the RIS server. The name of the loader is set, and a soft TFTP restart occurs. OSChoice passes the TFTP restart block, which is a local packet of information, to the setup loader. The restart block is an in-memory location for X86 computers and is passed using launch arguments in EFI architecture.
RIS SSE Impact on Remote O/S Installation
The settings you make in the RIS SSE are saved in the oscfilter.ini file, which is located in the \WINDOWS\SYSVOL\sysvol\<domain>\Policies<gpo_guid>\User\Microsoft\RemoteInstall folder on the domain controller. The oscfilter.ini file has the following structure:
[Choice]
OSAUTO=0
CUSTOM=1
RESTART=0
TOOLS=0
Your three options for each of the four settings in the RIS SSE, and their impact on the settings in the oscfilter.ini file are:
Not Configured. This removes the choice and value from the oscfilter.ini file.
Enabled. This sets the value for the choice to 1.
Disabled. This sets the value for the choice to 0.
The choice.osc file on the RIS server is not edited by your settings in the RIS SSE; it remains unchanged. Only the oscfilter.ini file is edited. The Choice.osc file is formatted in OSChooser Markup Language (OSCML) which is HTML 2.0. You can manually edit this file to customize the login options presented to the client user. The following code shows the default Choice.osc file.
<OSCML>
<META KEY=F3 ACTION="REBOOT">
<META KEY=F1 href="choichlp">
<META SERVER ACTION="DNRESET">
<META SERVER ACTION="FILTER CHOICE">
<TITLE> Client Installation Wizard Main Menu</TITLE>
<FOOTER> [ENTER] continue [F1] help [F3] restart computer</FOOTER>
<BODY left=5 right=75>
<br>
<br>
Use the arrow keys to select one of the following options:<br>
<P left=8>
<FORM>
<SELECT SIZE=10>
<OPTION VALUE="OSAUTO" TIP="This is the easiest way to install an operating system on your
computer. Most installation options are already configured by your network administrator.">
Automatic Setup
<OPTION VALUE="CUSTOM" TIP="With this option, you can define a unique name for this computer
and specify where the computer account will be created within the directory service.
Select this option if you are setting up this computer for someone else within your company.">
Custom Setup
<OPTION VALUE="RESTART" TIP="A previous remote installation attempt has been detected on this
computer. Select this option to restart a previously started installation.">
Restart a Previous Setup Attempt
<OPTION VALUE="TOOLS" TIP="This option gives you access to tools for keeping your computer
up-to-date and for troubleshooting problems.">
Maintenance and Troubleshooting
</SELECT>
</FORM>
</P>
<BR>
<BOLD>Description:</BOLD>  
<TIPAREA>
</BODY>
</OSCML>
Network Ports Used by Remote Installation Services Extension
The following table lists port assignments for Remote Installation Services extension.
Port Assignments for Remote Installation Services
| Service Name | UDP | TCP |
|---|---|---|
DHCP |
n/a |
67, 68 |
RPC |
Dynamically assigned |
Dynamically assigned |
LDAP |
n/a |
398 |
SMB |
n/a |
445 |
COM |
Dynamically assigned |
Dynamically assigned |
DCOM |
Dynamically assigned |
Dynamically assigned |