deploying windows 7 and office 2010download.microsoft.com/download/6/3/0/63055859-c76c... · ing of...
TRANSCRIPT
Deploying Windows 7 and Office 2010
Table of Contents 3 Windows and Office Upgrade: A Chance to Streamline the IT Environment
4 Top 10 Benefits of Windows 7
5 Top 10 Benefits of Office 2010
7 Choosing the Right Path 13 Implementing a Pilot Environment 20 Mass Deployment of Windows 7
14 Test Plan and Office 2010
8 Preparation Tasks 14 Pilot: Testing Processes for a Limited Range of Users 20 Required Server Roles
9 Let’s Plan and Scale! 14 How to Select Users for the Pilot 21 Mass Distribution Using MDT and WDS
11 What About the Applications? 16 Questions Related to the Hardware Pool 21 Mass Distribution Using SCCM
12 Implementation of a Reference Environment 16 Deployment Toolset 21 Office 2010 Deployment Options
13 User Profiles Need to Be Managed, Too! 18 Office 2010 Deployment Tools 23 Central Administration of the Resulting System
19 Developing Custom Solutions
State-of-the-art Desktop = User Efficiency 3
Whenever a new version of Windows or Office hits the market, we are always faced with tough choices. We need to consider whether or not it makes sense to upgrade to the latest version; take stock of the advantages offered; assess the workload migration would mean for the IT staff and users; think about the life-cycle of the hardware and software used by the organization, as well as the costs involved and return on investment.
Many will also ask if it is possible to streamline other system components during (or prior to) the migration period, so that the resulting system or even an interim, heterogeneous state may be more efficiently managed, with IT staff capable of flexibly and promptly fulfilling new business requirements.
Is it Possible to Gradually Migrate to the New Versions?Very few companies decide to replace all their desktop computers at the same time; the typical scenario is to have computers replaced on an ongoing basis, in line with user needs and the ag-ing of hardware. On average, small and mid-sized businesses replace all their computers every five years, corresponding to a 20% replacement rate of PCs and laptops each year.
New computers should of course be purchased with Windows 7 preinstalled, but what about the other 80% of machines in the first year? Using Microsoft technologies, nowadays it is easy to implement the management of heterogeneous environments that use two operating systems simultaneously, and given that the servers running in the background of the system have been properly prepared, it is possible to migrate users and computers from the old software to the new in a gradual and transparent manner.
Through the use of modern application virtualization and Remote Desktop Services, gradual and problem-free migration of business applications (e.g. between Office versions) is easy to achieve. With just a few clicks, users can be assigned Office versions to use, which will also be made available to them automatically. Today’s tools even enable users to run two differ-ent versions of Office simultaneously, allowing them enough time to familiarize themselves with the new system. Should compatibility issues arise, it is also possible to perform daily work with the older version, while IT experts resolve the problem or properly train users to work with the new Office version.
What is the Best Way to Start Migration?The first step should definitely be thorough planning: this document aims to provide all possible assistance in this regard. It is important to gather enough information before plan-ning, as today’s Windows, Office, management and server technologies allow for the creation of a system that is even capable of flexibly serving gradual migration and business requirements that may change over time.
The first step of planning should be an assessment of the current state of users, applications, data and IT tools, as well as user and business needs. This should be followed by a focus on server-based data, documents, user profiles and centralized and automated deployment and management processes.
Choosing this path simplifies the installation, replacement and maintenance of desktops both for the IT staff and the users to the degree that it becomes a part of daily routine.
The capability to replace the computers, operating systems and applications of users in a mat-ter of seconds not only simplifies migration, but also allows for the prompt replacement and deployment of lost, stolen or otherwise damaged machines (with all previous data and settings automatically restored).
Thin client or fat client? And if it does not work out?A further benefit of introducing the Microsoft solutions available today is that they support mak-ing major decisions, which would require committing a lot of work and financial resources (i.e. a lot of risk) in the case of other IT systems.
Through the centralized management of user profiles and documents, any user may choose to log in at any workstation, running either Windows XP, Windows Vista or Windows 7, be it a thin or fat client, in the office or from a remote location.
And this means that the management of the organization may at any time decide according to its business priorities which environment certain users may access, when they should receive new computers, whether they should be laptops, PCs or thin clients, and if employees should work in the office or from home.
The IT department may implement these changes transparently and with minimal effort, ensur-ing an optimal work environment for all users in each case.
Windows and Office Upgrade: A Chance to Streamline the IT Environment
4 State-of-the-art Desktop = User Efficiency
1. Business ProductivitySeveral integrated tools ensure easy, fast and secure work, leading to improved user experi-ence and efficiency. Analysts at IDC found that help desk labor costs can be reduced by 65% on average, while PC/OS support costs by 55% on average, for a 6-12 month return on investment by deploying Windows 7.
2. Data ProtectionStatistics show that on average 10% of laptops and 70% of USB devices are lost annually. In such cases, not only the loss of the devices causes concern; the data stored on them falling into the wrong hands may cause significantly greater damage. Windows 7 BitLocker allows for the centrally enforced encryption of data stored on computer hard disks and USB devices.
3. Anywhere AccessForrester reports that 10% of help desk calls are related to VPN connectivity issues. DirectAccess technology, introduced in Windows 7, provides users encrypted and direct ac-cess to the corporate network infrastructure in a transparent and automatic manner through a public medium.
4. Management Tools The toolset supporting the deployment and management of Windows 7 and Office 2010 applications includes the Microsoft Desktop Optimization Pack (MDOP) application suite, among others. MDOP offers significant assistance in application virtualization, centralized error handling, error diagnostics and resolution, resource planning and policy management.
MDOP includes: • Application Virtualization (App-V) • Microsoft Enterprise Desktop Virtualization (MED-V) • System Center Desktop Error Monitoring (DEM) • Diagnostics and Recovery Toolset (DaRT) • Asset Inventory Service (AIS) • Advanced Group Policy Management (AGPM)
5. VirtualizationBoth on their own and combined, application virtualization (App-V, MED-V) and workspace virtualization (RDS, VDI) solutions speed up and simplify setting up the optimal work envi-ronment. Thanks to these technologies, application deployment that used to take 1 month can now be carried out in 1 day, while application compatibility issues have become a thing of the past.
6. Version ControlAnalysts at IDC estimated 30%-35% savings in testing time and other resources from stan-dardizing on a single version of Windows and Office in the organization. To do so, both the operating system and the desktop application suite need to function as reliable system com-ponents. New developments in the areas of security and functionality are often only released in the latest versions of software, highlighting the importance of keeping products up-to-date. Both Windows 7 and Office 2010 offer Software Assurance, a licensing solution that guaran-tees you have the latest version.
7. SupportTo satisfy diverse requirements, Microsoft developed a broad support offering, components of which may also be chosen individually, supporting the deployment of Windows 7 and Office 2010, e.g. planning, application compatibility analysis and solution development, im-age engineering and customization. Customers with volume licensing agreements may ben-efit from the following Software Assurance support services: Desktop Deployment Planning Services (DDPS), SA training vouchers, 24/7 engineering support.
8. Integrated SecurityThe combination of several integrated tools and security enhancements (e.g. UAC, ASLR, DEP, Service Hardening, Patch Guard) ensure maximum security for the operating system and data. The new Security Center provides a transparent overview of the current security level of the operating system through a single interface, and also allows for its configuration. A unified security level may be achieved by enforcing group policies.
9. Integrated ManagementWindows 7 offers an expanded management toolset (e.g.: DISM, Windows Backup, PowerShell), using which operations staff may easily solve administrative tasks that were tedious and re-quired custom-developed solutions in the past. Windows 7 may also be centrally managed with Microsoft’s system management products (e.g.: System Center Essentials, System Center Configuration Manager).
