When installing the Columbus 6 infrastructure on a Windows 2003 Server, some Policy settings are quite different than those in Windows 2000 or Windows NT4 environments. While Columbus properly installs, some Policy settings will need to be changed to allow the OSDeploy module to work properly.
We have seen discrepancies when attempting to stage client machines using PXE, where a boot image loaded at the client, will attempt a connection to the infrastructure server via a DOS driver. When it tries to logon to the staging server an "ACCESS Denied" error message may be shown or the boot-image stops with the last process message “Login to Server…” on the screen. This happens when the OSDepot is located in a Windows 2003 server which policies are not yet set.
Domain Controller Security Settings
All policies that use signatures or encryption need to be disabled as shown below, to allow DOS based clients to connect to the server during OS installations.
If the share model is not set to classic, Rollout and Image-Backup functionality cannot write to a share because the default access roles these tasks receive is the standard “Guest” role.
Note: Subsequently, these policies can be immediately activated with "gpupdate.exe /force" command.
Share Level Security
Default Security on the share in Windows 2003 is Readonly that causes that Floppy based OSDeploy cannot write the profile to the server. Also the backup of Ghost Images does not work in this case.
Password Complexity Requirements
The Columbus default password "brainware" does not meet Windows 2003 Complexity Requirements for passwords. If you want to keep Complexity Requirements, you need to change the password. Otherwise you may disable the Complexity Requirements as follows:
