Slipstreaming allows you to merge current hotfixes, service packs and application updates into an existing installation base, such as Windows XP, with or without Service Pack 1. To slipstream and custom tailor a master installation image suitable for your business needs, you must create an efficient and effective means of establishing order on desktops across your entire organization.
A properly slipstreamed and updated Windows XP base image expedites the process of building new desktops or rebuilding new desktops from old installations. Though it provides a ready-made pattern complete with all the appropriate tailoring for custom builds, a standard baseline image also defines system configurations for the entire organization, managing all the details at once. PC vendors and suppliers such as Dell, Gateway and Lenovo use similar practices for system recovery on computers sent out on loan or returned for re-use or re-sale in an unknown state.
A slipstreamed and custom base image also enables you to put desktops back in service more quickly should spyware or a worm overrun networks, workstations or servers. Occasionally, a piece of malware is so damaging that it warrants the fdisk-format-reinstall procedure. In many cases, there is little else one can do to ensure complete removal of suspect code from a PC. For example, Windows rootkits are not easily eradicated. By backing up data files and other safe holdings, then duplicating a well-maintained master image onto the existing volume, you can sidestep the painstaking cleanup efforts.
A basic checklist
These steps will help you construct a well-defined master baseline image:
- Start from a new, unaltered Windows installation. Install the latest chip set and video drivers -- best results invariably come when the driver set is completely up to date. This also ensures that all machines are equally able to accommodate the current recovery images you use.
- Run Windows update and install all high-priority updates. This lets you catch up your baseline installation with current updates, patches and fixes.
- Remove unnecessary Windows components. Windows arrives preloaded with an array of software components that are not necessary for daily operations. You can remove these components at your discretion and apply them to the master copy to minimize post-installation tasks.
- Install and update third-party utilities and applications. Even Microsoft Word has its own set of service packs, security updates, patches and compatibility fixes that conspire to make life harder for your technical staff. If you opt to hand-roll productivity applications into your baseline image, apply relevant updates as soon as you've installed that third-party code.
- Validate and test your master image. The master is the reference point upon which all subsequent images are formed. To validate your work, install the master onto a test bed and work through the installation procedure in full, or you can opt to load the image into a virtual machine such as VMWare or VMPlayer, which is lighter in weight.
- Create a base image to serve as your master copy. This is a working, known-good copy of the Windows operating system with additional service packs, binary patches and general updates applied and effective immediately upon use. The master image should be tightly managed and then exchanged for newer base images once they are produced and thoroughly validated.
- Create a slave image. Once a master image is established and validated, secondary "slave" images may be built from the master. This image contains all applications and configurations specific to your organization, or may be tailored to meet custom requirements for specific needs. Begin by populating a clean drive with the base installation image.
When you have created a workable base installation, you can slowly introduce the most critical (and most time-consuming) packages into the baseline image. Usually this means updating drivers and applying software patches, which may be automated or simplified using vendor tools such as Intel's Chipset Software Installation Utility. Modern motherboards often include vendor-specific firmware update utilities. All of these tools can be automated and scripted, thereby avoiding time and effort spent on their manual use.
One handy utility designed expressly for building images is called nLite. It's billed as a deployment tool for unattended installation of Windows images. NLite helps to streamline the slipstreaming process by providing all necessary capability within a comprehensive user interface. Additional plug-ins are available to extend its basic functionality; some can even prioritize service pack applications.
Baselining allows IT organizations to rethink how they spend their time recovering from disasters or keeping abreast of current technologies, so that they may focus on the tasks at hand.
Ed Tittel is a full-time freelance writer and trainer based in Austin, Texas. He specializes in markup languages, information security and IT certifications. Justin Korelc is a longtime Linux hacker who concentrates on hardware and software security topics. They contributed to a recent book on home theater PCs and are currently working on books about gaming PCs and the Linux-based MythTV multimedia environment.
This was first published in February 2006