Professional Documents
Culture Documents
User Manual
Youngzsoft 2019
Active Directory
CCBoot Works With Active Directory
Preparation
1) You should have successfully installed CCBoot and diskless booted your clients. In this
example, CCBoot server's IP address is 192.168.1.200
2) Windows Domain Services has already been installed, and the domain server's IP address is
192.168.1.200.(For details, please refer to "Install Windows Domain Service").
Note. Window Server 2008 is used as Domain Server as well as CCBoot Server.
3) CCBoot server can be on the same computer with Windows domain server or different
computer,depends on you.
1. Add PC to Domain
1) Open the CCBoot installation directory, copy "CCBootAD.exe" files to the domain server.
3) Click the"Add" button in the popup "CCBoot AD" dialogbox (Figure 1).
Figure 1
4) Click the"..." button in the popup "CCBootAD Machine" dialog box to select domain
"Computers", type PC101 into the "Machine Name" edit box, and click the "OK" button, then the
operation is completed (Figure 2).
Figure 2
5) If you want other clients to join the domain as well, you can repeat the above operation steps.
6) Also you can add PCs from command line. Follow this template: CCBootAD [Machine Name]
[Organization] (Figure 3).
Parameter "Organization" - you can use from step 4.
Figure 3
7) Then you can open the CCBoot installation directory and run "CCBootAD.exe" and Press
"List" to check if PC was added properly (Figure 4).
Figure 4
2. Add Personal Disk
1) Set a personal disk for PC101. Please refer to "The usage of personal disk" for details.
2) In the popup"CCBoot Options" dialog box, select the "DHCP Settings" tab, and type the
domain server's IP address into the "DNS Address 1"edit box, then click the "OK" button (Figure
5).
Figure 5
4) In the popup "CCBoot Options" dialog box, click the "General" tab, tick the “Login With
Domain” check box and type in the domain name in this case it “test.com”, if have OU settings,
you can set domain name as "test.com OU=testOU,DC=test,DC=com" (more info), and click
“OK” to save the settings (Figure 6).
Figure 6
4. Add AD Support
Since test version 20160516 the addition of AD support has been changed to make it easier for
users to use Active Directory function.
1) Diskless boot PC101 with super client which has personal disk enabled.
2) Login PC101 with the local account of administrator.
3) Run the C:\CCBootClient program, in the "CCBoot Client" dialog box and click the "Install AD
Support" button in the "CCBoot Client"dialog box, then click “Yes” in the preceding dialog box
(Figure 7).
Figure 7
4) Now another pop up dialog box will open asking you to choose the drive to store the “User
Profile” ( Figure 8).
Note: The drive referred here is personal disk assigned to the clients. Hence, before you do this
step you need to enable personal disk for the client.
Figure 8
5) Now, click the drop down menu in the red box and choose the drive (in this case we E:\),now
click “OK” to continue (Figure 9).
Figure 9
6) Once you click the OK button, it will notify you that the client needs to be restarted. Click OK
or close the prompt and client will reboot.
7) Once the client reboots i will show you the domain login window.
8) Login to Domain Administrator account to Add domain users to the client PC.
Figure 10
2) Login the computer with the domain administrator account. In this case
“TEST\Administrator” (Figure 11) .
Figure 11
3) Now, you can login to domain using “Users” account. To login, Open CCBoot Client
Application, then choose “Logon AD user” (Figure 12).
Figure 12
4) It will Open “AD User” dialog box,enter your domain username, password and domain
name and click “OK” (Figure 13).
Figure 13
5) Once it successfully logins then another prompt will open, telling you the adding user was
successful and disable the superclient and update the image. Press “Yes” to proceed with
saving the image (Figure 14).
Figure 14
6) Press “Yes” in the preceding dialog box to save the image, you can create recovery image
you like (Figure 15).
Figure 15
2) Now, you can reset any users you want. To reset a user, Open CCBoot Client Application,
then choose “Resetting AD user” (Figure 17).
Figure 17
3) It will Open “AD User” dialog box, enter your domain username, password and domain
name you want to reset and click “OK” (as in Figure 18).
Figure 18
4) Once the user has been successfully reset then another prompt will open, telling you the
Resetting user was successful and disable the superclient and update the image. Press “OK” to
proceed with saving the image (Figure 19).
Figure 19
5) Press “Yes” in the preceding dialog box to save the image, you can create recovery image
you like (Figure 20).
Figure 20
Note: The computers, which are needed to join the domain, should be set the correct
time,otherwise it will fail to join the domain.
We have created a video - "CCBoot Works With Active Directory"
Note:
1. The computers, which are needed to add into domain, should be set for the right time, or it
will be failed to add.
2. Use Win2008 system as domain server, XP system as client, please process following
operations on domain server:
(Remember: If you use windows 7 or higher on client you can skip this step.)
1) Log in domain server of Windows Server 2008.
2) Click "Start" and enter "gpmc.msc" in edit box of "Run", then press "Enter".
