Thursday, 20 March 2014

Modern Windows Deployment

documentMicrosoft deployment tools have come a long way in recent years. If you know what you are doing you can be up and running, ready to deploy to Windows to devices in your organisation, in a surprisingly short amount of time. For deployment of Windows to end user devices such as PCs and laptops, the Microsoft tools are so good that there really is no point in using something else. Whether your organisation opts to use the free Microsoft Deployment Toolkit (MDT) or to pay extra for System Centre Configuration Manager (SCCM/OpsMgr), the end result is basically the same for bare-metal devices:
  1. The device boots WinPE. This can achieved with network booting using PXE and WDS or simply by booting to a USB stick.
  2. The WinPE instance connects to a standard Windows file share hosted on a Windows server (known as a deployment share). If you're using SCCM, this will be a distribution point, but with MDT on its own it can be literally any file share. Tip: for scalability with MDT, one can use DFS-R to replicate your deployment share at each site.
  3. The WinPE instance downloads a task sequence from the deployment share. This is a list of steps to be executed as part of the deployment share.
  4. After partitioning and formatting storage volumes, an operating system image (WIM file) is applied to the device
  5. The task sequence applies drivers and applications and carries out other tasks such as joining an Active Directory domain.
Admittedly, the above is a slight over-simplification, but it gives a flavour of the speed and simplicity of a basic modern deployment process. With a decent network connection, Windows can be deployed to a device in less than 30 minutes. Additions to the process can carry out more advanced tasks. An example of this is the User State Migration Tool (USMT) that can migrate existing user files and settings from an older operating system to the new install.
After the automated process completes, the device should be ready to use. Of course, in a large organisation, IT will want to manage the entire life-cycle of the device, so that applications can be kept up to date. Other products such as SCCM or (my favourite) SpecOps Deploy will be required for this.
Of course, the real work takes place before live deployments start, in the process commonly known as "image engineering". This is where the IT professional builds a Windows image for deployment and designs the deployment task sequence. The great thing about the Microsoft tools is that the process of building a master image (including patches, applications and runtimes such as .NET) can itself be automated. This video created by my colleague Raj Sumbal demonstrates the essential simplicity of this process using MDT:
To get up to speed with modern Windows deployment techniques, I can recommend nothing better than the free online Windows 8.1 Deployment Jump Start course from Microsoft Virtual Academy.