Paul and Andrew's Guide to Symantec Ghost

Symantec Ghost is a software tool that performs three functions that are important to a system administrator: cloning computers, configuring computers, and limited asset management. Although fairly straighforward, some of its default options can be poor and sometimes Ghost does not function as might be expected. Paul and Andrew spent half a summer finding a way to Ghost that works for them, and these are some nuggets of insight.

  1. Multicast: just don't do it! Multicast only appears to work effectively on hubbed networks and well configured switched networks. Under most other circumstances, however, multicast will fail or work unreliably. Since it is fairly likely that your network is switched, use "Direct Broadcast" instead.

    Direct broadcast works by sending image packets to the broadcast addresses for each subnet that contain computers that are to be ghosted. That means that if your computers are spread across three subnets, you generate three times the traffic. This mode is your best bet for getting ghost to work on your switched network.

  2. UDP WINS Packet Checksum Bug on Symantec Ghost Dos Client: Ghost implements two methods of identifying the Ghost Console Server: It first sends a multicast packet to poll for a given server. Failing that, Ghost will attempt to perform a WINS name lookup for the server. The multicast poll may fail or not work reliably if the network is switched (again, depending on whether the switches are set up correctly), so the primary means to find the Ghost Console Server is the WINS lookup. Unfortunately, at least on our copy of Ghost, the UDP checksum for these lookup packets were being calculated incorrectly, so we created ghostfix to correct the issue. If you experience problems with the DOS Symantec Ghost Console Client not finding the Ghost Console Server, ghostfix may help.

  3. pubkey.crt: this file helps the DOS and Win32 Symantec Ghost Console Client find the appropriate server. When you first install the client, the installer asks for the name of the machine that will be the server, and from that generates a pubkey.crt file. When the client finds the server, it recieves a public key from the server and puts it into the pubkey.crt file. In this way, Ghost uses PKI to authenticate the server thereafter. You can copy the pubkey.crt file onto a computer manually if necessary. You can also replace the file with a file containing the name of the server. When the file contains only the name of the server, Ghost will automatically download the pubkey.crt file from that server. Without a pubkey.crt file, ghost will try to find any server.

  4. Video Problems: Ghost sometimes experiences problems displaying it's GUI. We found this to be ok; it still worked (running an unattended ghost).

  5. Bootable Floppies: We have, so far, not succeeded in creating unassisted ghost floppies with v7.5. The issue is that Ghosts' command line parameters easily allow automatically connecting to a multicast session, however there appears to be no way to directly connect to a direct broadcast session given the IP address of the server. Testing ghost command line options was done before the development of ghostfix, which may or may not be able to solve this problem. What is known to work is a partially unassisted ghost floppy by editing the autoexec.bat file and changing the ghost line to:

    ghost.exe -jaddr=YOURSERVERIPHERE -sure -rb

    Once the ghost floppy boots up (the floppy light stops blinking), you may remove the floppy. Type "gd" to start a direct broadcast session, type the session name, choose the connect to IP option, and start.

  6. To boot normally back into the normal partition instead of the ghost virtual partition, go to the ghost folder if not already in it, and type "ngctdos -hide"

  7. If the domain controller is a Windows 2000+ server, then you need to give the ghost account privileges to create machine accounts. If the computers on the domain are Windows XP clients, then you need to delete the machine accounts on the server before allowing ghost to join the machines to the domain. Ghost recreates the machine accounts, but fails to do so if ones already exist.

  8. Windows Ghost Console Client Debug: Place the mouse cursor at the upper left corner of the screen and keep the control key down. A new system tray icon will appear, allowing you to access Norton Ghost Console Client's output window.

Hopefully these tips will help you avoid the common pitfalls of using Ghost.

We would like to thank Bentley College's Ghost Dude, Scott Bottomley, for his invaluable time helping us attempt to troubleshoot the DOS Ghost Console Client.