Jamf Nation Community

We had a Citrix expert out here and he said maximum we could have 100 clients running terminal services to their macs, and well we test from anywhere from 100 to 500 at any given time per a building and there are 5 high schools total. Our infrastructure would collapse upon itself and create a vortex if we tired to do that many clients.

The only tested method we know for sure that works is Windows. My boss said he has to have it working, which means I have to have it working.

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

Ironically, Virtual machine licenses like Parallels of VMware Fusion for that many clients is actually more expensive than a 1 year least of windows xp professional. The developer is willing to pick up most of the tab if we just straight run windows. Plus they can only guarantee us that it runs on windows, since it has never been heavily tested in virtual environments.

I have used Bombich's tools in the past, and I guess I could just use them again to deploy a dual booting image. I have about a month to complete this and get it rolled out to 6,000 machines. So, basically I have the rest of this week to get it working because next week we start mass imaging.

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

Pay them what you would for Microsoft, Parallels or Citrix licenses to make a working Mac product. =)

And was the Citrix expert actually someone from Citrix? I find it hard to believe the advice you were given about that product, but I wouldn't be surprised on the price you may have been quoted for it. Microsoft also has things up their sleeve related to Terminal Services I think.

Maintaining dual-boot is probably what you should do as a last resort in my opinion. For the added cost I would do Parallels if you don't need to leverage the native power of the hardware. Managing that many more clients and keeping them secure and up-to-date. I'd think you'd want a single point of update if possible instead of doubling the client base.

We're still working on our dual boot environment because of some really SIMPLE tools an enterprise needs to properly maintain it. Like booting from Windows to Mac via a command line interface so you can script it or schedule it. (and if anyone has a solution for that I'm all eyes) There are lots of other good tools out there for cloning and what not.

Craig

On 6/30/08 2:07 PM, "Thomas Larkin" <tlarki at kckps.org> wrote:

Ironically, Virtual machine licenses like Parallels of VMware Fusion for that many clients is actually more expensive than a 1 year least of windows xp professional. The developer is willing to pick up most of the tab if we just straight run windows. Plus they can only guarantee us that it runs on windows, since it has never been heavily tested in virtual environments.

I have used Bombich's tools in the past, and I guess I could just use them again to deploy a dual booting image. I have about a month to complete this and get it rolled out to 6,000 machines. So, basically I have the rest of this week to get it working because next week we start mass imaging.

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

They already gave us a huge discount and my boss said keep it and put it towards your web based product. I would love to deploy virtual machines but I am not in charge of money nor paying for things, and we don't know if a virtual machine will work. We do know 100% that windows will work.

thanks for your guys input

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

That was going to be another suggestion, if they do a web based product so again there's only one point of update and more likely easier to make cross-platform, aside from the server it's hosted on.

Good Luck, Tom!

Craig

On 6/30/08 2:37 PM, "Thomas Larkin" <tlarki at kckps.org> wrote:

They already gave us a huge discount and my boss said keep it and put it towards your web based product. I would love to deploy virtual machines but I am not in charge of money nor paying for things, and we don't know if a virtual machine will work. We do know 100% that windows will work.

thanks for your guys input

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

FYI ­ I run roughly 250 Mac clients with line of business apps over Citrix
every day. The end users' only complaints are that they have to use buggy
Windows apps. The apps work as well as they would on a Windows box.

I would be sure to hound the vendor and make sure they understand that 'web
based' means 'based on open standards'. Too often in corporate situations,
I've been promised a 'web based' tool, only to find out that it requires IE,
Active X, or some other MS proprietary and therefore Windows-only
technology.

Good luck.

HAHAHA, oh yeah we made sure that web based meant safari, firefox,
mozilla, IE, netscape, opera, etc.

Our servers that run Citrix (we only run one server with Citrix for one
department) is rather old, and there is no way it could handle the 6,000
clients, with anywhere from 300 to 500 per a building testing at one
time. so that would be 1,500 to 2,500 district wide. I think we would
have to buy a lot of hardware to accomplish that and that is just not an
option. I will admit my experience with Citrix personally is very
limited.

Oh well, I think I am just going to boot camp it now to be safe. They
claim in December their product will be ready, but well we all know what
promises are from developers.

Thanks for the input. I would think that the casper client will image
anything that is in dmg format, so I will give it a whirl. Then for
post imaging config I will just run sys prep on the XP client side. I
have imaged countless windows machines so its nothing new to me.

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

Any possibility at all that this could work in CrossOver Mac? I know not
On 6/30/08 12:14 PM, "Thomas Larkin" <tlarki at kckps.org> wrote:
every Windows application works but if it does work for your application
then it means less overhead.

--

bill

William M. Smith, Technical Analyst
MCS IT
Merrill Communications, LLC
(651) 632-1492

The problem is with this software to my knowledge is that it is based on older PPC and classic architecture and while it does in fact run under Rosetta when it writes results to their database it corrupts it. This is a problem particular to OS X so I think that using a PPC emulator or even an API like crossover or perhaps even a virtual machine will all be moot. We have unlimited windows 98 client and I am installing a virtual machine of it right now via virtual box.