10. Single Vendor SolutionThe integration of applications from a single vendor may substantially reduce costs, which is a key consideration for security, operations and system management tools alike. Microsoft’s solutions allow for the creation of a homogenous IT system, in which the operating system, applications and centralized management solutions are integrated by default.
Top 10 Benefits of Windows 7
State-of-the-art Desktop = User Efficiency 5
1. Unparalleled ProductivityThanks to rich media integration, fast data generation and the capability to analyze and pres-ent huge amounts of information, the Office 2010 suite reaches levels of productivity unparal-leled on the market.
2. Document Management and CollaborationCentral management of shared user content, online accessibility, management of corporate resources, access control, compliance, administration of documents’ life-cycles and multi-user document management together provide a functionality that enables faster document cre-ation and remote collaboration through direct interaction, eliminating the need for time- and cost-intensive personal meetings.
3. Project-Based WorkspaceBoth internal and external projects benefit from the participants’ ability to share information in a quick and simple manner. The collaboration support features of Office 2010 (e.g. shared workspace, shared calendar, distribution and tracking of tasks, sharing contact objects and schedules, wiki pages, central management of access privileges, etc.) make it possible for us-ers to create and share all relevant content for the project in a self-organized way.
4. Large MailboxesThanks to the ability of Office Outlook 2010 to manage mailboxes up to 50 GB in size, storage costs can be decreased by 50-70%, by taking advantage of the new data storage concept of Exchange 2010.
5. Virtual Access from AnywhereThe familiar Office experience can now be accessed from all kinds of devices, including PCs, phones and browsers. As a solution supporting mobile use, all software included in the Office suite can be run as virtual applications on most mobile devices.
6. Version ControlCustomers covered by Software Assurance can always use the most up-to-date version of Office.
7. SupportMicrosoft offers a variety of support options to help customers deploy Office 2010 on the company level, e.g. planning, application compatibility analysis and solution development, image engineering and customization, etc.
Support options: • Creating deployment plans • Training • 24/7 engineering support • Proof of Concept documents, Web pages
8. Unified IP-Based CommunicationsOrganizations rely more and more on quick and efficient integrated communication solutions. These channels are usually real time messaging, audio and video conferences, and Web-based portal solutions, that are all comprehensively supported by Office 2010.
9. Simple DeploymentThe automation solutions available for the deployment of Office 2010 offer significant cost savings, as the unified environment offers an easier and simpler way of implementation. At the same time, standardization reduces the required amount of support tasks, as there is less need for testing and user support, and the downtime resulting from data loss can also be minimized.
10. Centralized ManagementOffice 2010 applications can be centrally managed using tools familiar to operators (group policies, WSUS, SCE, SCOM, etc.), these facilitate the work of system administrators and users from the time of deployment.
Weighing the benefits of Windows 7 and Office 2010 it becomes clear that the simultaneous deployment of the two products offers valuable business gains for small, medium and large en-terprises alike. To provide a clear overview, Microsoft’s solution package is available to customers in 3 categories, which can be used to create a more efficient, more secure and more effectively manageable workstation environment:
Top 10 Benefits of Office 2010
6 State-of-the-art Desktop = User Efficiency
Corporate deployment of Windows 7 and Office 2010 is assisted by several tools, so the solution can be flexibly scaled in accordance with the organization’s size. The software products and deployment methods discussed on the following pages are classified according to the above categories to make it easier to understand and position the tools. The solutions are classified based on the following designations:
Windows 7
GoodBusiness Desktop
is for smaller businesses who need basic PC productivity,
with limited or no IT staff.
BetterProfessional Desktopis for businesses that have
a managed PC infrastructure and see a need for a more productive
and secure desktop.
BestEnterprise Desktop
adds a set of rich productivity, security and management solutions
for companies that have outgrown their PC Infrastructure.
Feature Set Highlights Good Better Best
1 Basic business PC productivity ✔ ✔ ✔
2 Protection of sensitive company information on PCs and USB sticks ✔ ✔
3 Employees can access their desktop from any PC ✔ ✔
4 Single image, policy control, PC recovery, and inventory mgmt. tools ✔ ✔
5 Access to Microsoft desktop virtualization technologies & VDI rights ✔ ✔
6 Future protection through rights to new software versions ✔ ✔
7 Deployment services, training, and 24/7 support ✔ ✔
8 Integrated enterprise security for servers and PCs ✔
9 Complete desktop management solution ✔
10 Unified solution from a single vendor ✔
Good (OEM) Better Best
Office 2010
GoodBusiness Desktop
is for smaller businesses who need basic PC productivity,
with limited or no IT staff.
BetterProfessional Desktopis for businesses that have
a managed PC infrastructure and see a need for a more productive
and secure desktop.
BestEnterprise Desktop
adds a set of rich productivity, security and management solutions
for companies that have outgrown their PC Infrastructure.
Feature Set Highlights Good Better Best
1 Individual business document, analytics, and email productivity ✔ ✔ ✔
2 Centralized document management and co-authoring ✔ ✔
3 Self-serve project workspace (e.g. calendar, task lists, project plans) and control ✔ ✔
4 Larger mailbox at lower storage cost ✔ ✔
5 Access to your work and colleagues virtually anywhere: PC, phone, and browser ✔ ✔
6 Future protection; rights to new software versions during your contract ✔ ✔
7 Deployment services, training, and 24/7 support ✔ ✔
8 Low cost IP communication through Office (IM, web conferencing, and voicemail) ✔
9 A comprehensive suite of enterprise security and compliance tools in one package ✔
10 A unified solution from a single vendor at lower cost (vendor consolidation) ✔
Good (OEM) Better (Microsoft BPOS) Best
Basic toolset “Better approach” toolset “Best approach” toolset
Choosing the Right Path 7
The secret of streamlining processes lies in standardizing them, establishing and following cor-porate standards. A standardized configuration ensures predictable operation, as the majority of possible issues can already be eliminated during the planning stage. It is important to determine the building blocks of the configuration process, and to decide about the correct implementa-tion of these. The standardization of the workstation environment results in simpler installation, upgrades, administration, support and replacement. The standardization of user settings and the software and hardware environments guarantees the successful deployment of the operat-ing system and applications, and the changes of configuration applied to them. If it were the task of the user to install the operating system or the device drivers, a minor issue might escalate and cause severe problems.
Due to these basic considerations, it is advisable to create a well developed and proven process to deploy Windows 7 and Office 2010, regardless of the size and IT-maturity of the organization.
The proper way to deploy new software can only be chosen by carefully assessing the current environment, by considering all technical assets and solutions and, of course, by identifying the basic business requirements to be met.
Which are the basic questions and technical parameters to consider during the phase of conceptual planning?
• Deploying Windows 7 often involves acquiring new equipment. There are two key factors to consider about this:» Windows 7 has higher hardware requirements than Windows XP. This is a good occasion
for organizations to replace their workstation hardware infrastructure that has been in place for up to 5-8 years.
» Hardware manufacturers optimize their new personal computers to and deliver them with Windows 7, and their compatibility with Windows XP and the availability of device drivers is not guaranteed.
» Since 2009, general product support for Windows XP is no longer provided. The extended product support for XP SP3 provides upgrades only for new security threats until 2014.
» If XP were to be installed on the new computers, reinstallation with Windows 7 would still be necessary at the end of the XP product support period in 2014, so the tasks would need to be performed twice.
• It is imperative to get a clear picture of the current IT environment, and this includes the cur-rent state of the workstations and the range of applications used on them. It is quite possible, that some of the computers are already capable of running Windows 7 and the planned applications in their current hardware configuration, while others might require only minimal
hardware upgrades. It is important to decide in this case whether there should be two or more different hardware configurations, or is it more desirable to standardize the worksta-tions. A heterogeneous system requires more complex deployment and management pro-cesses, and with systems containing a large number of workstations this ultimately results in higher costs compared to the expenses saved on the hardware.
• During the deployment of Windows 7, the task requiring the most careful consideration is choosing the applications used by the company. Upgrading the platform is a great oppor-tunity to replace obsolete, old applications, which necessitates the revision of license agree-ments, as well. Analyzing the usage habits and requirements helps considerably in choosing the applications and their distribution types.
• The next question while selecting applications is their compatibility with Windows 7. Microsoft offers several solutions to run applications that were not originally developed for the Windows 7 platform.
• Microsoft’s Application Virtualization solution (App-V) can be effectively used, if different us-age requirements indicate the necessity to run different versions of the same application on the same computer and at the same time (e.g. Remote Desktop Session Host). This way the virtualized application runs separately from the operating system, making it easier to install and remove it as needed.
• Most users put special emphasis on their work environment, an organic part of which is the user’s profile. There are multiple ways to centralize and migrate profile information, which all need to be taken into account when the migration is being prepared. If it is possible to separate the information in the user profile from the given computer, the operating system can be upgraded without affecting the user’s experience.
• In the case of systems comprised of a large number of computers, replacing all worksta-tions might take a long time even with proper automated processes. By deploying the Remote Desktop Services package (optional), available as a part of Windows Server 2008 R2, the Windows 7 and Office 2010 user experience can easily be provided to all users of the organization.
• Windows 7 can be merged into the same management infrastructure as Windows XP. There is no need to develop separate processes, as the administrators can continue to manage their hybrid system with the tools and processes they are already familiar with.
• Professionals taking part in operations should be properly trained to achieve a successful deployment of Windows 7 and Office 2010.
Choosing the Right Path…
8 Preparation Tasks
Deploying new software can mean a series of challenges, and with insufficient preparation these may only emerge during the installation and the first use of the system. When replacing the op-erating system (the basic platform), the number of questions and problems encountered increas-es exponentially, so it is imperative to prepare for these challenges with a proper conceptual plan.
Experience shows that deployment projects encounter the following critical issues:
Task Question
Test processes Does testing require infrastructural and human resource investments?
Infrastructure upgrades Should every user's workstation be replaced?
Image development Does each hardware type require a separate disk image to be created and maintained?
Application management Will all applications work?
Migration Does every user's information need to be migrated manually?
Distributing Office If Office is needed, will more testing and disk images be required?
Security settings What IT security rules should be introduced with the new software versions?
Deployment Does IT need to receive each user's workstation for the change, and what is the down-time associated with the migration?
Operation How does the new version affect the work of operators and users?
The following questions should also be answered during the conceptual planning phase:
• How much will the migration cost?• How much time will the complete process take?• How many engineers have to be involved with the deployment?• What dependencies and prerequisites have to be considered
during the migration?» What information needs to be collected?» What has to be prepared?» How many servers are required?» What are the processor, memory and disk space requirements?
• • Who needs to receive training, and how much training is required?
To answer the above questions, Microsoft provides a valuable planning and management guide within the Microsoft Operations Framework (MOF). MOF also contains essential information about project management tasks and other roles.
MANAGE
MOF
DELIV
ER
OPERATE
PLAN
The structure of Microsoft Operations Framework 4.0
The Deliver phase of MOF contains items like conceptual planning, project planning, develop-ment, stabilization and deployment. These can be found in the Service Management Function (SMF) description within MOF. This guide helps in forming a clear picture of the processes in-volved in the whole task, including the processing of incoming data, the areas of responsibility, the activities and the products, while providing appropriate controls for each step.
After determining the basic goals and expectations of the deployment of Windows 7 and Office 2010, and ascertaining the framework of the project, the preparatory planning phase follows, which includes the following tasks:
Preparation Tasks
Operational Health
Service Alignment
Portfolio
Policy & Control
Project Plan Approved
Release Readiness
• Business/IT Alignment• Reliability• Policy• Financial Management
• Operations• Service
Monitoring and Control
• Customer Service• Problem
Management • Governance, Risk and Compliance
• Change and Configuration
• Team
• Envision• Project Planning• • Build• Stabilize• Deploy
Preparation Tasks 9
Project ParticipantsAt the outset of the planning phase the participants of the project should be chosen, and their roles and tasks need to be defined. It is important that all participants have a proper insight into the major features of the applications to be deployed, as the collaborating professionals need to talk „the same language.” This could be significantly facilitated by a short technological pre-sentation (workshop), where the key participants’ questions about the selected software can be directly answered by professionals.
Assessing the Existing EnvironmentIn order to create a schedule that fulfills business requirements and is plausible at the same time, it is imperative to gain detailed information on the present IT environment.
The IT system’s current hardware and software composition can easily be mapped with the free Microsoft Assessment and Planning Toolkit (MAP), that uses WMI calls to query the information required for the migration from the target audience. There is no need for extensive preparations, as MAP uses WMI, and it does not require the installation of an agent component.
During the inventory, MAP not only collects information about hardware and software, it also helps with the analysis of the collected data. During the assessment it provides an accurate pic-ture about the part of the current machine pool that can accommodate the deployment of the different workstation and server operating systems with or without hardware upgrades. Its de-tailed reports clearly show the current hardware configuration of each computer (the hardware components and the load characteristics are also taken into account) and the components that need to be upgraded for the successful deployment of Windows 7.
The information obtained can be used to calculate the hardware investment costs more accurately, and is also useful during the selection of machines for the pilot phase.
Managing a Hybrid EnvironmentThe larger an organization is, the more complex the task to deploy Windows 7 will be, which also affects the project’s time frame. During the migration process, in a network of heterogeneous Windows clients, the ability to administer XP and Windows 7 systems at the same time is also important.
Windows XP, Vista and Windows 7 operating systems can be organized into a unified management model, where each of the clients can be centrally managed using previ-ously introduced software and operational routines.
• In a corporate environment, the basic tool for central administration is the group policy. It enables control of the computers’ settings and several parameters of the users’ work environ-ment. The logic of the group policy object in Windows Server 2008 R2 has more than 3300 adjustable parameters, most of which are compatible with Windows XP. Thanks to this, the policies used to govern XP and Windows Server 2003 systems can be retained, as they are fully compatible with the Windows 7 and 2008 R2 platforms, and all of their parameters are applied. Windows XP ignores the policy settings it cannot interpret, so it is completely safe to implement the new features and built-in security capabilities of Windows 7.
• With the deployment of WSUS, the operating systems and the applications they are running can be automatically updated, so the heterogeneous IT environment consisting of XP and Windows 7 systems can easily be kept up-to-date with the same upgrade management meth-ods and processes.
• The deployment of Windows 7 does not require reconfiguration of shared network devices (e.g. network printers), only the appropriate device drivers need to be installed. Windows XP and Windows 7 access these resources through the same protocol and the same methods.
• Also, the tried and trusted software distribution methods do not need to be changed due to the deployment of Windows 7. The process of centralized software distribution, either through policy or a management agent component, is identical for both platforms.
Let’s Plan and Scale!
Active Directorydomain
Server Infrastructure
10 Preparation Tasks
Internet Explorer 9The Internet has become a default working tool for users, so Microsoft also gives special focus to the ongoing development of Internet Explorer. Although Windows 7 contains Internet Explorer 8 integrated, it can easily be upgraded to IE 9.
Internet Explorer 9
• Safety is guaranteed by built-in malware and XSS (Cross Site Scripting) filtering. The new Tracking Protection feature allows users to control which sites they allow or deny access to their browsing patterns.
• Easy to administer, as the browser is configured, updated and distributed using the deploy-ment and administration tools in Windows. The Internet Explorer Administration Kit (IEAK) and the almost 1500 policy settings further simplify implementation into a corporate environment.
• In tune with the life-cycle of business, as Internet Explorer continuously adjusts to the ca-pabilities of the latest operating system and to business requirements. Accordingly, IE updates are published together with those of the core platform, on “patch Tuesdays”.
Internet Explorer 9 also introduces several improvements focused on users to further enhance the user experience, while simplifying and accelerating everyday tasks.
We recommend linking the deployment of Internet Explorer 9 to the Windows 7 rollout to pro-vide a more state-of-the-art, safer and easier to use browser to users with minimal additional effort.
Windows 7 Deployment TypesA decisive factor in identifying deployment-related tasks is the selection from the four types of Windows 7 installation methods suitable for automation:
Upgrade
Machines running Windows Vista Service Pack 1 and 2 operating systems can be upgraded lo-cally (in-place-upgrade) to Windows 7. This means that the applications, settings and user data existing in the Vista environment can be used further on in the Windows 7 environment after the upgrade. The benefits of the process may also become a disadvantage at the same time: as all settings remain the same, inadequate configuration will also have an impact on the new system.
New Installation
A process involving the deletion of contents from and repartitioning the hard disk, which results in a consistent state optimal for easily enforcing administrative settings and installing required components.
Reinstallation
In certain cases the existing Windows 7 environment may need to be reinstalled; the process is almost identical with the steps for a new installation. There is, however, one important differ-ence: machine and user settings and data need to be collected from the old operating system and transferred to the new installation. If this procedure is performed by the end-user, Microsoft recommends the use of the integrated Windows Easy Transfer (WET) tool. However, if mass re-installation is required, the User State Migration Tool (USMT) is the right choice.
Central Store
Reinstalled PC
ScanstateReloading of user data
and resources
LoadstateReloading of user data
and resources
Preparation Tasks 11
Replacement
Workstation operating systems earlier than Windows Vista SP1 cannot be migrated to Windows 7 by upgrade. Consequently, enterprises using Windows XP can only deploy Windows 7 by replacement. Replacement may involve procuring new machines or hardware upgrades to the exiting environment, as Windows 7 requires a more powerful hardware platform than Windows XP.
As with the reinstallation approach, the profile migration tools developed by Microsoft (WET, USMT) can be used in a similar way, as they also support the transfer of profiles between differ-ent machines.
The Windows 7 deployment solution should be developed in a way so that it would focus not only on the machines in the existing environment but also accommodate any new machines to be procured in the future. A very common solution is the pre-installation of IT devices with an operating system that should subsequently be customized to meet the require-ments of the organization. New devices also require the installation of applications, enforcement of security levels and integration into the administration system.
What About the Applications?One of the tasks involved in the deployment of a new operating system is to select the applica-tions to be used. This is also a great opportunity for reviewing the licensing of individual software products and revise which applications are really required.
MAP primarily focuses on hardware compatibility and performance issues related to the imple-mentation of the operating system, but it can create a basic inventory of applications installed on the computer.
This inventory does not reveal information about application usage patterns. Reporting on software usage trends and assessing license allocation require the implementation of System Center Configuration Manager.
Application Compatibility To establish the final list of applications to be installed in the Windows 7 environment, we need to ensure all software applications perform flawlessly on the new platform. Most of the issues emerging in connection with a platform upgrade are related to applications. Microsoft developed a new operating system kernel for Windows 7, which has an impact also at the driver and application levels.
New version
The easiest way to resolve software compatibility issues is to acquire the new, Windows 7 compatible version of the given software. In some cases, this may not be a viable option, either because the vendor did not release such a ver-sion, or the upgrade would mean additional costs to the organization, beyond current budget limits.
ACT
If software upgrade is not a viable option, it is recommended to use Microsoft’s free tool, the Application Compatibility Toolkit. During the examination of soft-ware products, ACT can detect various compatibility issues, and offer solutions to resolve them.
XP Mode
There are, however, compatibility issues not even ACT can resolve. So, if an ap-plication can only run adequately in an XP environment, it should stay there! XP Mode technology was developed with exactly these scenarios in mind: it offers a Windows XP operating system, and applications installed on it, running virtu-ally on the Windows 7 operating system.
Review the technical details of ACT and XP Mode:
Application Compatibility ToolkitAfter the data collection phase, ACT can create a list of currently used applications, just like MAP. This list is an active SQL-powered database where IT professionals can enter the results of the testing and solution development stages. Consequently, the process of determining application compatibility and its current state can be accurately tracked.
Application compatibility issues between different platforms typically arise because the manu-facturer of the software did not upgrade it for Windows 7. For such scenarios, Microsoft devel-oped ACT with a predefined patch kit (SHIM) integrated into the software to eliminate the most common issues. For applications with compatibility issues, custom patches can also be developed and later delivered to all workstations of the enterprise. The simplest approach to delivering patches for the software stack used at the time of Windows 7 deployment is to integrate the patches into the standard corporate system image.
12 Preparation Tasks
Microsoft offers customers several support options for Windows 7 deployment, including Application Compatibility Factory (ACF). Engineers working in ACF can be assigned with the task of making compatible the applications to be used by the enterprise on the Windows 7 platform, thus the developed solution will also be backed up by warranty.
XP ModeXP Mode provides a novel solution to application compatibility issues. On a Windows 7-powered workstation, us-ers can use applications developed for Windows XP as if they were installed on the Windows 7 system. In the background, however, when the Windows 7 host ma-chine is started, Virtual PC provides a vir-tual environment for the Windows XP machine running the given application. To provide an appealing and comprehensive user experience, the MED-V agent stores the interface of the application when it is launched on the virtual machine, and this interface is displayed in the work area of the host operating system. As a result, the user has the perception that the applications are running on the host operating system itself.
When implementing XP Mode, the following administrative considerations should be taken into account:
• As virtual XP machines built in compliance with corporate standards can be distributed by simple copying, it is easier to guarantee business continuity, since the corporate (virtual) client environment can be quickly rebuilt.
• The virtual machine and the applications on it run independently of the host computer’s settings and rules, as the virtual machine is a “different” computer.
• If required, the virtualized application can be displayed with a frame of a definable color, so the user can see that the displayed interface belongs to the application running on the virtualized XP system.
Implementation of a Reference EnvironmentWindows 7 and Office 2010 deployment can be facilitated to a great extent, if the preparation stage can rely on a reference environment consisting of a few machines, for testing software in-stallation and configuration. Such a test bed can not only be used to obtain answers to questions emerging during planning, but also to examine application compatibility, automated installation and configuration processes.
After successful migration and deployment, you might want to retain the reference environment, as it can serve as an ideal test bed for the deployment of any new applications emerging in the future.
How to Build the Reference Environment and What Tools to Use?
The hardware environment used in the test bed should be selected in line with information ob-tained from the assessment of the existing environment and with the chosen distribution method. If Windows 7 deployment also involves purchasing new hardware, machines with the selected configuration should be featured in the reference environment. If some of the existing comput-ers are suitable for running Windows 7 in their current state, it is important to include some of those machines in the reference system, as well.
Depending on the size of the organization and the complexity of the migration, the testing envi-ronment may consist of only one or two machines, but it can also be built as an entire infrastruc-ture installed with all required server roles, isolated from the production system. It is important that the lab environment reflects every aspect of the production system, as the entire migration and application deployment process needs to be modeled, so that any hidden bugs can be identified. Consequently, it is not sufficient to focus only on the operating system installation stage, but the relevant management issues and the server roles involved in the pro-cess also need to be clarified.
