Recently, I completed a desktop deployment project of about +/- 1500 clients. I was responsible for creating the teams, guiding them technically and assist as overall architect in each of these teams and I wanted to share some information which might be interesting for your future desktop deployment projects, certainly with Windows 7 coming at you!
The overall approach of the project was to create internal workgroups (read: teams) responsible for specific areas of the project. We ended up creating 4 teams due to the limited resources on the project.
- Hardware
- Application Compatibility & Package Delivery
- Deployment
- Configuration & Feature Set
Hardware workgroup
This team is responsible for the evaluation of the future hardware platform (both desktop, laptop, tablet, screens, …), maintenance contracts, SLAs, hardware roadmap.
The objective of the workgroup is to propose a number of “hardware profiles” (read: hardware configuration), which represent hardware standards for the new platform.
We ended up with the following hardware profiles:
- Power Desktop (+2 GB RAM)
- Normal/Standard Desktop
- Normal/Standard Laptop
- Power Laptop (+2 GB RAM, HDD 7200 RPM)
- Normal/Standard Tablet PC
Application Compatibility & Package Delivery workgroup
This team is responsible of inventorising all applications used within the organization and validating its application compatibility towards the new platform.
The objectives of the workgroup is to assure application compatibility for list of applications (both core and supplemental), deliver these applications in a packaged installation form and validate the overall compatibility/stability of all applications together (as a whole) on the new client platform.
Applications are split up into several groups and categories.
| Groups - Core applications
- Supplemental applications
|
|
Core applications are considered base applications and are common to all users/computers and will be included by default inside the image. Supplemental applications are task- or role-specific and are added afterwards in a manual, semi-automatic or automatic way.
Each application receives a weight to identify the importance in the organization.
Below you will find a list of most of the core applications:
- Office 2007 MUI (EN/NL/FR) SP1 + hotfixes
- Office 2007 addons (such as XPS/PDF, Calendar Print Assistant)
- Adobe Acrobat 9 MUI (EN/NL/FR)
- Mobile Device Center
- Core OS: Powershell, Group Policy Preferences
- Base platform components (providing user and helpdesk with “shortcuts” to crucial system related information)
- Terminal Emulation Client (IBM)
- Core business applications
- Anti-virus (McAfee VirusScan & Anti-Spyware)
Another task of this team is to deliver installation packages (read: automated installations) for each of the core applications (mandatory) and for the supplemental applications (not-mandatory - depending in the population).
Configuration & Feature Set workgroup
This team is responsible for the configuration of the overall image and especially with the featureset used for the OS. The operating system used is Windows Vista Enterprise with SP1.
The objectives of this team is to deliver guidelines about the technologies to use and create design documents for these technologies and/or features and provide automation (scripts, procedures, …) necessary to configure those.
Below you find a list of some of the topics and/or features that were tackled:
- Folder Redirection
- Offline Files and Folders
- MUI Language packs (EN/FR/NL)
- Bitlocker
- Remote Assistance/Remote Desktop
- Power Management
- Internet Explorer
- Network Access Protection (NAP)
- Powershell
- Printing
- UI branding & restriction
- Security Hardening
- Driver injection (offline and online: local, network)
- Windows Recovery Environment
An important focus for this workgroup/team is on
- Group Policies
- Group Policy Preferences
- Automation through scripting
Deployment workgroup
This team is responsible for designing the approach for desktop deployment and building an management infrastructure.
The objective of this team is to deliver guidelines about the deployment process, deliver the final image and provide automation for a simple and smooth deployment process.
The pre-staging of the image was done in the factory by the OEM. When delivering the machines and attaching them to the network the “post-installation configuration” proceeds.
This process changes the randomly-generated computername to a custom-provided computername (following the naming conventions) and sets some defaults (MUI language, OU location, printers, …) based on the physical location of the client computer (using Active Directory Sites and Services).
When a minor problem prevents the system/OS from starting, the installed Windows RE will kick in and attempt an automated system repair.
When a major problem prevents the system from starting or the system/applications are not behaving as required, a recovery-solution was developed based on Windows PE and Windows Imaging (.wim) which allows a complete system restore to be done within 20 minutes, bringing the system back to its initial installation state.
When required, a technician can initiate a local reinstallation (using USB disk) or network-based reinstallation (using WDS – Windows Deployment Services). The approach depends on the local network connectivity of course.
When a serious hardware problem arises, a clean (read: pre-staged) client machine is delivered within the respected hardware SLA and the user continue to work once the “post-installation configuration” process completes.
I hope this has given you some idea about the overall approach and technologies used in a typical desktop deployment project.