3) Unfold "Domain Name" in popup window of "Group Policy Management", then
right-click "Default Domain Policy", and click to choose "Edit" (Figure 21).
Figure 21
5) Choose "Enabled" radio button in popup dialog box of "Allow cryptography algorithms
compatible with Windows NT 4.0", then click "OK" button (Figure 23).
Figure 23
6) Close all dialog boxes at last.
Install Windows Domain Service
Installation steps are as follows:
1) Select a computer as the server. Install Windows 2008 R2 system.
2) Assign a static IP. (Click on the "Start" - > "Control Panel" - > "Network and Internet" - >
"Network and Sharing Center" - > "Local Area Connection"; in the pop-up dialog box, click
"Properties"; in the pop-up dialog box, double-click the "Internet Protocol Version 4 (TCP/IPV4)",
an "Internet Protocol Version 4 (TCP/IPV4) Properties" dialog box will pop up) (Figure 1‑1).
Figure 1‑1
3) In the command line window, run "net user administrator /passwordreq:yes" (Figure 1‑2).
Figure 1‑2
4) Set up a complex password for Administrator: the password must be "digital + capital and
small letters + special symbols", such as "123qweASD @#!", and the password length must be
longer than 8.
5) Click on the "Start", type "dcpromo" in the "Run" edit box, press enter (Figure 1‑3).
Figure 1‑3
6) Wait for the "Active Directory Domain Services" installation wizard (Figure 1‑4).
Figure 1‑4
7) In the pop-up "Active Directory Domain Services Installation Wizard" dialog box, click "Next"
button (Figure 1‑5).
Figure 1‑5
8) In the "Choose a Deployment Configuration" dialog box, select the "Create a new domain in a
new forest" radio button (Figure 1‑6).
Figure 1‑6
9) In the "Name the Forest Root Domian" dialog box, after typing Domain Name, click "Next"
button (Figure 1‑7).
Figure 1‑7
10) In the "Domain NetBIOS Name" dialog box, click the "Next" button (Figure 1‑8).
Figure 1‑8
11) In the "Set Forest Functional Level" dialog box, leave the default settings, click "Next" button
(Figure 1‑9).
Figure 1‑9
12) In the "Additional Domain Controller Options" dialog box, select the "DNS server" check box,
and click the "Next" button (Figure 1‑10).
Figure 1‑10
13) In the pop-up "Active Directory Domain Services Installation Wizard" dialog box, click the
"Yes" button (Figure 1‑11).
Figure 1‑11
14) In the "Location for Database.Log Files.and SYSVOL" dialog box, leave the default settings,
click "Next" button (Figure 1‑12).
Figure 1‑12
15) In the "Directory Services Restore Mode Administrator Password" dialog box, type the
password, click the "Next" button (Figure 1‑13).
Figure 1‑13
17) After the installation is finished, click "Finish" button (Figure 1‑15).
Figure 1‑15
1. Preparations
1) On the AD domain server, create a directory, as save path for all user profiles, for example,
D: \Users.
2) A network share this directory, set permissions for everyone to read and write (Figure 1‑1).
Figure 1‑1
3) Set roaming path for each domain user. For example, wandering path for domain user "User"
is set as \\Server\Users\User, where \\Server\Users is a shared network address of the user
configuration file directory, "User" is a directory name of domain user (Figure 1‑2).
Figure 1‑2
2. Setup steps
1) On the CCBoot server, add personal disk for each client, how to add personal disk. Details
please refer to "use of personal disk" (Figure 1‑3).
Figure 1‑3
2) Start client in super user mode (in the case of the PC101), login with the local Administrator
user.
3) In the "Disk Management" window, format the personal disk (Figure 1‑4).
Figure 1‑4
4) Click "Start" button, type "regedit" in the "Run" edit box, press enter.
5) In the pop-up "Registry Editor" window, navigate to:
"HKEY_LOCAL_MACHINE\SOFRWARE\Microsoft\WindowsNT\CurrentVersion\ProfileList",
then double-click "ProfilesDirectory" (Figure 1‑5).
Figure 1‑5
6) In the pop-up "Edit String" dialog box, change the numerical data of ProfilesDirectory" into
"D:\Users" (Figure 1‑6).
Figure 1‑6
Figure 1‑7
Solutions:
1) When there is a warning shown, reboot the machine.
2) Use the administrator account to login the system.
3) Click the "Start" button, type "regedit" in the "Run" edit box, and then press enter.
4) In the pop-up "Registry Editor" dialog box, navigate to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ProfileLis",
expand all the branches, click each branch node one by one, find the branch with
"CentralProfile" value of "\\server\users\fanbiao.V2", and delete that branch node (Figure 1‑9).
Figure 1‑9
5) Logout the machine, then after using the domain account (fanbiao) to login the system, you
won't get "warning".
Figure 1‑10
3) In the pop-up "Properties" dialog box, click the "Security" tab, and then click "Content" button.
4) In the pop-up "Advanced Security Settings" dialog box, select "Administrators
(DOMAIN\Administrators)", then select "Replace owner on subcontainers and objects" check
box, and then click "OK" button (Figure 1‑12).