ACT SHIM Stack
Applications
Applications
OS
Virtual PC
Operating System
Hardware
Preparation Tasks 13
User Profiles Need to Be Managed, Too!In a corporate environment, the security, reliability and high availability of user data is of key importance. These data, depending on the maturity level of IT systems at the organization, are mostly stored in user profiles and other personal folders associated with them. A profile is the collection of files, folders and those registry entries that determine the environment, desktop and settings presented to the user after logging on to the computer.
In terms of where the data stored, we can distinguish between local and roaming profiles. The main benefit of roaming profiles is centralized storage, as the profile information resides at a central location in this scenario, not on the user’s machine. Whichever computer of the orga-nization the user logs on to, the same settings and desktop are always presented (except for the installed applications, as those may not always be available on every workstation). The informa-tion stored in the central location can be easily backed up using a centralized backup solution, as only the profile storage folders on the file server need to be backed up in order for user data to be available, even if the user’s workstation became unusable.
Irrespective of where profiles are stored, a very handy feature related to them is folder redirec-tion. In this scenario, certain folders of the profile (e.g. the contents of the Documents folder) are not stored within the profile, but moved to a centrally stored folder. The actual storage location of the folder becomes transparent for the users; as far as they are concerned, information is stored in the Documents folder on their workstations. Consequently, there is no need for addi-tional training as to what to save where, which significantly accelerates deployment.
Folder redirection can be very well combined with the roaming profile approach. In this case, profile size decreases dramatically, resulting in faster logon / logoff, and the current contents of the redirected folder can be regularly backed up by a central backup solution.
Taking all these aspects into account, the types of current profile usage also need to be under-stood when the IT system is assessed, so that an optimal decision could be made for migration.
If the organization already has some kind of centralized infrastructure, the recommended ap-proach is to redirect the profiles partly or entirely to a file server, as this measure greatly facilitates the Windows 7 deployment process.
Profile data and folder content managed by the users may not be centralized in every case, as the required storage capacity may not be available. Microsoft User State Migration Tool (USMT) was developed to work around this issue, available as a free solution for auto-mated mass profile migration.
Using migration rule (.xml) files and/or command-line statements the system administrators of the organization can control which user accounts, files and settings they want to migrate and how. Available options include the resolution of conflicts, the emulation of missing settings and also the removal of settings from the target machine. The tool can migrate e.g. the desktop back-ground, command-line settings, the user’s documents, folder settings, fonts, mouse and key-board configuration files, remote access settings or even the selected screensaver. Additionally, version 4.0 of USMT, introduced in Windows 7, can do all that much faster than previous versions, thanks to the Hardlink feature which can be very useful for operating system upgrades. In this case, the tool collects user data into a special folder, referenced by a hard-link. The benefit of this approach is that there is no physical copying, the tool only changes the addressing of the files.
Performance Improvement through Hardlink Migration
USMT now also includes an enhanced Document Finder feature which, similarly to the Windows Easy Transfer algorithm, attempts to migrate all the files not linked to the operating system or the installed applications. The tool also supports the migration of shadow copies and local group memberships, which may be very useful in certain cases.
0
5
10
15
20
2 4 6 8 10 12 14
25
30
Amount of data (GB)
Time
need
ed fo
r mig
ratio
n (m
in)
File copyHard link
14 Implementing a Pilot Environment
Most of the emerging questions are precisely answered by the tasks performed in the prepara-tory stage, revealing:
• the composition of the existing IT system,• the extent of required hardware upgrades,• the ideal type of operating system deployment,• compatibility issues of the applications to be used,• the requirements for the reference environment,• the options for migrating user profiles
With this knowledge, we can compile a Windows 7 Deployment plan aligned to the set of crite-ria defined in the Conceptual plan, with contents subject to amendments based on experience gained in the Pilot phase.
Review the key information about the Pilot environment.
Test PlanBefore finalizing the Windows 7 Deployment plan, the processes set out in the plan should be tested in the reference environment set up for this purpose. Methodical testing requires a de-tailed Test plan describing the individual test cases, the personnel performing the tests, the time frame for testing, how long a given test phase is to run, and what the expected results are. A set of criteria and a priority rating should be defined for each test case. By assigning a priority value, we can avoid situations where a negative outcome of the testing of a minor feature would slow down the deployment process, as such issues can be remedied even at later stages. At the same time, this approach also highlights when an issue is a major one, resulting in the potential redesign of processes.
Issues uncovered during the test phase should be taken seriously, as the reference environ-ment used for testing can be considered an abstract of the production system, therefore these symptoms will similarly emerge for each machine during the mass deployment process. This also underlines the importance of setting up the reference environment to be a close replica of the production enterprise infrastructure.
If more than one hardware configurations are in use, the process for installing the operating system and the applications needs to be tested on all variants.
These steps emphasize the importance of the implementation project prepared to exacting stan-dards to business decision-makers, as this project is also a token for the success of the processes.
Pilot: Testing Processes for a Limited Range of UsersAccording to Microsoft’s recommendations, migration, or the Pilot testing of the Deployment plan created, should first be carried out on a smaller group of carefully selected users.
Relying on the results of the trial operation, any necessary changes and fixes can be imple-mented in the process design prior to starting the migration for all machines in the production system. The primary objective of the Pilot phase is not to test Windows 7 functionality; neverthe-less, user feedback collected at this stage can be useful later. On this basis, we can decide which operating system features should be enabled or disabled by default.
In the course of the Pilot phase, it is important to keep track of the duration of the migration, the number of migrations carried out concurrently, the infrastructures load and usage data, and also the help desk calls related to the deployment.
How to Select Users for the PilotUsers of the pilot environment should be selected in a manner so that they provide an accurate representation of all types of users and infrastructure uses in the organization. This requires an understanding of the geographical distribution of the enterprise, patterns for local and mobile users, the types of accessing resources, the available bandwidth, and the data volumes transferred through the network, to use as a basis for setting up a representative list.
The following table summarizes the most common groups of users, their relevant business re-quirements, and the technological solutions used by them:
Implementing a Pilot Environment
Implementing a Pilot Environment 15
Features/technologies Devices Application and Presentation Virtualization
Remote Access Data Security Functionality
User Groups Challenges
Thin
clien
t
Desk
top
Lapt
op
Prop
rieta
ry d
evice
SSL V
PN
IPSe
c-ba
sed
VPN
Smar
t Car
d
Disk
enc
rypt
ion
Silen
t ins
tall
Inte
rface
por
tabi
lity
Task-oriented users
• They perform pre-defined tasks.• Several users share a pool of machines
running the target application.• Examples: temporary staff,
Call Center operators
• Deliver a cost-efficient solution• Provide flexible access to
several machines• Provide sufficient productivity
even in low bandwidth scenarios✔ ✔ ✔ ✔
General office users/information workers
• They have a wide range of tasks.They use several LOB applications.• They require high performance.• Examples: researchers, data analysts
• Uninterrupted high performance to be guaranteed
• Swift response to business requirements
• Manage compatibility issues between applications
• Flexibility between software versions
✔ ✔ ✔
Mobile users
• They frequently travel between different sites and customers.
• They use several applications on mobile computers.
• Examples: sales representatives, managers
• Protection of locally stored and portable confidential data
• Provide offline access to data• Central administration of mobile
devices only occasionally connected to the corporate infrastructure
✔ ✔ ✔ ✔ ✔ ✔
Home users
• Remote access to data and applications is required.
