Disk Preparation
Preparing the Ultimate System
Irrespective of the hardware used, there's an optimum method of preparing the system for future problems..
Disk Preparation

The following is a way of bringing together all the stuff about hard disk management and disk imaging, consoldating it into a working system. This is how I set up all my clients' machines and this is the way I recommend you do it too. The instructions can be used for laptops as well as PCs

If you're building a system for somebody else, this will make your life much easier; you will get fewer support calls and will be less of a user's bitch. I mean, you know what users are like; they never do what you advise and they end up with crashed, hacked or infected systems and expect you to pick up the pieces.

Using these methods will ensure the operating system and installed applications will be backed up and can be quickly and easily restored, in case of adverse events. And you can charge for several hours work! Read all the articles under Disk Preparation and Storage for the background theory.

Ideally a new system should have the operating system on CD. If not, obtain an installation CD of the same OS type as has been ordered. We're talking mostly Windows here and some install CDs have the service packs already installed. If not, check out the lowdown on slipstreaming SPs. Otherwise install the SP separately, after Windows is up and running.

Essential Ingredients

The critical feature of this whole setup is the ability to take images of the hard disk, keeping the images somewhere safe where they can be used to restore a faulty system, when needed. Sometimes system faults can be quickly diagnosed and fixed, but if it's likely to take a long time then reimaging the OS is often faster and easier.

Another essential element is to keep user data separate from the OS and applications. This is where the second important concept kicks in, that of dividing the hard disk into multiple partitions, rather than lumping everything on the same single partition. Obviously if everything's together, then reimaging will overwrite data files as well as the OS, causing the user to lose everything.

Additionally, if there's only one partition, then the disk images will have to be stored and restored from elsewhere - typically CD or DVD - which can be much slower for reimaging. I also advocate partitioning so that the drive image can be stored on another partition and quickly restored, with backups on CD/DVD for utter emergencies (i.e. loss of total disk data).

a] Slice the drive and install the OS

First step is to partition the drive, starting with a virginal hard disk with no partitions. Partitioning can be performed from the Windows install, rather than partitioning the disk first. When it comes to selecting a Primary Partition size, I usually go for 5-10GB. Remember you've gotta get the OS plus service packs plus all the user's required programs on there. Not to mention the swap file. Leave the rest of the disk as 'free space' for now.

b] Create extra partitions and image the Primary

Once Windows is initially up and running in its virgin state, I take a first image of the Windows drive, usually C: That way if anything goes wrong during subsequent configuration, there's always a fully installed Windows image to fall back on. This has saved me much time and heartache on a few occasions.

From Windows Disk Manager, create two logical drives, D: and E: drive. D: is formatted as NTFS and with a volume label of DATA or something. This partition will be used for the user's personal files and data. E: is formatted as FAT32 and will only hold a drive image for reimaging the system. As for the sizes of these partitions, that depends on requirements. E: only needs to be large enough to contain an image of C: which will be roughly half the size of the data on C: once it's compressed (to usually to around 50% max).

Andy's Hard Disk

In the above example, the hard disk has a Primary Partition and two Logical Drives. The D: partition is clearly labelled as such, but the second Logical Drive has had the drive letter removed (the partition is still there) so it's 'invisible' to XP from normal applications, such as Windows Explorer.

I always move CD-ROMs and DVD drives up the drive letter chain, P: for CD-ROM (Player), R: for CD-RW (Recorder) and V: for DVD. This way when extra drives are added - I commonly use a USB Drive - then the optical drives' letters are unaffected..

c] Configure the OS and applications

Configure the programs and OS to specification. It's important to get everything fixed and imaged and secure before connecting to the internet, as once you're on line, you're potentially vulnerable. You must have antivirus and a firewall before connecting, no exceptions. Either use Windows' own firewall or a third party one such as the free Kerio Personal Firewall or Zone Alarm. Do this and get the modem running before connecting to the internet.

Once you're on-line, it can be a bit of a 'Catch 22' situation, where an internet connection is required to patch a system, so that it's then more secure on the internet. A couple of options here, either obtain the updates from a separate source, or connect but don't surf. Just run the Update Manager and let Microsoft do the rest. This may include Product Activation of the OS. Get everything patched and updated and activated, including current virus definitions.

Keeping user data safe

Before preparing the system, sit down with the client and find out how they plan to use the computer. In addition to programs, they will have application data relating to customised program settings. Get these configured before the second imaging.

Perhaps more importantly, the user's documents must be kept safe on that second partition. One method of forcing data to go to D:\ is to move the My Documents folder. Firstly create a new folder on D:\ such as D:\Docs. Next right click on the My Documents icon on the desktop and select Properties..

My Documents Properties..

In the pop up box, type the new path to documents on D:\..

New Location for My Documents..

This will force all default document saves to the D: drive, where they won't get harmed after reimaging C:.

One thing which is often irreplaceable is the user's own files. Never become responsible for a user's data: show them how to look after it. CD/DVD writers are cheap and indispensible. Make sure the user backs up their D: drive regularly. Make sure they understand that sooner or later, they will lose data if it is not backed up to additional locations. Write them a batch file to do it at the click of an icon if they're struggling.


One potential source of data loss is through email. For instance many people use some version of Outleek, which by default isits on the C: drive. Additionally Outlook's messages are in .pst format, which many users find confusing.

Personally I don't ever recommend my users use Outlook due to these and other security issues. I use Eudora Pro and actually install it inside D:\Progs, where I know all my emails will be safe. For a very competent freebie, why not try the excellent new open source Mozilla Thunderbird, which can also be installed on D:..

