Implementing the Windows To Go Concept in an Enterprise Environment Tim NilimaaIT ExpertKnowledge Factory

DC-B304

AgendaWindows To Go – The conceptRequirements for Windows To Go

HardwareSoftwareConfiguration Manager

Enabling Users through Self ServiceService ManagerOrchestrator

Windows To Go – the conceptFull version of WindowsLaptop ”replacement”122 gram vs 3,7kg (4.3oz vs 8.1lbs)Enterprise client

HardwareBoot process Capable of USB boot

Firmware

USB boot enabled. (PCs certified for use with Windows 7 or Windows 8 can be configured to boot directly from USB, check with the hardware manufacturer if you are unsure of the ability of your PC to boot from USB)

Processor architecture Must support the image on the Windows To Go drive

External USB Hubs Not supported; connect the Windows To Go drive directly to the host machine.

Processor 1 Ghz or fasterRAM 2 GB or greater

Graphics DirectX 9 graphics device with WDDM 1.2 or greater driver.

USB port USB 2.0 port or greater

Boot process Capable of USB boot

Processor architecture Must support the image on the Windows To Go drive

External USB Hubs Not supported; connect the Windows To Go drive directly to the host machine.

USB port USB 2.0 port or greater

Software

Windows 8 Enterprise

DirectAccess Public Key Infrastructure

IPv6Configuration Manager

Operations Manager

Active DirectoryFile server

Exchange

Azure

Service Manager

Network Access Protection

Orchestrator

PowerShell

SQL Server

Sharepoint

Assessment and Deployment Toolkit

IISEndpoint Protection

IPv4

Windows To Go in ConfigMgrRequires ConfigMgr 2012 SP1Uses Prestage MediaDrivers – New version of “Total Control”

Demo environment

MMS13-SM02Windows Server 2008 R2

Service Manager Self Service Portal

MMS13-SM01Windows Server 2012

Service Manager

MMS13-CM01Configuration Manager

MMS13-DC01Windows Server 2012

MMS13-RouterWindows Server 2012

RouterMMS13-DA01

Windows Server 2012DirectAccess

MMS13-OR01Windows Server 2012

Orchestrator

Creating the Windows To Go Task Sequence

Prestart command to ask for BitLocker PINdim osd: set env = CreateObject(“Microsoft.SMS.TSEnvironment”)dim logPathlogPath = env(“_SMSTSLogPath”)

dim BitLockerPassphraseBitLockerPassphrase = inputbox(“Enter BitLocker Passphrase” ,”Enter BitLocker Passphrase:”,””,400,0)

env(“OSDBitLockerPIN”) = BitLockerPassphrase

Windows To Go – an enterprise clientVPN – Make sure the user can access corp resourcesAntivirus – Make sure the client is free from malwareBitLocker – Protect the data on the client

BitLockerDoes not use TPM – obviously<ConfigMgr InstallDir>\OSD\Tools\WTG\BitLocker

Enabling BitLocker for Windows To Go

A normal clientIt is fully supported to install applications in Windows To GoNeeds software updates as well as antivirus software

Creating the corporate WIM-file for Windows To Go

Creating the WTG package

Enabling the userAllow the user to order a Windows To Go in Service Manager Self-Service Portal

Service Manager Offering

Orchestrator runbook

This is not a virtual environment

Evaluation

Complete your session evaluations today and enter to win prizes daily. Provide your feedback at a CommNet kiosk or log on at www.2013mms.com.Upon submission you will receive instant notification if you have won a prize. Prize pickup is at the Information Desk located in Attendee Services in the Mandalay Bay Foyer. Entry details can be found on the MMS website.

We want to hear from you!

Resources

http://channel9.msdn.com/Events

Access MMS Online to view session recordings after the event.

© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.