• They use a wide range of devices, including their own devices.
• Examples: remote workers, outside workers
• Guarantee the integrity and confidentiality of data
• Develop a flexible and cost-efficient solution
• Provide access from non-managed devices
✔ ✔ ✔ ✔ ✔
16 Implementing a Pilot Environment
Questions Related to the Hardware Pool
The available hardware pool should not only be examined in terms of user groups, but also as a function of complexity. This approach is primarily useful in the mass deployment phase, but it can also be used to establish several stages for the pilot system:
• Newly purchased computers should be procured with Windows 7 preinstalled, as this guarantees that the specifications of the machines make them suitable to run Windows 7. Computers delivered with Windows XP need to be reinstalled later using the corporate Windows 7 image, requiring unnecessary additional effort, translating into significant ad-ditional costs where a larger number of machines is involved.
• Migration of problem-free machines running only a few applications provides fast early success.
• These may be followed by machines running many applications, operating with a complex configuration, therefore implying more issues. Computers equipped with special hardware options can also be included in this category.
• For users with obsolete hardware configurations running Windows XP, the implementation of a virtualized work environment (RDS / VDI) should be considered, so these users could also enjoy the benefits of a state-of-the-art work environment from the beginning of the migration process.
Deployment ToolsetFor only a few machines, the development of exquisite automation for Windows 7 deployment is not justified. Settings and user data simply needs to be backed up, and then the new operating system can be installed using the installation DVD. After the installation of applications is com-pleted, the deployment can be finalized by setting user profile data.
For dozens, hundreds or thousands of computers, Windows 7 deployment is mostly identical to the process outlined above, but a certain level of process automation is definitely recommended in this case. The time allocated for developing and testing custom procedures must be in pro-portion with the number of machines to be migrated.
Review the tools and technologies facilitating automated mass deployment of Windows 7 and Office 2010.
Image FormatsThe Windows Image file format (WIM) is a special container storing the operating system image. One WIM file may contain several different disk images. Using special compression algorithms and „single instance” technologies allows relatively small files to store the data. Microsoft also employs the WIM format in the Windows 7 installation kit to store the pre-installation environ-ment for the operating system and Windows (WinPE). Custom images can be created by editing those files, while ImageX provides options to create installable WIM files from reference machines.
By creating a custom image, the implementation of the ideal work environment can be simplified, as the image contains not only the core operating system, but also the customized OS settings and all the necessary applications.
Only the applications required by all users of the organization need to be preinstalled in the reference image, e.g. virus protection, Office programs. As a result, system admin-istrators need to maintain only one image, all user-specific requirements can be man-aged at the level of the central administration applications.
WinPEThe Windows Preinstallation Environment is a graphical environment with limited functionality, running the Windows kernel, and usable for diagnostics, maintenance and operating system installation tasks. The WinPE 3.0 environment used by Windows 7 and Windows Server 2008 R2 can manage virtual hard disks (VHD), so even the VHD Boot technology can be implemented.
In certain cases the WinPE environment needs to be customized, e.g. when installing custom hardware drivers, allowing the machine to manage the network interface or RAID controller board even in the WinPE phase. The required WinPE environment can be placed on a WDS server, so computers supporting network boot (PXE Boot) can access the pre-installation envi-ronment for the operating system on the WDS server through the local network.
Implementing a Pilot Environment 17
Windows System Image Manager (Windows SIM)Windows System Image Manager provides a graphical user interface to edit the response file controlling the installation and customization of the operating system (unattend.xml). The ap-plication uses the existing WIM or CLG files as a reference to load the configurable components and processes.
The use of response files allows the automation of questions asked at the time of installation, while also providing options to change settings not prompted for by the conventional operating system installation wizard. As a result, a standardized workstation environment can be created even in organizations with no management infrastructure, as all machines are installed using a configuration with detailed settings.
For organizations with a management infrastructure, several tools are available after installation to standardize the Windows 7 work environment, so the creation of a response file to automate the installation of the operating system can be skipped.
Windows Deployment Services (WDS)Windows Deployment Services can transfer the WinPE boot environment through the network to PXE-enabled devices. It also supports the Auto-Cast and Schedule-Cast types of multicast-based image delivery. The version available in Windows Server 2008 R2 also performs the dy-namic distribution of device drivers.
WDS makes the mass deployment of operating systems easy, as it can deliver the disk images it manages through the network to the appropriate target machines using several distribution methods. This server role is useful for the installation of new machines and the re-installation of existing computers, as well. The deployment of the WDS component available in the Windows Server 2008 R2 product line is extremely simple, with a number of wizards facilitating initial configuration.
Microsoft Deployment Toolkit (MDT)Microsoft Deployment Toolkit is a free solution by Microsoft for the automation of mass Windows 7 deployment projects. It reduces the complexity of deployment, while it improves standardiza-tion by providing a uniform user environment. The operating system installation tools in MDT can drastically cut the time required for lab efforts, as the process automation scripts do not need to be developed from scratch, there are readily available templates for them in the pro-gram. MDT provides efficient solutions for the following scenarios:
• The applications to be installed on the new Windows 7 platform can be identified, and the program performs the installations without any user interaction, in a fast and efficient manner.
• The entire image creation process can be automated as a script, accelerating the prepara-tions for deployment.
• The program collects the user profiles from the existing machines (with USMT functioning in the background), and migrates them back to the new workstations.
• Using its automation methods, the program can back up the existing environment prior to the Windows 7 deployment.
• The program provides a comprehensive automation script for the entire process of de-ploying new machines.
Without MDT, one would have to develop a proprietary method to automate every phase of the mass operating system deployment. By using MDT, hundreds of hours of effort can be saved, thanks to its ready-to-use solutions including the appropriate installation scripts, response files and image creation procedures.
System Center Configuration Manager (SCCM)A software solution for general change management, perfectly suitable for smaller corporate structures with only a few sites or for really large, multi-sited infrastructures, as the server roles implementing the functionality are modular and very extensively scalable. System Center Configuration Manager can support physical and virtual machines, servers, workstations and mobile devices alike.
• It provides an accurate overview of the entire system through the hardware and software inventory features configurable in detail.
• The software distribution component of SCCM allows the selection of the necessary distri-bution method from a wide range of options, including mandatory installation run with ad-ministrative privileges, triggered by Wake-On-Lan technology, ignoring the maintenance window.
• SCCM complies with all requirements for a dynamic and Zero-Touch operating sys-tem installation solution. SCCM can automatically install an operating system on members of machine pools.
• The software usage metering feature in SCCM is very useful when the annual software licensing plans are drawn up, as it contains all the building blocks required for data collec-tion and statistics.
• The Desired Configuration Management (DCM) module in SCCM is of invaluable help in a rapidly changing virtualized system, as it can examine the configuration of servers and the applications running on them against a predefined compliance rule.
18 Implementing a Pilot Environment
User State Migration Tool (USMT)The User State Migration Tool allows the automated migration of user profile data and computer settings from the old machine to the new one. As mentioned earlier, user profile information often needs to be retained and transferred to the Windows 7 work environment. In connec-tion with the profile, migration should of course also manage the computer settings, while the platform change will also involve parameters that cannot be transferred to the new system. Due to such compatibility issues, profile migration and its automation process should be subjected to thorough testing, so that a well-functioning, efficient solution is available prior to the mass migration.
Office 2010 Deployment ToolsThe deployment of Office 2010 is facilitated by a number of free tools available to map the existing application environment to detect compatibility issues, to automate the installation of required components, or even to batch convert files created using the older versions of applications.