Figure 1‑12
5) In the pop-up "Error Applying Security" dialog box, click the "Continue" button (Figure 1‑13).
Figure 1‑13
6) After obtaining permission to delete the file, delete the file "fanbiao.V2".
Login the client with the local administrator account, and delete the local files and registry
entries
1) On the client machine, login with the administrator account, login interface (Figure 1‑14).
Figure 1‑14
2) Open the "D:\Users\fanbiao" directory, and copy the "Desktop" files under the "fanbiao" folder
to D root directory as backup.
4) Click on the "Start", type "regedit" in the "Run" edit box, press enter.
7) Login the system with a domain account; it will automatically generate a new "fanbiao" folder
at the "D:\Users" directory. At the same time, in the domain user profile roaming path of the
server will also produce a "fanbiao.v2" directory.
8) Copy the "desktop" folder of D root directory to the D:\Users\fanbiao directory, and replace
"desktop" folder under the "D:\Users\fanbiao" directory.
With this function, under the circumstance of domain (active directory), you can save the
desktop data of Win7 domain users, and the data will not be lost even after rebooting clients.
Setup Steps
1)On the CCBoot server, add personal disk for each client (Figure 1‑1). For details please refer
to "Use of Personal Disk".
Figure 1‑1
2) Diskless boot one of the client PCs with super client (such as PC101), and login with the local
Administrator user.
3) In the "Disk Management" window, you can see the personal disk "CCBoot Personal Disk"
(Figure 1‑2).
Figure 1‑2
4) Click"Start" button, type "reg edit" in the "Run" edit box, and press "Enter".
5)In the pop up "Registry Editor" window, navigate
to"HKEY_LOCAL_MACHINE\SOFRWARE\Microsoft\WindowsNT\CurrentVersion\ProfileList",th
en double click "ProfilesDirectory" (Figure 1‑3).
Figure 1‑3
6)In the pop up "Edit String" dialog box, change the "Value data"of "ProfilesDirectory" to
"E:\Users" (Figure 1‑4).
Figure 1‑4
8) Login all the domain users accounts one by one, and then logoff them .
Figure 1‑5
13) Diskless boot other clientPCs, format their personal disks on "Disk Management" one by
one.
4) Click the"..." button in the pop up "CCBootAD Machine" dialog box toselect domain
"Computers", type the machine name into the"Machine Name" edit box, and click the "OK"
button (Figure1-7).
Figure 1-7
5) Login the newly addedmachine with administrator account, initialize and format the personal
disk.
Add a New User
2) If the new domain account will be used on PC201, then enable super client for PC201 on
CCBoot Server.
1)Please check whether you have added this client PC's CCBootAD.exe to the domain server. For
details, please refer to "3 Domain Server Settings".
2) Please check whether the command of join domain was set correctly or not. If not, please correct it.
3) Open "CCBoot Options" dialog box, click the "General" tab, tick the “Login With Domain” check box
and type in the domain name in this case it “test.com”,and click “OK” to save the settings (Figure 1-1).
Figure 1-1
3) Once above is done,boot the client and Go to C:\CCBootClient\Log, open the latest log of this client
PC, if it joined domain successfully, it will show similar text as below in the log file (Figure 1-2).
Figure 1-2
If this client PC failed to join domain, it will show the reason there, so we can find a solution regarding this
problem accordingly (Figure 1-3).
Figure 1-3
Problem:
Diskless booting Win7 Enterprise x64, local account login works.
Set up Active Directory Domain Controller with Server 2008, and can join physical workstations
to it and log in domain accounts to workstations. Works fine. This is the same server that
CCBoot is running on.
Followed steps found at http://www.ccboot.com/wiki-ccboot-active-directory-steps.htm until "5
Domain Account Login", "2) Login the computer with the domain account". This is where it fails:
#1 - Ctrl - Alt - Del screen
#2 - Enter domain account name and password
#3 - Welcome screen
#4 - Preparing desktop screen
#5 - You will not see desktop background screen (instead you will see solid color, no picture,
Test Mode watermark in lower right corner)
#6 - And shows Logging off screen after few seconds.
Workstation then goes back to #1. Total time to go from screen #2 through screen #6 is about 3
seconds.
This issue occurs with both physical workstations AND virtual machines running under ESXi
v5.1.
Solution:
1) Diskless boot a client PC with super client, click the "Start" button, enter "regedit" in the "Run"
edit box, and then press the "Enter" key.
2) In the pop up "Registry Editor" form, navigate to
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", in
the right side of the form, double click "userinit", delete "C:\CCBootClient\CCBootClient.exe
-init," from "C:\Windows\system32\userinit.exe,C:\CCBootClient\CCBootClient.exe -init," (Note:
Only keep the first comma, the second comma should be delete.) (Figure 1-1).
Figure 1-1
3) Close the "Registry Editor" form and shutdown this client PC.
4) On CCBoot server, disable super client for this client PC.