We can't pick up a new product because there is no way to migrate the database to another technology. The developer says they promise a web based product by 2009, but what does that mean? All it means to me is that this next school year I will be forced to do whatever it takes to get this software to work.

This is a known issue and is why the developer offered to pay 90% of our one year lease costs of WinXP Pro on 6,000 clients.

I have done this before in iMac labs with Bombich's software and the boot camp beta, and it all worked. However, the 1:1 laptop environment is a bit different. After I get everything up and running I got to make sure the machine is still locked down on both sides since our students take their machines home, and because the FCC and CIPA require us to filter their Internet surfing.

This will be a project indeed.

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

Guess I should clarify....

The old mac version corrupts the database files on intel macs. The windows version works with out a hitch, hence the need to load windows clients on the macs...

Sorry Should have pointed that out to begin with.

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

Nataniel-

that is pretty much exactly what I want to do. If you can shoot me some example scripts that would be greatly appreciated! I did pretty much the same thing with an iMac lab in the past and used Bombich's boot picker but you have to leave firmware wide open for that. I know that I could create a casper policy that will reboot to said volume, but how do you force the windows side to boot back into OS X?

Hmm, I just had an idea. If I created a casper policy (this will only work in version 6) with self service that would allow the user to reboot into windows via self service. Then create a windows reboot policy in the OS that would reboot the machine every day automatically at 3pm would mean when they are out of school it would reboot back into the default start up volume, which would be OS X.....

This is not how anyone would want to normally operate but I have no choice. Last thing I want is the board of education pissed at us because we can't use their approved, but unsupported old as dirt legacy software, and the developer is no help and there is no way to migrate the old databases to any newer or other technologies....

Basically, at this point I am just wanting it to work, no matter how ridiculous it gets.

thanks

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351

Well

A bit of an update here.

We used the JAMF tools (scripts and netinstall creator) to make the images. On the windows side there is an object policy that detects the bot camp preference pane in control panels, and if that program is there it does a few things via a zen policy.

Since we use Novell client to log in, I also disabled the Microsoft networking client, so no need to sys prep and no need to have unique names, which cuts down our imaging time. At log in the MAP test software is automatically launched, as well as this command to keep the laptops from sleeping.

c:windowssystem32powercfg.exe -setactive "always on"

We found out that if they go to sleep it kills the connection, which kills the app, which forces a reboot, and we don't want to make our user base frustrated.

We had to increase the size of the windows partition to make the imaging process happy. It seems we get less failures with the partition size being about 35% for Windows.

On the windows side I disabled port 80 and 443 originally through a local policy using MMC, but since it was such a pain I ended up using a free firewall application that just blocks all outgoing port 80 and 443 requests. It actually is a redirect to the localhost instead. That way no student would really want to run windows, since we only need it for one purpose.

Then once MAP is terminated in any possible way (through the app or task manager or if it crashes) another script executes (via that same object policy) that can open up applications and mimic mouse clicks. It opens up the boot camp exe on windows and selects the OS X volume and then selects restart.

So, this is very possible to do, and at the same time very ridiculous. However, MAP testing is not supported on intel macs and we have nothing but intel macs. I successfully had 20 machines test no issues at all yesterday.

I used autoIT for the mouse script. Here is the script

;; boot_to_osx.au3
;;
;; there's no way to do this with the command line or anything,
;; so here's a little autoit script to use apple's provided
;; utility to bless the OSX drive.

#requireadmin

Run("C:Windowssystem32AppleControlPanel.exe")
WinWait("Boot Camp Control Panel")
WinActivate("Boot Camp Control Panel")
WinWaitActive ("Boot Camp Control Panel")
ControlClick ("Boot Camp Control Panel", "", "[CLASSNN:SysListView321]", "left", 1, 40, 20)
ControlClick("Boot Camp Control Panel", "OK", 1)

Here is where you can find the app to download, it is free

http://www.autoitscript.com/autoit3/downloads.shtml

This works, but we do have a failure rate with imaging, and after about 2 weeks of testing and troubleshooting I am about to call it an AFP problem. When you start a session of say 20 clients AFP jumps up and plateaus. Which is fine, but about half way through it will spike. I am thinking that this spike is when the casper client switches from the OS X image to the windows image, and AFP does some weird auto balancing thing where it changes the client's speeds. When this happens I think that the windows image doesn't always get deployed right. We have 100% success rate with the OS X image every single time, and the Windows side will get the no bootable devices found error at start up. The Windows success rate is any where from 70% to 100% per each run of imaging. If you wipe it and reimage it, it works 9 times out of 10. That 1 time out of 10 is hardware failure, either bad NIC or bad HD. Also while troubleshooting this issue, and this is a HUGE find, I took the windows installation and booted off an XP CD and ran recovery console. I ran a chkdsk /r on the windows installation right before making the image. This not only fixed some of my issues with the image not copying right but it shaved off 1.6 Gigabytes!!!!! of the total image size. Since Windows likes to cache all those system updates, and they are already compressed they are pretty much wasted space on the installation. I ran CCcleaner to get rid of all that stuff but it didn't fully go away until I ran that chkdsk /r on the C: drive.

Thomas Larkin
TIS Department
KCKPS USD500
tlarki at kckps.org
cell: 913-449-7589
office: 913-627-0351