Thunderbird Attachments Location..

Once installed, don't forget to tell it where to store any attachments..

Thunderbird Attachments Location..

Run Thunderbird and get it working, collecting and sending emails. Finally make Thunderbird move its profile files to D:\.

d] Take a second image and hide it

This second image will be the working image used to restore the system (Primary Partition) in case of problems. Don't create this image until all programs and tweaks have been configured to requirements. Once the image is made, if the system is restored using this image at any time in the future, then the system will be back exactly to this same state.

Copy the image to CD/DVD for backup and then move the image to the FAT32 partition, in this case E:. Finally remove the drive letter in XP's Disk Manager. To get there, right click on the desktop's My Computer icon and select manage from the drop down menu. Under Computer Management, select Disk Management.

Right click on the partition and from the drop down menu, select Change Drive Letter and Paths..

Change Drive Letter and Paths..

Under the next popup window, hit the Remove button (Change alters the assigned letter)..

Remove Drive Letter..

The partition is still visible in Disk Management, but will have no drive letter assigned for use with any programs (clicking Add restores a selected drive letter).

Drive Letters and Volume Names

When the system is booted from a FAT32/DOS7 based Ghost boot disk, the end partition will be visible and allocated the drive letter C:. Watch out here as the drive letters change according to what OS is looking at them. XP can see NTFS so it starts allocating drive letters from the first NTFS drive it sees, the Primary Partition. However DOS7 cannot natively read NTFS partitions, so it start allocating drive letters from the first partition is recognises, in this case the FAT32 logical.

So the cool thing here is that under XP the E: drive is hidden and thus safer from accidental deletion, meddling, infection, etc., but the Ghost Disk will still see it. Nice.

Remember and this is important, drive letters are totally relative to the OS and are thus changeable under different operating systems. The universal way to identify partitions under any circumstances is to number them, usually in order of creation, "partition 1", "partition 2", etc. Norton Ghost will identify volume names as well, so these can be useful when trying to identify partitions; hence label C: as WinXP and D: as DATA and E: as IMAGES, etc.

But Ghost can read and write to NTFS! Why the FAT still?

Why indeed! Traditionally images had to be written to and read from FAT32 partitions under Ghost. However from v2003, ghost.exe grew in size by almost 300KB. This was mainly drivers to allow it to read NTFS and meant that all partitions could now be NTFS formatted and Ghost could still read them and copy images to them. Very cool!

However, recently I was trying to image a client's machine, using an image of the Primary which was stored on the same disk on the Logical Drive. Ghost wouldn't see it! I could image from the same Ghost archives on CD and all was fine.

The long and the short of it is that I used subst.exe to fool Ghost into thinking the image was on another drive and all was well. The only caveat here is that the partition containing the Ghost image has to be FAT32 for subst.exe to see it. QED use subst and FAT32.

The imaging process

The technician must remember that, although the tremendous advantages of this system are self evident, the average user may not appreciate them as much and will certainly not be interested in, or indeed capable of, reimaging the system manually. This is where the automation bit kicks in. Prepare a Ghost imaging floppy which will do everything for the user. All they have to do is put the disk in and turn on the computer. Once the imaging process is finished, Ghost has been instructed to close down and the batch file instructs the user to remove the floppy and reboot the PC..

Here's an example of my own autoexec.bat file..
Note that the boot disk would indeed allocate the first (and only) drive letter to the first FAT32 partition, i.e. C:, but then subst.exe copies this path C:\GHOST (drive letter and directory) and remaps it to a new virtual drive, called X:. The image is then run from X:.

Another useful feature of using the FAT32 partition is that you can put ghost.exe on to this drive; floppy disk space is always at a premium and ghost.exe and subst.exe may not all fit. Also, having Ghost physically on the hard drive greatly speeds up its loading. Whack SUBST up there too. Don't forget to alter the paths in autoxec.bat accordingly..

Testing the thing..

It's really important to test the reimaging process before handing it over. Once it's running smoothly, get the client to have a go and make sure they understand all those really difficult tasks you've set them, like putting a floppy disk in the computer and turning it on/off.

What about updates?

Here is the main clincher. Modern operating systems (Microsoft) dictate that periodically various updates should be loaded to keep the system secure and stable. Additionally other software patches need to be added occasionally, and antivirus signatures regularly. If the system is reimaged after these updates have been added, they will be overwritten and the OS will be back to a previous state.

The only way to do it properly is to reimage the system, add the latest updates and then create a brand new image for future use. The new image contains all the latest patches and then becomes the new "baseline state" for the system. Likewise if the user has new programs they wish to keep permanently, then a new image must be created. The alternative is to download all the patches separately and reinstall them every time the system is imaged - a cumbersome and time consuming exercise.

So it comes about that, unless the user can be trained to reimage, update and then create a new image, perhaps a regular maintenance schedule needs to be arranged with the user for the technician to perform all these tasks. The previous image could be burned to disc and the new image placed on the E: drive. Keep the archive name the same name as the original, or change the name on the Ghost Floppy to reflect the new image name.

Unfortunately, with modern internet security issues, safe computer ownership is much more complex than it used to be. Most users are not aware or even interested enough to operate a computer which will be safe for very long. Microsoft and others are starting to help, like with XP's SP2 firewall. But there's still plenty of demand for a wise computer expert who knows how to set up a system which will stay good. This is high level stuff and for a job well done, make sure you charge them accordingly..
- A.

Put 21.10.2005 | | Refresh Page |