Office Customization Tool (OCT)An automatic and customized installation of Office 2010 requires the creation of the appro-priate response file which can be simply built and modified with the OCT tool in the Office in-stallation kit. Besides the management of the usual options, the software also allows for configu-ration of a number of additional parameters to standardize users’ work environment in a manner similar to policies. During the response file-based installation, document protection, macro secu-rity settings, Outlook mailbox parameters and even the properties of shortcuts can be controlled.
Office Environment Assessment Tool (OEAT)OEAT searches for extensions in the Office 97, 2000, XP, 2003, 2007 and 2010 suites to facilitate the detection of application compatibility issues. The verification is carried out through the examination of pre-defined folder and registry structures, the analysis of COM and VBA plug-ins and the monitoring of calls to the Office APIs.
Office Migration Planning Manager (OMPM)OMPM is a collection of applications for the detection and analysis of document conver-sion issues and also for the centralization of batch conversion.
OMPM can detect the documents created by the user using Office 97-2003, irrespective of whether the files are stored locally or at a central location. The inspection process examines how the individual files can be converted to the Office 2010 format, and stores the results in a database, so the information is readily available for reporting purposes. OMPM analyzes the properties and contents of files, and looks for potential issues that may occur during document conversion. It also analyzes the Visual Basic for Applications (VBA) macros available for embed-ding into Excel, PowerPoint and Word files, so any errors in the macro codes of the documents can be revealed in advance.
Office File Converter (OFC), available as part of the OMPM package, allows the batch conversion of Office 97-2003 documents to the Office 2010 format.
Office Compatibility Code Inspector (OCCI)After the file conversion, OCCI can be used for further analysis to detect compatibility issues related to VBA code embedded into documents handled by Excel 2010, PowerPoint 2010, Word 2010 and Visual Studio 2008. The scope of the application only includes code analysis, any required fix is to be provided by the developer. The application records the detected issues as comments in the code, and also attempts to provide recommendations for their resolution or guidance to further information.
Developing Custom SolutionsUsing the information collected up to this stage, the technologies presented should be linked, so that the pilot migration is successful in every aspect. The Deployment plan must handle any er-rors occurring at the individual steps, how they are entered into the documentation, while it also needs to define the criteria of success for each phase. The following list describes the correct order of application for the components presented so far, although some of the steps may be skipped depending on the chosen solution:
Implementing a Pilot Environment 19
Steps to Migrate to Windows 7
❏ Create an inventory of the current state of the IT environment, to be used as the basis for finalizing the necessary hardware investment plan.
❏ Create a final list of the applications to be used, and manage their compatibility issues.
❏ Create a reference environment for testing your custom solutions. Use this system to test the products created in the individual steps.
❏ Review the current behavior of user profiles, and create a plan for their migration. If necessary, use the USMT toolset.
❏ Create the images for the WinPE and the operating system installation phase in compliance with corporate standards. Use the Sysprep and ImageX tools to create the reference image, and use the DISM application to edit the images offline.
❏ If necessary, you can use the WSIM response file creation application to customize the operating system installation.
❏ Select the appropriate mass distribution solution for both the operating system and the applications to be installed on it.
❏ Depending on the selected distribution solution, prepare the components of the core infrastructure to support the deployment.
❏ If MDT / SCCM is chosen as the mass distribution solution, prepare the relevant process automation Task Sequence script.
❏ Classify the users and computers of the organization into categories. Use this information to select the users participating in the Pilot phase, and also to select the machine groups involved in the migration and the sequence applied to them.
❏ Document your Deployment plan.
❏ Create a Test plan with test cases and success criteria included.
❏ Perform the Pilot testing. Use the Pilot phase to collect user feedback, measure performance parameters, measure the time required for the process, and remedy any emerging issues.
❏ Amend the Deployment plan to reflect the changes in the process.
❏ Start the mass deployment.
20 Mass Deployment of Windows 7 and Office 2010
Following the Pilot migration and the trial period, the gradual migration of the entire infrastruc-ture to Windows 7 can be launched. Relying on the results of the Pilot phase, we can create the final Deployment plan covering the following items:
• The number of machines migrated in one group,• The sequence of the individual machine groups,• The scheduled time for installing the operating system, broken down by machine types,• The personnel and other resource requirements of the mass deployment,• The time available for installation for each individual machine group,• The training plan and schedule for user re-training.
Mass deployment, depending on the chosen solution, may have minimal or even significant impact on the servers of the corporate infrastructure, therefore the preparation of server roles must be completed prior to launching the Pilot phase.
Required Server RolesDatabase ServerMAP and ACT both store the collected inventory data in SQL databases. They can create sta-tus reports from these, and also present workload information received from the performance counters.
The heart of the SCCM system administration application is the SQL-based central database, which can be of significant size, depending on the extent and complexity of the IT system. As a result of its complexity, the deployment of SCCM requires in-depth planning and preparation.
The databases used by the applications may be consolidated on a shared SQL server, if necessary.
File ServerIn an enterprise environment, the easiest way to share content is to place the files in shared fold-ers. Most of the content produced in the different phases of migration needs to be copied to those shares for an automated mass deployment, to make it available to all computers.
The scaling and number of file servers is influenced by the structure of physical sites and band-width in the enterprise, and by the number of applications and drivers to be installed. The de-veloped deployment automation mechanism has to manage the site structure of the company,
as the infrastructure is different for each location. The Deployment plan needs to cover the implementation options for the developed solution at each site.
WDS ServerThe Windows Deployment Services server role greatly facilitates the mass deployment of operating systems. The service package, available as part of Windows Server 2008 R2, consists of two components: Deployment and Transport Server. The two com-ponents can be located on two separate machines, while Transport Server is a server role functional even by itself. The WDS server plays an important role in the distribution phase of WinPE, the operating sys-tem and the drivers, so the server must be equipped primarily with hard disk storage space and fast net-work connections. To reduce the workload caused by file transfers through the network, the multicast-based distribution method is available in the product. This method can sort the machines belonging to the same multicast process by their bandwidth values. As a result, a machine with a slower connection would not affect other members negatively.
Active DirectoryActive Directory is an integral part of the core infrastructure. It enables setting up the WDS server in a way, that only machines existing in the directory would have the new operating sys-tem image delivered. It can also serve as a tool to control access privileges to network shares. Through group policy objects, thousands of parameters can be centrally controlled for the newly deployed machines and the applications installed on them. This management infrastructure is equally suitable for the central management of Windows XP, and Windows 7 workstation operat-ing systems and that of the server environment.
Mass Deployment of Windows 7 and Office 2010
WDS Multicast Configuration
Mass Deployment of Windows 7 and Office 2010 21
Mass Distribution Using MDT and WDSMicrosoft Deployment Toolkit consolidates the toolsets for Windows 7 and Office 2010 deployment in a single console. The software is not designed for standalone operation, it uses several tools in the background to automate processes, e.g. WAIK, or USMT. The core concept of the product requires the creation of a distribution share, where the building blocks for the instal-lation process will be organized into subdirectories. Built-in wizards assist in swiftly configuring the appropriate installation environment, as a number of predefined operations are included in the software. The source for the image to embed into the Task Sequence script can be the original installation media or even files placed on the WDS server.
MDT can create customized WinPE files that call the response file and scripts from the work-ing directory after the boot phase of the machines is completed. These WinPE files can also be placed on the WDS server, so the boot process of the machines can even be controlled through the network.
WDS Administration Console
After the boot stage, the system administrator can configure the decision points identified in the steps of the Task Sequence script created by MDT. With the questionnaire filled in, the process becomes automatic and produces the required environment.
Mass Distribution Using SCCMSimilarly to MDT, SCCM also uses the toolset of the Task Sequence script and WDS, howev-er, a completely automated, Zero-Touch Installation can be implemented with this tool. Compared to the previous solution, SCCM can apply static and dynamic group membership logic to categorize the entities into different targets, and then prescribe the installation of the operating system and related applications as optional or mandatory for the various groups. With the integrated Wake-On-Lan (WOL) capability, the process can be enforced even when the ma-chines are turned off. As the different user groups require different application sets, these should not be installed into the reference image, but the software distribution features of SCCM should be used, instead. As a result, the Task Sequence script used in SCCM can consist of significantly less steps than the version used by MDT, since SCCM applies different methods for the installa-tion of drivers, software and updates.
Office 2010 Deployment OptionsThe distribution architecture for Office 2010 is fundamentally identical with the earlier structure for Office 2007. There is, however, an important difference: Now the Office versions available through Volume Licensing programs require activation using one of the Volume Activation tech-nologies. Key Management Service (KMS), Multiple Activation Key (MAK), MAK Proxy, or a com-bination of these methods can be used as activation methods.
Selection of the Appropriate Distribution MethodThere are five recommended methods available for the centralized deployment of Office 2010: network share, Group Policy startup script, centralized distribution through management soft-ware, Application Virtualization and Presentation Virtualization. The above methods can also be combined, e.g. the virtualized Office 2010 application can be distributed through the central administration system. Although the Group Policy Software Installation feature (GPSI) can be successfully used to deliver generic software, this solution is not supported for the distribution of Office 2010. As an alternative solution, the automated launch of a script linked to the machine boot event is recommended.
22 Mass Deployment of Windows 7 and Office 2010
Network InstallationA very simple approach to Office 2010 deployment is when the system administrator copies the contents of the installa-tion kit to a network share, and provides access to the share to users and their machines. This may be an ideal solution for smaller organizations, as no comprehensive management in-frastructure is required, users can launch the Office installa-tion as required. The drawback of this solution is that the pro-cess is manual, and does not provide information about the machines successfully installed with the desired application.
Startup Scripts Embedded into Group PolicyUsing group policy, system administrators can create startup scripts for computers to perform an automated installation of the desired Office 2010 components. The script can be written in any language supported by the client machines, e.g. VB Script, JScript, command-line executable, etc.
One of the main benefits of this solution is that operators can rely on a familiar and commonly used tool, Active Directory Group Policy to centrally distribute Office. So they can utilize proven practices and accumulated experience to easily deploy the new Office version. For organizations where Group Policy is the most prominent central administration tool, a scripted install is the ideal choice.
Using Administrative SoftwareIf the organization uses an existing central systems management application (e.g. System Center Essentials, System Center Configuration Manager), centralized mass deployment becomes a sim-pler task. The use of SCE or SCCM is recommended for the life-cycle management of the IT sys-tem, depending on the company size, and both tools make the deployment of Office 2010 a fast and transparent process. The contents of the installation kit can be customized for individual locations in multi-sited systems, resulting in bandwidth savings. With advanced troubleshooting and repair tools, and highly versatile report control features, the applications enable accurate tracking of the entire process life-cycle, so statistics and compliance reports can also be easily created.
Application Virtualization Using App-VWith the implementation of Application Virtualization, Office 2010 can be made entirely independent of the underlying operating system and the other applications installed on the computer. As a result, all compatibility issues that would hinder or block Office deployment are eliminated. Following the installation of the client component required for running the packaged virtual applications, the App-V client is ready to run any Office 2010 components packaged using App-V. System administrators can centrally control which user has the rights to use a given Office module.
Rules for the restrictions can also be based on group membership. Several system administration solutions are available for delivering application packages, and they meet the requirements of all different usage patterns, be it online or offline clients or using fast or slow connections.
Presentation Virtualization Using Remote Desktop ServicesAs part of the Windows Server 2008 R2 Remote Desktop Services package, a comprehensive so-lution is available to support Presentation Virtualization, with several new features compared to the previous release. Office 2010 applications installed on Remote Desktop Session Host servers are accessible to users through several connection methods. Applications run on the server infra-structure, the connected device only needs to display the user interface. RemoteApp technology, also available in Windows Server 2008 R2, enables users to see the interface of only the relevant application, not a complete Windows desktop and work interface, streamlining everyday use.
This solution greatly simplifies Office deployment, maintenance and version upgrades, as the required management tasks only need to be completed on the servers running the RDSH role. A further benefit is the reduced bandwidth utilization, as only the mouse, keyboard and screen information travels through the network. The services built into the Remote Desktop Services package (RD Gateway, RD Web Access, RD Connection Broker) also simplify mobile use, as there are several solutions for the Internet-based secure publication of RemoteApp programs.
Mass Deployment of Windows 7 and Office 2010 23
RDS+App-V MethodCorporate deployments of Office 2010 often require a combination of the different distribution methods. The combined use of Presentation and Application Virtualization methods can replace several earlier solutions that were implemented with compromises. Presentation Virtualization often raises issues related to application compatibility and the parallel use of dif-ferent versions of a given software. App-V-based Application Virtualization can be utilized to eliminate such issues. In this scenario, applications continue to run using the resources of the RDSH server; however, no installation on the RDSH servers is required, as the applications are managed by the App-V client.
Using RemoteApp technology, applications virtualized through App-V can be accessed via a number of different interfaces, so Presentation Virtualization is also provided.
How to Customize Office 2010 InstallationsThe utility to create response files was available as part of the Office Resource Kit in earlier Office releases. With Office 2007, the Office Customization Tool became a part of the installation pack-age, available to configure several parameters for the installation. The same applies to Office 2010, only the range of available settings has extended, as the 2010 product release has also changed significantly in terms of functionality. While creating the response file, parameters be-yond those available as part of a „conventional” installation can also be set. Several policy-type configuration changes can also be specified to fine-tune user-specific and machine-specific set-tings of the installed Office components.
Central Administration of the Resulting SystemDepending on the size of the company, there are several management solutions available to control the implemented state-of-the-art work environment.
If the size of the organization does not justify the constant presence of a system administrator, or central management software, users typically resolve emerging issues by themselves or relying
on external assistance to a minimal extent. Windows 7 offers several built-in tools well-suited for use even with average user skills, e.g. troubleshooting tools, system restore tool, reliability history, Problem Steps Recorder, etc.
.
Built-in Diagnostics Tools in Windows 7
The introduction of Active Directory offers significant benefits already starting from 10 to 20 us-ers, as the central management of privileges, inventory and group policy configuration features may be required even for organizations of this size. The directory solution offered by Microsoft is especially well-scalable to meet the needs of enterprises with even hundreds of thousands of users.
The centralized activation of primed versions is an essential issue for both Windows 7 and Office 2010. Microsoft Volume Activation Management Tool 2.0 can discover the computers connected to the network, and based on data collected from them, it can create statistics of the activation state of individual entities. Following the mapping of the system, all installed copies of Windows 7 and Office 2010 can be activated through the VAMT console, while the appropriate product key can also be set.
Microsoft provides two solutions for meeting system management challenges, and for central-izing operational tasks related to configuration management. System Center Essentials is the recommended solution for small and mid-sized businesses, while System Center Configuration Manager is primarily aimed at mid-sized and large enterprises.
RD Session Host
App-VClient
www.microsoft.com
© 2011 Microsoft Corporation. Minden jog fenntartva. Ez a dokumentum kizárólag tájékoztatási célokat szolgál. A Microsoft semmilyen kifejezett vagy vélelmezett garanciát nem vállal a jelen összefoglalóban szereplő információval kapcsolatban. A dokumentumban szereplő logók és terméknevek a Microsoft vállalatcsoport védjegyei.
http://www.microsoft.com
More information: