Deploying Windows 7 and Office 2010 - Download Center - Microsoft

6 downloads 281 Views 8MB Size Report
users; think about the life-cycle of the hardware and software used by the organization .... The toolset supporting the
Deploying Windows 7 and Office 2010

Table of Contents 3

Windows and Office Upgrade: A Chance to Streamline the IT Environment

4 Top 10 Benefits of Windows 7 5 Top 10 Benefits of Office 2010

7

Choosing the Right Path

13

Implementing a Pilot Environment

14 Test Plan

Preparation Tasks

20

Mass Deployment of Windows 7 and Office 2010

14 Pilot: Testing Processes for a Limited Range of Users

20 Required Server Roles

14 How to Select Users for the Pilot

21 Mass Distribution Using MDT and WDS

11 What About the Applications?

16 Questions Related to the Hardware Pool

21 Mass Distribution Using SCCM

12 Implementation of a Reference Environment

16 Deployment Toolset

21 Office 2010 Deployment Options

13 User Profiles Need to Be Managed, Too!

18 Office 2010 Deployment Tools

23 Central Administration of the Resulting System

8

9 Let’s Plan and Scale!

19 Developing Custom Solutions

Windows and Office Upgrade: A Chance to Streamline the IT Environment Whenever a new version of Windows or Office hits the market, we are always faced with tough choices. We need to consider whether or not it makes sense to upgrade to the latest version; take stock of the advantages offered; assess the workload migration would mean for the IT staff and users; think about the life-cycle of the hardware and software used by the organization, as well as the costs involved and return on investment. Many will also ask if it is possible to streamline other system components during (or prior to) the migration period, so that the resulting system or even an interim, heterogeneous state may be more efficiently managed, with IT staff capable of flexibly and promptly fulfilling new business requirements.

Is it Possible to Gradually Migrate to the New Versions? Very few companies decide to replace all their desktop computers at the same time; the typical scenario is to have computers replaced on an ongoing basis, in line with user needs and the aging of hardware. On average, small and mid-sized businesses replace all their computers every five years, corresponding to a 20% replacement rate of PCs and laptops each year. New computers should of course be purchased with Windows 7 preinstalled, but what about the other 80% of machines in the first year? Using Microsoft technologies, nowadays it is easy to implement the management of heterogeneous environments that use two operating systems simultaneously, and given that the servers running in the background of the system have been properly prepared, it is possible to migrate users and computers from the old software to the new in a gradual and transparent manner. Through the use of modern application virtualization and Remote Desktop Services, gradual and problem-free migration of business applications (e.g. between Office versions) is easy to achieve. With just a few clicks, users can be assigned Office versions to use, which will also be made available to them automatically. Today’s tools even enable users to run two different versions of Office simultaneously, allowing them enough time to familiarize themselves with the new system. Should compatibility issues arise, it is also possible to perform daily work with the older version, while IT experts resolve the problem or properly train users to work with the new Office version.

What is the Best Way to Start Migration? The first step should definitely be thorough planning: this document aims to provide all possible assistance in this regard. It is important to gather enough information before planning, as today’s Windows, Office, management and server technologies allow for the creation of a system that is even capable of flexibly serving gradual migration and business requirements that may change over time. The first step of planning should be an assessment of the current state of users, applications, data and IT tools, as well as user and business needs. This should be followed by a focus on server-based data, documents, user profiles and centralized and automated deployment and management processes. Choosing this path simplifies the installation, replacement and maintenance of desktops both for the IT staff and the users to the degree that it becomes a part of daily routine. The capability to replace the computers, operating systems and applications of users in a matter of seconds not only simplifies migration, but also allows for the prompt replacement and deployment of lost, stolen or otherwise damaged machines (with all previous data and settings automatically restored).

Thin client or fat client? And if it does not work out? A further benefit of introducing the Microsoft solutions available today is that they support making major decisions, which would require committing a lot of work and financial resources (i.e. a lot of risk) in the case of other IT systems. Through the centralized management of user profiles and documents, any user may choose to log in at any workstation, running either Windows XP, Windows Vista or Windows 7, be it a thin or fat client, in the office or from a remote location. And this means that the management of the organization may at any time decide according to its business priorities which environment certain users may access, when they should receive new computers, whether they should be laptops, PCs or thin clients, and if employees should work in the office or from home. The IT department may implement these changes transparently and with minimal effort, ensuring an optimal work environment for all users in each case.

State-of-the-art Desktop = User Efficiency    3

Top 10 Benefits of Windows 7 1. Business Productivity Several integrated tools ensure easy, fast and secure work, leading to improved user experience and efficiency. Analysts at IDC found that help desk labor costs can be reduced by 65% on average, while PC/OS support costs by 55% on average, for a 6-12 month return on investment by deploying Windows 7. 2. Data Protection Statistics show that on average 10% of laptops and 70% of USB devices are lost annually. In such cases, not only the loss of the devices causes concern; the data stored on them falling into the wrong hands may cause significantly greater damage. Windows 7 BitLocker allows for the centrally enforced encryption of data stored on computer hard disks and USB devices. 3. Anywhere Access Forrester reports that 10% of help desk calls are related to VPN connectivity issues. DirectAccess technology, introduced in Windows 7, provides users encrypted and direct access to the corporate network infrastructure in a transparent and automatic manner through a public medium. 4. Management Tools The toolset supporting the deployment and management of Windows 7 and Office 2010 applications includes the Microsoft Desktop Optimization Pack (MDOP) application suite, among others. MDOP offers significant assistance in application virtualization, centralized error handling, error diagnostics and resolution, resource planning and policy management. MDOP includes:   •  Application Virtualization (App-V)   •  Microsoft Enterprise Desktop Virtualization (MED-V)   •  System Center Desktop Error Monitoring (DEM)   •  Diagnostics and Recovery Toolset (DaRT)   •  Asset Inventory Service (AIS)   •  Advanced Group Policy Management (AGPM) 5. Virtualization Both on their own and combined, application virtualization (App-V, MED-V) and workspace virtualization (RDS, VDI) solutions speed up and simplify setting up the optimal work environment. Thanks to these technologies, application deployment that used to take 1 month can now be carried out in 1 day, while application compatibility issues have become a thing of the past.

4 

  State-of-the-art Desktop = User Efficiency

6. Version Control Analysts at IDC estimated 30%-35% savings in testing time and other resources from standardizing on a single version of Windows and Office in the organization. To do so, both the operating system and the desktop application suite need to function as reliable system components. New developments in the areas of security and functionality are often only released in the latest versions of software, highlighting the importance of keeping products up-to-date. Both Windows 7 and Office 2010 offer Software Assurance, a licensing solution that guarantees you have the latest version. 7. Support To satisfy diverse requirements, Microsoft developed a broad support offering, components of which may also be chosen individually, supporting the deployment of Windows 7 and Office 2010, e.g. planning, application compatibility analysis and solution development, image engineering and customization. Customers with volume licensing agreements may benefit from the following Software Assurance support services: Desktop Deployment Planning Services (DDPS), SA training vouchers, 24/7 engineering support. 8. Integrated Security The combination of several integrated tools and security enhancements (e.g. UAC, ASLR, DEP, Service Hardening, Patch Guard) ensure maximum security for the operating system and data. The new Security Center provides a transparent overview of the current security level of the operating system through a single interface, and also allows for its configuration. A unified security level may be achieved by enforcing group policies. 9. Integrated Management Windows 7 offers an expanded management toolset (e.g.: DISM, Windows Backup, PowerShell), using which operations staff may easily solve administrative tasks that were tedious and required custom-developed solutions in the past. Windows 7 may also be centrally managed with Microsoft’s system management products (e.g.: System Center Essentials, System Center Configuration Manager). 10. Single Vendor Solution The integration of applications from a single vendor may substantially reduce costs, which is a key consideration for security, operations and system management tools alike. Microsoft’s solutions allow for the creation of a homogenous IT system, in which the operating system, applications and centralized management solutions are integrated by default.

Top 10 Benefits of Office 2010 1. Unparalleled Productivity Thanks to rich media integration, fast data generation and the capability to analyze and present huge amounts of information, the Office 2010 suite reaches levels of productivity unparalleled on the market. 2. Document Management and Collaboration Central management of shared user content, online accessibility, management of corporate resources, access control, compliance, administration of documents’ life-cycles and multi-user document management together provide a functionality that enables faster document creation and remote collaboration through direct interaction, eliminating the need for time- and cost-intensive personal meetings. 3. Project-Based Workspace Both internal and external projects benefit from the participants’ ability to share information in a quick and simple manner. The collaboration support features of Office 2010 (e.g. shared workspace, shared calendar, distribution and tracking of tasks, sharing contact objects and schedules, wiki pages, central management of access privileges, etc.) make it possible for users to create and share all relevant content for the project in a self-organized way. 4. Large Mailboxes Thanks to the ability of Office Outlook 2010 to manage mailboxes up to 50 GB in size, storage costs can be decreased by 50-70%, by taking advantage of the new data storage concept of Exchange 2010. 5. Virtual Access from Anywhere The familiar Office experience can now be accessed from all kinds of devices, including PCs, phones and browsers. As a solution supporting mobile use, all software included in the Office suite can be run as virtual applications on most mobile devices. 6. Version Control Customers covered by Software Assurance can always use the most up-to-date version of Office.

7. Support Microsoft offers a variety of support options to help customers deploy Office 2010 on the company level, e.g. planning, application compatibility analysis and solution development, image engineering and customization, etc. Support options:   •  Creating deployment plans   •  Training   •  24/7 engineering support   •  Proof of Concept documents, Web pages 8. Unified IP-Based Communications Organizations rely more and more on quick and efficient integrated communication solutions. These channels are usually real time messaging, audio and video conferences, and Webbased portal solutions, that are all comprehensively supported by Office 2010. 9. Simple Deployment The automation solutions available for the deployment of Office 2010 offer significant cost savings, as the unified environment offers an easier and simpler way of implementation. At the same time, standardization reduces the required amount of support tasks, as there is less need for testing and user support, and the downtime resulting from data loss can also be minimized. 10. Centralized Management Office 2010 applications can be centrally managed using tools familiar to operators (group policies, WSUS, SCE, SCOM, etc.), these facilitate the work of system administrators and users from the time of deployment. Weighing the benefits of Windows 7 and Office 2010 it becomes clear that the simultaneous deployment of the two products offers valuable business gains for small, medium and large enterprises alike. To provide a clear overview, Microsoft’s solution package is available to customers in 3 categories, which can be used to create a more efficient, more secure and more effectively manageable workstation environment:

State-of-the-art Desktop = User Efficiency    5

Windows 7 Good

Better

Business Desktop

Professional Desktop

is for smaller businesses who need basic PC productivity, with limited or no IT staff.

is for businesses that have a managed PC infrastructure and see a need for a more productive and secure desktop.

Feature Set Highlights

Office 2010 Best

Good

Enterprise Desktop

Better

Business Desktop

adds a set of rich productivity, security and management solutions for companies that have outgrown their PC Infrastructure.

Professional Desktop

is for smaller businesses who need basic PC productivity, with limited or no IT staff.

is for businesses that have a managed PC infrastructure and see a need for a more productive and secure desktop.

Good

Better

Best

Feature Set Highlights







1

Individual business document, analytics, and email productivity

Best

Enterprise Desktop

adds a set of rich productivity, security and management solutions for companies that have outgrown their PC Infrastructure.

Good

Better

Best







1

Basic business PC productivity

2

Protection of sensitive company information on PCs and USB sticks





2

Centralized document management and co-authoring





3

Employees can access their desktop from any PC





3

Self-serve project workspace (e.g. calendar, task lists, project plans) and control





4

Single image, policy control, PC recovery, and inventory mgmt. tools





4

Larger mailbox at lower storage cost





5

Access to Microsoft desktop virtualization technologies & VDI rights





5

Access to your work and colleagues virtually anywhere: PC, phone, and browser





6

Future protection through rights to new software versions





6

Future protection; rights to new software versions during your contract





7

Deployment services, training, and 24/7 support





7

Deployment services, training, and 24/7 support





8

Integrated enterprise security for servers and PCs



8

Low cost IP communication through Office (IM, web conferencing, and voicemail)



9

Complete desktop management solution



9

A comprehensive suite of enterprise security and compliance tools in one package





10 A unified solution from a single vendor at lower cost (vendor consolidation)

10 Unified solution from a single vendor

Good (OEM)

Better

Best

Good (OEM)

Better (Microsoft BPOS)



Best

Corporate deployment of Windows 7 and Office 2010 is assisted by several tools, so the solution can be flexibly scaled in accordance with the organization’s size. The software products and deployment methods discussed on the following pages are classified according to the above categories to make it easier to understand and position the tools. The solutions are classified based on the following designations:

Basic toolset 6 

  State-of-the-art Desktop = User Efficiency

“Better approach” toolset

“Best approach” toolset

Choosing the Right Path… The secret of streamlining processes lies in standardizing them, establishing and following corporate standards. A standardized configuration ensures predictable operation, as the majority of possible issues can already be eliminated during the planning stage. It is important to determine the building blocks of the configuration process, and to decide about the correct implementation of these. The standardization of the workstation environment results in simpler installation, upgrades, administration, support and replacement. The standardization of user settings and the software and hardware environments guarantees the successful deployment of the operating system and applications, and the changes of configuration applied to them. If it were the task of the user to install the operating system or the device drivers, a minor issue might escalate and cause severe problems. Due to these basic considerations, it is advisable to create a well developed and proven process to deploy Windows 7 and Office 2010, regardless of the size and IT-maturity of the organization. The proper way to deploy new software can only be chosen by carefully assessing the current environment, by considering all technical assets and solutions and, of course, by identifying the basic business requirements to be met. Which are the basic questions and technical parameters to consider during the phase of conceptual planning? • Deploying Windows 7 often involves acquiring new equipment. There are two key factors to consider about this: » Windows 7 has higher hardware requirements than Windows XP. This is a good occasion for organizations to replace their workstation hardware infrastructure that has been in place for up to 5-8 years. » Hardware manufacturers optimize their new personal computers to and deliver them with Windows 7, and their compatibility with Windows XP and the availability of device drivers is not guaranteed. » Since 2009, general product support for Windows XP is no longer provided. The extended product support for XP SP3 provides upgrades only for new security threats until 2014. » If XP were to be installed on the new computers, reinstallation with Windows 7 would still be necessary at the end of the XP product support period in 2014, so the tasks would need to be performed twice. • It is imperative to get a clear picture of the current IT environment, and this includes the current state of the workstations and the range of applications used on them. It is quite possible, that some of the computers are already capable of running Windows 7 and the planned applications in their current hardware configuration, while others might require only minimal

hardware upgrades. It is important to decide in this case whether there should be two or more different hardware configurations, or is it more desirable to standardize the workstations. A heterogeneous system requires more complex deployment and management processes, and with systems containing a large number of workstations this ultimately results in higher costs compared to the expenses saved on the hardware. • During the deployment of Windows 7, the task requiring the most careful consideration is choosing the applications used by the company. Upgrading the platform is a great opportunity to replace obsolete, old applications, which necessitates the revision of license agreements, as well. Analyzing the usage habits and requirements helps considerably in choosing the applications and their distribution types. • The next question while selecting applications is their compatibility with Windows 7. Microsoft offers several solutions to run applications that were not originally developed for the Windows 7 platform. • Microsoft’s Application Virtualization solution (App-V) can be effectively used, if different usage requirements indicate the necessity to run different versions of the same application on the same computer and at the same time (e.g. Remote Desktop Session Host). This way the virtualized application runs separately from the operating system, making it easier to install and remove it as needed. • Most users put special emphasis on their work environment, an organic part of which is the user’s profile. There are multiple ways to centralize and migrate profile information, which all need to be taken into account when the migration is being prepared. If it is possible to separate the information in the user profile from the given computer, the operating system can be upgraded without affecting the user’s experience. • In the case of systems comprised of a large number of computers, replacing all workstations might take a  long time even with proper automated processes. By deploying the Remote Desktop Services package (optional), available as a part of Windows Server 2008 R2, the Windows 7 and Office 2010 user experience can easily be provided to all users of the organization. • Windows 7 can be merged into the same management infrastructure as Windows XP. There is no need to develop separate processes, as the administrators can continue to manage their hybrid system with the tools and processes they are already familiar with. • Professionals taking part in operations should be properly trained to achieve a successful deployment of Windows 7 and Office 2010.

Choosing the Right Path    7

Preparation Tasks To answer the above questions, Microsoft provides a valuable planning and management guide within the Microsoft Operations Framework (MOF). MOF also contains essential information about project management tasks and other roles.

Experience shows that deployment projects encounter the following critical issues:

Question Does testing require infrastructural and human resource investments?

Infrastructure upgrades

Should every user's workstation be replaced?

Image development

Does each hardware type require a separate disk image to be created and maintained?

Application management

Will all applications work?

Distributing Office

If Office is needed, will more testing and disk images be required?

Security settings

What IT security rules should be introduced with the new software versions?

Deployment

Does IT need to receive each user's workstation for the change, and what is the downtime associated with the migration?

Operation

How does the new version affect the work of operators and users?

The following questions should also be answered during the conceptual planning phase: • How much will the migration cost? • How much time will the complete process take? • How many engineers have to be involved with the deployment? • What dependencies and prerequisites have to be considered during the migration? »  What information needs to be collected? »  What has to be prepared? »  How many servers are required? »  What are the processor, memory and disk space requirements? •  • Who needs to receive training, and how much training is required?

8 

  Preparation Tasks

Portfolio

Operational Health

• Operations • Service Monitoring and Control • Customer Service • Problem Management

MOF

RA

Does every user's information need to be migrated manually?

PLAN

O PE

Migration

Service Alignment

R

Test processes

IV E

Task

• Business/IT Alignment • Reliability • Policy • Financial Management

TE

EL

Deploying new software can mean a series of challenges, and with insufficient preparation these may only emerge during the installation and the first use of the system. When replacing the operating system (the basic platform), the number of questions and problems encountered increases exponentially, so it is imperative to prepare for these challenges with a proper conceptual plan.

D

M A N AG E

Policy & Control

• Envision • Project Planning •  • Build • Stabilize • Deploy

• Governance, Risk and Compliance • Change and Configuration • Team

Project Plan Approved

Release Readiness

The structure of Microsoft Operations Framework 4.0 The Deliver phase of MOF contains items like conceptual planning, project planning, development, stabilization and deployment. These can be found in the Service Management Function (SMF) description within MOF. This guide helps in forming a clear picture of the processes involved in the whole task, including the processing of incoming data, the areas of responsibility, the activities and the products, while providing appropriate controls for each step. After determining the basic goals and expectations of the deployment of Windows 7 and Office 2010, and ascertaining the framework of the project, the preparatory planning phase follows, which includes the following tasks:

Let’s Plan and Scale! Project Participants At the outset of the planning phase the participants of the project should be chosen, and their roles and tasks need to be defined. It is important that all participants have a proper insight into the major features of the applications to be deployed, as the collaborating professionals need to talk „the same language.” This could be significantly facilitated by a short technological presentation (workshop), where the key participants’ questions about the selected software can be directly answered by professionals.

Assessing the Existing Environment In order to create a schedule that fulfills business requirements and is plausible at the same time, it is imperative to gain detailed information on the present IT environment. The IT system’s current hardware and software composition can easily be mapped with the free Microsoft Assessment and Planning Toolkit (MAP), that uses WMI calls to query the information required for the migration from the target audience. There is no need for extensive preparations, as MAP uses WMI, and it does not require the installation of an agent component. During the inventory, MAP not only collects information about hardware and software, it also helps with the analysis of the collected data. During the assessment it provides an accurate picture about the part of the current machine pool that can accommodate the deployment of the different workstation and server operating systems with or without hardware upgrades. Its detailed reports clearly show the current hardware configuration of each computer (the hardware components and the load characteristics are also taken into account) and the components that need to be upgraded for the successful deployment of Windows 7. The information obtained can be used to calculate the hardware investment costs more accurately, and is also useful during the selection of machines for the pilot phase.

• In a corporate environment, the basic tool for central administration is the group policy. It enables control of the computers’ settings and several parameters of the users’ work environment. The logic of the group policy object in Windows Server 2008 R2 has more than 3300 adjustable parameters, most of which are compatible with Windows XP. Thanks to this, the policies used to govern XP and Windows Server 2003 systems can be retained, as they are fully compatible with the Windows 7 and 2008 R2 platforms, and all of their parameters are applied. Windows XP ignores the policy settings it cannot interpret, so it is completely safe to implement the new features and built-in security capabilities of Windows 7. • With the deployment of WSUS, the operating systems and the applications they are running can be automatically updated, so the heterogeneous IT environment consisting of XP and Windows 7 systems can easily be kept up-to-date with the same upgrade management methods and processes. • The deployment of Windows 7 does not require reconfiguration of shared network devices (e.g. network printers), only the appropriate device drivers need to be installed. Windows XP and Windows 7 access these resources through the same protocol and the same methods. • Also, the tried and trusted software distribution methods do not need to be changed due to the deployment of Windows 7. The process of centralized software distribution, either through policy or a management agent component, is identical for both platforms.

Active Directory domain Server Infrastructure

Managing a Hybrid Environment The larger an organization is, the more complex the task to deploy Windows 7 will be, which also affects the project’s time frame. During the migration process, in a network of heterogeneous Windows clients, the ability to administer XP and Windows 7 systems at the same time is also important. Windows XP, Vista and Windows 7 operating systems can be organized into a unified management model, where each of the clients can be centrally managed using previously introduced software and operational routines.

Preparation Tasks    9

Windows 7 Deployment Types A decisive factor in identifying deployment-related tasks is the selection from the four types of Windows 7 installation methods suitable for automation: Upgrade Machines running Windows Vista Service Pack 1 and 2 operating systems can be upgraded locally (in-place-upgrade) to Windows 7. This means that the applications, settings and user data existing in the Vista environment can be used further on in the Windows 7 environment after the upgrade. The benefits of the process may also become a disadvantage at the same time: as all settings remain the same, inadequate configuration will also have an impact on the new system.

Internet Explorer 9

New Installation

The Internet has become a default working tool for users, so Microsoft also gives special focus to the ongoing development of Internet Explorer. Although Windows 7 contains Internet Explorer 8 integrated, it can easily be upgraded to IE 9.

A process involving the deletion of contents from and repartitioning the hard disk, which results in a consistent state optimal for easily enforcing administrative settings and installing required components.

Internet Explorer 9

Reinstallation

• Safety is guaranteed by built-in malware and XSS (Cross Site Scripting) filtering. The new Tracking Protection feature allows users to control which sites they allow or deny access to their browsing patterns.

In certain cases the existing Windows 7 environment may need to be reinstalled; the process is almost identical with the steps for a  new installation. There is, however, one important difference: machine and user settings and data need to be collected from the old operating system and transferred to the new installation. If this procedure is performed by the end-user, Microsoft recommends the use of the integrated Windows Easy Transfer (WET) tool. However, if mass reinstallation is required, the User State Migration Tool (USMT) is the right choice.

• Easy to administer, as the browser is configured, updated and distributed using the deployment and administration tools in Windows. The Internet Explorer Administration Kit (IEAK) and the almost 1500 policy settings further simplify implementation into a corporate environment. • In tune with the life-cycle of business, as Internet Explorer continuously adjusts to the capabilities of the latest operating system and to business requirements. Accordingly, IE updates are published together with those of the core platform, on “patch Tuesdays”. Internet Explorer 9 also introduces several improvements focused on users to further enhance the user experience, while simplifying and accelerating everyday tasks. We recommend linking the deployment of Internet Explorer 9 to the Windows 7 rollout to provide a more state-of-the-art, safer and easier to use browser to users with minimal additional effort.

Central Store Scanstate Reloading of user data and resources

Loadstate Reloading of user data and resources

Reinstalled PC

10 

  Preparation Tasks

Replacement Workstation operating systems earlier than Windows Vista SP1 cannot be migrated to Windows 7 by upgrade. Consequently, enterprises using Windows XP can only deploy Windows 7 by replacement. Replacement may involve procuring new machines or hardware upgrades to the exiting environment, as Windows 7 requires a more powerful hardware platform than Windows XP. As with the reinstallation approach, the profile migration tools developed by Microsoft (WET, USMT) can be used in a similar way, as they also support the transfer of profiles between different machines. The Windows 7 deployment solution should be developed in a way so that it would focus not only on the machines in the existing environment but also accommodate any new machines to be procured in the future. A very common solution is the pre-installation of IT devices with an operating system that should subsequently be customized to meet the requirements of the organization. New devices also require the installation of applications, enforcement of security levels and integration into the administration system.

What About the Applications? One of the tasks involved in the deployment of a new operating system is to select the applications to be used. This is also a great opportunity for reviewing the licensing of individual software products and revise which applications are really required. MAP primarily focuses on hardware compatibility and performance issues related to the implementation of the operating system, but it can create a basic inventory of applications installed on the computer. This inventory does not reveal information about application usage patterns. Reporting on software usage trends and assessing license allocation require the implementation of System Center Configuration Manager.

Application Compatibility To establish the final list of applications to be installed in the Windows 7 environment, we need to ensure all software applications perform flawlessly on the new platform. Most of the issues emerging in connection with a platform upgrade are related to applications. Microsoft developed a new operating system kernel for Windows 7, which has an impact also at the driver and application levels.

New version

The easiest way to resolve software compatibility issues is to acquire the new, Windows 7 compatible version of the given software. In some cases, this may not be a viable option, either because the vendor did not release such a version, or the upgrade would mean additional costs to the organization, beyond current budget limits.

ACT

If software upgrade is not a viable option, it is recommended to use Microsoft’s free tool, the Application Compatibility Toolkit. During the examination of software products, ACT can detect various compatibility issues, and offer solutions to resolve them.

XP Mode

There are, however, compatibility issues not even ACT can resolve. So, if an application can only run adequately in an XP environment, it should stay there! XP Mode technology was developed with exactly these scenarios in mind: it offers a Windows XP operating system, and applications installed on it, running virtually on the Windows 7 operating system.

Review the technical details of ACT and XP Mode: Application Compatibility Toolkit After the data collection phase, ACT can create a list of currently used applications, just like MAP. This list is an active SQL-powered database where IT professionals can enter the results of the testing and solution development stages. Consequently, the process of determining application compatibility and its current state can be accurately tracked. Application compatibility issues between different platforms typically arise because the manufacturer of the software did not upgrade it for Windows 7. For such scenarios, Microsoft developed ACT with a predefined patch kit (SHIM) integrated into the software to eliminate the most common issues. For applications with compatibility issues, custom patches can also be developed and later delivered to all workstations of the enterprise. The simplest approach to delivering patches for the software stack used at the time of Windows 7 deployment is to integrate the patches into the standard corporate system image.

Preparation Tasks    11

When implementing XP Mode, the following administrative considerations should be taken into account: • As virtual XP machines built in compliance with corporate standards can be distributed by simple copying, it is easier to guarantee business continuity, since the corporate (virtual) client environment can be quickly rebuilt. • The virtual machine and the applications on it run independently of the host computer’s settings and rules, as the virtual machine is a “different” computer. • If required, the virtualized application can be displayed with a frame of a definable color, so the user can see that the displayed interface belongs to the application running on the virtualized XP system.

Implementation of a Reference Environment ACT SHIM Stack Microsoft offers customers several support options for Windows 7 deployment, including Application Compatibility Factory (ACF). Engineers working in ACF can be assigned with the task of making compatible the applications to be used by the enterprise on the Windows 7 platform, thus the developed solution will also be backed up by warranty.

XP Mode XP Mode provides a  novel solution to Applications application compatibility issues. On a  Windows 7-powered workstation, usOS ers can use applications developed for Windows XP as if they were installed on the Windows 7 system. In the background, Applications Virtual PC however, when the Windows 7 host machine is started, Virtual PC provides a virtual environment for the Windows XP Operating System machine running the given application. To provide an appealing and comprehensive Hardware user experience, the MED-V agent stores the interface of the application when it is launched on the virtual machine, and this interface is displayed in the work area of the host operating system. As a result, the user has the perception that the applications are running on the host operating system itself.

12 

  Preparation Tasks

Windows 7 and Office 2010 deployment can be facilitated to a great extent, if the preparation stage can rely on a reference environment consisting of a few machines, for testing software installation and configuration. Such a test bed can not only be used to obtain answers to questions emerging during planning, but also to examine application compatibility, automated installation and configuration processes. After successful migration and deployment, you might want to retain the reference environment, as it can serve as an ideal test bed for the deployment of any new applications emerging in the future. How to Build the Reference Environment and What Tools to Use? The hardware environment used in the test bed should be selected in line with information obtained from the assessment of the existing environment and with the chosen distribution method. If Windows 7 deployment also involves purchasing new hardware, machines with the selected configuration should be featured in the reference environment. If some of the existing computers are suitable for running Windows 7 in their current state, it is important to include some of those machines in the reference system, as well. Depending on the size of the organization and the complexity of the migration, the testing environment may consist of only one or two machines, but it can also be built as an entire infrastructure installed with all required server roles, isolated from the production system. It is important that the lab environment reflects every aspect of the production system, as the entire migration and application deployment process needs to be modeled, so that any hidden bugs can be identified. Consequently, it is not sufficient to focus only on the operating system installation stage, but the relevant management issues and the server roles involved in the process also need to be clarified.

In a corporate environment, the security, reliability and high availability of user data is of key importance. These data, depending on the maturity level of IT systems at the organization, are mostly stored in user profiles and other personal folders associated with them. A profile is the collection of files, folders and those registry entries that determine the environment, desktop and settings presented to the user after logging on to the computer. In terms of where the data stored, we can distinguish between local and roaming profiles. The main benefit of roaming profiles is centralized storage, as the profile information resides at a central location in this scenario, not on the user’s machine. Whichever computer of the organization the user logs on to, the same settings and desktop are always presented (except for the installed applications, as those may not always be available on every workstation). The information stored in the central location can be easily backed up using a centralized backup solution, as only the profile storage folders on the file server need to be backed up in order for user data to be available, even if the user’s workstation became unusable. Irrespective of where profiles are stored, a very handy feature related to them is folder redirection. In this scenario, certain folders of the profile (e.g. the contents of the Documents folder) are not stored within the profile, but moved to a centrally stored folder. The actual storage location of the folder becomes transparent for the users; as far as they are concerned, information is stored in the Documents folder on their workstations. Consequently, there is no need for additional training as to what to save where, which significantly accelerates deployment. Folder redirection can be very well combined with the roaming profile approach. In this case, profile size decreases dramatically, resulting in faster logon / logoff, and the current contents of the redirected folder can be regularly backed up by a central backup solution. Taking all these aspects into account, the types of current profile usage also need to be understood when the IT system is assessed, so that an optimal decision could be made for migration. If the organization already has some kind of centralized infrastructure, the recommended approach is to redirect the profiles partly or entirely to a file server, as this measure greatly facilitates the Windows 7 deployment process.

Using migration rule (.xml) files and/or command-line statements the system administrators of the organization can control which user accounts, files and settings they want to migrate and how. Available options include the resolution of conflicts, the emulation of missing settings and also the removal of settings from the target machine. The tool can migrate e.g. the desktop background, command-line settings, the user’s documents, folder settings, fonts, mouse and keyboard configuration files, remote access settings or even the selected screensaver. Additionally, version 4.0 of USMT, introduced in Windows 7, can do all that much faster than previous versions, thanks to the Hardlink feature which can be very useful for operating system upgrades. In this case, the tool collects user data into a special folder, referenced by a hard-link. The benefit of this approach is that there is no physical copying, the tool only changes the addressing of the files. 30

Time needed for migration (min)

User Profiles Need to Be Managed, Too!

25 20

File copy Hard link

15 10 5 0

2

4

6

8

10

12

14

Amount of data (GB)

Performance Improvement through Hardlink Migration USMT now also includes an enhanced Document Finder feature which, similarly to the Windows Easy Transfer algorithm, attempts to migrate all the files not linked to the operating system or the installed applications. The tool also supports the migration of shadow copies and local group memberships, which may be very useful in certain cases.

Profile data and folder content managed by the users may not be centralized in every case, as the required storage capacity may not be available. Microsoft User State Migration Tool (USMT) was developed to work around this issue, available as a free solution for automated mass profile migration.

Preparation Tasks    13

Implementing a Pilot Environment Most of the emerging questions are precisely answered by the tasks performed in the preparatory stage, revealing: • the composition of the existing IT system, • the extent of required hardware upgrades, • the ideal type of operating system deployment, • compatibility issues of the applications to be used, • the requirements for the reference environment, • the options for migrating user profiles With this knowledge, we can compile a Windows 7 Deployment plan aligned to the set of criteria defined in the Conceptual plan, with contents subject to amendments based on experience gained in the Pilot phase. Review the key information about the Pilot environment.

Test Plan Before finalizing the Windows 7 Deployment plan, the processes set out in the plan should be tested in the reference environment set up for this purpose. Methodical testing requires a detailed Test plan describing the individual test cases, the personnel performing the tests, the time frame for testing, how long a given test phase is to run, and what the expected results are. A set of criteria and a priority rating should be defined for each test case. By assigning a priority value, we can avoid situations where a negative outcome of the testing of a minor feature would slow down the deployment process, as such issues can be remedied even at later stages. At the same time, this approach also highlights when an issue is a major one, resulting in the potential redesign of processes. Issues uncovered during the test phase should be taken seriously, as the reference environment used for testing can be considered an abstract of the production system, therefore these symptoms will similarly emerge for each machine during the mass deployment process. This also underlines the importance of setting up the reference environment to be a close replica of the production enterprise infrastructure. If more than one hardware configurations are in use, the process for installing the operating system and the applications needs to be tested on all variants. These steps emphasize the importance of the implementation project prepared to exacting standards to business decision-makers, as this project is also a token for the success of the processes.

14 

  Implementing a Pilot Environment

Pilot: Testing Processes for a Limited Range of Users According to Microsoft’s recommendations, migration, or the Pilot testing of the Deployment plan created, should first be carried out on a smaller group of carefully selected users. Relying on the results of the trial operation, any necessary changes and fixes can be implemented in the process design prior to starting the migration for all machines in the production system. The primary objective of the Pilot phase is not to test Windows 7 functionality; nevertheless, user feedback collected at this stage can be useful later. On this basis, we can decide which operating system features should be enabled or disabled by default. In the course of the Pilot phase, it is important to keep track of the duration of the migration, the number of migrations carried out concurrently, the infrastructures load and usage data, and also the help desk calls related to the deployment.

How to Select Users for the Pilot Users of the pilot environment should be selected in a manner so that they provide an accurate representation of all types of users and infrastructure uses in the organization. This requires an understanding of the geographical distribution of the enterprise, patterns for local and mobile users, the types of accessing resources, the available bandwidth, and the data volumes transferred through the network, to use as a basis for setting up a representative list. The following table summarizes the most common groups of users, their relevant business requirements, and the technological solutions used by them:

Interface portability

Functionality

Silent install

Disk encryption

Data Security

Smart Card

Remote Access IPSec-based VPN

Laptop

Desktop

Proprietary device

Challenges

Thin client

User Groups

Application and Presentation Virtualization

Devices

SSL VPN

Features/technologies

Task-oriented users • They perform pre-defined tasks. • Several users share a pool of machines running the target application. • Examples: temporary staff, Call Center operators

• Deliver a cost-efficient solution • Provide flexible access to several machines • Provide sufficient productivity even in low bandwidth scenarios









General office users/information workers • They have a wide range of tasks. They use several LOB applications. • They require high performance. • Examples: researchers, data analysts

• Uninterrupted high performance to be guaranteed • Swift response to business requirements • Manage compatibility issues between applications • Flexibility between software versions







Mobile users • They frequently travel between different sites and customers. • They use several applications on mobile computers. • Examples: sales representatives, managers

• Protection of locally stored and portable confidential data • Provide offline access to data • Central administration of mobile devices only occasionally connected to the corporate infrastructure













Home users • Remote access to data and applications is required. • They use a wide range of devices, including their own devices. • Examples: remote workers, outside workers

• Guarantee the integrity and confidentiality of data • Develop a flexible and costefficient solution • Provide access from nonmanaged devices











Implementing a Pilot Environment    15

Questions Related to the Hardware Pool The available hardware pool should not only be examined in terms of user groups, but also as a function of complexity. This approach is primarily useful in the mass deployment phase, but it can also be used to establish several stages for the pilot system: • Newly purchased computers should be procured with Windows 7 preinstalled, as this guarantees that the specifications of the machines make them suitable to run Windows 7. Computers delivered with Windows XP need to be reinstalled later using the corporate Windows 7 image, requiring unnecessary additional effort, translating into significant additional costs where a larger number of machines is involved. • Migration of problem-free machines running only a few applications provides fast early success. • These may be followed by machines running many applications, operating with a complex configuration, therefore implying more issues. Computers equipped with special hardware options can also be included in this category. • For users with obsolete hardware configurations running Windows XP, the implementation of a virtualized work environment (RDS / VDI) should be considered, so these users could also enjoy the benefits of a state-of-the-art work environment from the beginning of the migration process.

Deployment Toolset For only a few machines, the development of exquisite automation for Windows 7 deployment is not justified. Settings and user data simply needs to be backed up, and then the new operating system can be installed using the installation DVD. After the installation of applications is completed, the deployment can be finalized by setting user profile data. For dozens, hundreds or thousands of computers, Windows 7 deployment is mostly identical to the process outlined above, but a certain level of process automation is definitely recommended in this case. The time allocated for developing and testing custom procedures must be in proportion with the number of machines to be migrated. Review the tools and technologies facilitating automated mass deployment of Windows 7 and Office 2010.

16 

  Implementing a Pilot Environment

Image Formats The Windows Image file format (WIM) is a special container storing the operating system image. One WIM file may contain several different disk images. Using special compression algorithms and „single instance” technologies allows relatively small files to store the data. Microsoft also employs the WIM format in the Windows 7 installation kit to store the pre-installation environment for the operating system and Windows (WinPE). Custom images can be created by editing those files, while ImageX provides options to create installable WIM files from reference machines. By creating a custom image, the implementation of the ideal work environment can be simplified, as the image contains not only the core operating system, but also the customized OS settings and all the necessary applications. Only the applications required by all users of the organization need to be preinstalled in the reference image, e.g. virus protection, Office programs. As a result, system administrators need to maintain only one image, all user-specific requirements can be managed at the level of the central administration applications.

WinPE The Windows Preinstallation Environment is a graphical environment with limited functionality, running the Windows kernel, and usable for diagnostics, maintenance and operating system installation tasks. The WinPE 3.0 environment used by Windows 7 and Windows Server 2008 R2 can manage virtual hard disks (VHD), so even the VHD Boot technology can be implemented. In certain cases the WinPE environment needs to be customized, e.g. when installing custom hardware drivers, allowing the machine to manage the network interface or RAID controller board even in the WinPE phase. The required WinPE environment can be placed on a  WDS server, so computers supporting network boot (PXE Boot) can access the pre-installation environment for the operating system on the WDS server through the local network.

Windows System Image Manager (Windows SIM) Windows System Image Manager provides a graphical user interface to edit the response file controlling the installation and customization of the operating system (unattend.xml). The application uses the existing WIM or CLG files as a reference to load the configurable components and processes. The use of response files allows the automation of questions asked at the time of installation, while also providing options to change settings not prompted for by the conventional operating system installation wizard. As a result, a standardized workstation environment can be created even in organizations with no management infrastructure, as all machines are installed using a configuration with detailed settings. For organizations with a management infrastructure, several tools are available after installation to standardize the Windows 7 work environment, so the creation of a response file to automate the installation of the operating system can be skipped.

Windows Deployment Services (WDS) Windows Deployment Services can transfer the WinPE boot environment through the network to PXE-enabled devices. It also supports the Auto-Cast and Schedule-Cast types of multicastbased image delivery. The version available in Windows Server 2008 R2 also performs the dynamic distribution of device drivers. WDS makes the mass deployment of operating systems easy, as it can deliver the disk images it manages through the network to the appropriate target machines using several distribution methods. This server role is useful for the installation of new machines and the re-installation of existing computers, as well. The deployment of the WDS component available in the Windows Server 2008 R2 product line is extremely simple, with a  number of wizards facilitating initial configuration.

Microsoft Deployment Toolkit (MDT) Microsoft Deployment Toolkit is a free solution by Microsoft for the automation of mass Windows 7 deployment projects. It reduces the complexity of deployment, while it improves standardization by providing a uniform user environment. The operating system installation tools in MDT can drastically cut the time required for lab efforts, as the process automation scripts do not need to be developed from scratch, there are readily available templates for them in the program. MDT provides efficient solutions for the following scenarios:

• The applications to be installed on the new Windows 7 platform can be identified, and the program performs the installations without any user interaction, in a fast and efficient manner. • The entire image creation process can be automated as a script, accelerating the preparations for deployment. • The program collects the user profiles from the existing machines (with USMT functioning in the background), and migrates them back to the new workstations. • Using its automation methods, the program can back up the existing environment prior to the Windows 7 deployment. • The program provides a comprehensive automation script for the entire process of deploying new machines. Without MDT, one would have to develop a proprietary method to automate every phase of the mass operating system deployment. By using MDT, hundreds of hours of effort can be saved, thanks to its ready-to-use solutions including the appropriate installation scripts, response files and image creation procedures.

System Center Configuration Manager (SCCM) A software solution for general change management, perfectly suitable for smaller corporate structures with only a few sites or for really large, multi-sited infrastructures, as the server roles implementing the functionality are modular and very extensively scalable. System Center Configuration Manager can support physical and virtual machines, servers, workstations and mobile devices alike. • It provides an accurate overview of the entire system through the hardware and software inventory features configurable in detail. • The software distribution component of SCCM allows the selection of the necessary distribution method from a wide range of options, including mandatory installation run with administrative privileges, triggered by Wake-On-Lan technology, ignoring the maintenance window. • SCCM complies with all requirements for a dynamic and Zero-Touch operating system installation solution. SCCM can automatically install an operating system on members of machine pools. • The software usage metering feature in SCCM is very useful when the annual software licensing plans are drawn up, as it contains all the building blocks required for data collection and statistics. • The Desired Configuration Management (DCM) module in SCCM is of invaluable help in a rapidly changing virtualized system, as it can examine the configuration of servers and the applications running on them against a predefined compliance rule.

Implementing a Pilot Environment    17

User State Migration Tool (USMT)

Office Migration Planning Manager (OMPM)

The User State Migration Tool allows the automated migration of user profile data and computer settings from the old machine to the new one. As mentioned earlier, user profile information often needs to be retained and transferred to the Windows 7 work environment. In connection with the profile, migration should of course also manage the computer settings, while the platform change will also involve parameters that cannot be transferred to the new system. Due to such compatibility issues, profile migration and its automation process should be subjected to thorough testing, so that a well-functioning, efficient solution is available prior to the mass migration.

OMPM is a collection of applications for the detection and analysis of document conversion issues and also for the centralization of batch conversion.

Office 2010 Deployment Tools The deployment of Office 2010 is facilitated by a number of free tools available to map the existing application environment to detect compatibility issues, to automate the installation of required components, or even to batch convert files created using the older versions of applications.

Office Customization Tool (OCT) An automatic and customized installation of Office 2010 requires the creation of the appropriate response file which can be simply built and modified with the OCT tool in the Office installation kit. Besides the management of the usual options, the software also allows for configuration of a number of additional parameters to standardize users’ work environment in a manner similar to policies. During the response file-based installation, document protection, macro security settings, Outlook mailbox parameters and even the properties of shortcuts can be controlled.

Office Environment Assessment Tool (OEAT) OEAT searches for extensions in the Office 97, 2000, XP, 2003, 2007 and 2010 suites to facilitate the detection of application compatibility issues. The verification is carried out through the examination of pre-defined folder and registry structures, the analysis of COM and VBA plug-ins and the monitoring of calls to the Office APIs.

18 

  Implementing a Pilot Environment

OMPM can detect the documents created by the user using Office 97-2003, irrespective of whether the files are stored locally or at a  central location. The inspection process examines how the individual files can be converted to the Office 2010 format, and stores the results in a database, so the information is readily available for reporting purposes. OMPM analyzes the properties and contents of files, and looks for potential issues that may occur during document conversion. It also analyzes the Visual Basic for Applications (VBA) macros available for embedding into Excel, PowerPoint and Word files, so any errors in the macro codes of the documents can be revealed in advance. Office File Converter (OFC), available as part of the OMPM package, allows the batch conversion of Office 97-2003 documents to the Office 2010 format.

Office Compatibility Code Inspector (OCCI) After the file conversion, OCCI can be used for further analysis to detect compatibility issues related to VBA code embedded into documents handled by Excel 2010, PowerPoint 2010, Word 2010 and Visual Studio 2008. The scope of the application only includes code analysis, any required fix is to be provided by the developer. The application records the detected issues as comments in the code, and also attempts to provide recommendations for their resolution or guidance to further information.

Developing Custom Solutions Using the information collected up to this stage, the technologies presented should be linked, so that the pilot migration is successful in every aspect. The Deployment plan must handle any errors occurring at the individual steps, how they are entered into the documentation, while it also needs to define the criteria of success for each phase. The following list describes the correct order of application for the components presented so far, although some of the steps may be skipped depending on the chosen solution:

Steps to Migrate to Windows 7 Create an inventory of the current state of the IT environment, to be used as the basis for finalizing the necessary hardware ❏  investment plan.

Create a final list of the applications to be used, and manage their compatibility issues. ❏  Create a reference environment for testing your custom solutions. ❏ 

Use this system to test the products created in the individual steps.

Review the current behavior of user profiles, and create a plan for their migration. If necessary, use the USMT toolset. ❏  Create the images for the WinPE and the operating system installation phase in compliance with corporate standards. Use the ❏  Sysprep and ImageX tools to create the reference image, and use the DISM application to edit the images offline.

If necessary, you can use the WSIM response file creation application to customize the operating system installation. ❏  Select the appropriate mass distribution solution for both the operating system and the applications to be installed on it. ❏  Depending on the selected distribution solution, prepare the components of the core infrastructure to support the deployment. ❏  If MDT / SCCM is chosen as the mass distribution solution, prepare the relevant process automation Task Sequence script. ❏  Classify the users and computers of the organization into categories. Use this information to select the users participating in the ❏  Pilot phase, and also to select the machine groups involved in the migration and the sequence applied to them.

Document your Deployment plan. ❏  Create a Test plan with test cases and success criteria included. ❏  Perform the Pilot testing. Use the Pilot phase to collect user feedback, measure performance parameters, measure the time ❏  required for the process, and remedy any emerging issues.

Amend the Deployment plan to reflect the changes in the process. ❏  Start the mass deployment. ❏ 

Implementing a Pilot Environment    19

Mass Deployment of Windows 7 and Office 2010 Following the Pilot migration and the trial period, the gradual migration of the entire infrastructure to Windows 7 can be launched. Relying on the results of the Pilot phase, we can create the final Deployment plan covering the following items: • The number of machines migrated in one group, • The sequence of the individual machine groups, • The scheduled time for installing the operating system, broken down by machine types, • The personnel and other resource requirements of the mass deployment, • The time available for installation for each individual machine group, • The training plan and schedule for user re-training. Mass deployment, depending on the chosen solution, may have minimal or even significant impact on the servers of the corporate infrastructure, therefore the preparation of server roles must be completed prior to launching the Pilot phase.

Required Server Roles Database Server MAP and ACT both store the collected inventory data in SQL databases. They can create status reports from these, and also present workload information received from the performance counters. The heart of the SCCM system administration application is the SQL-based central database, which can be of significant size, depending on the extent and complexity of the IT system. As a result of its complexity, the deployment of SCCM requires in-depth planning and preparation. The databases used by the applications may be consolidated on a shared SQL server, if necessary.

File Server In an enterprise environment, the easiest way to share content is to place the files in shared folders. Most of the content produced in the different phases of migration needs to be copied to those shares for an automated mass deployment, to make it available to all computers. The scaling and number of file servers is influenced by the structure of physical sites and bandwidth in the enterprise, and by the number of applications and drivers to be installed. The developed deployment automation mechanism has to manage the site structure of the company,

20 

  Mass Deployment of Windows 7 and Office 2010

as the infrastructure is different for each location. The Deployment plan needs to cover the implementation options for the developed solution at each site.

WDS Server The Windows Deployment Services server role greatly facilitates the mass deployment of operating systems. The service package, available as part of Windows Server 2008 R2, consists of two components: Deployment and Transport Server. The two components can be located on two separate machines, while Transport Server is a server role functional even by itself. The WDS server plays an important role in the distribution phase of WinPE, the operating system and the drivers, so the server must be equipped primarily with hard disk storage space and fast network connections. To reduce the workload caused by file transfers through the network, the multicastbased distribution method is available in the product. This method can sort the machines belonging to the same multicast process by their bandwidth values. As a result, a machine with a slower connection would not affect other members negatively.

WDS Multicast Configuration

Active Directory Active Directory is an integral part of the core infrastructure. It enables setting up the WDS server in a way, that only machines existing in the directory would have the new operating system image delivered. It can also serve as a tool to control access privileges to network shares. Through group policy objects, thousands of parameters can be centrally controlled for the newly deployed machines and the applications installed on them. This management infrastructure is equally suitable for the central management of Windows XP, and Windows 7 workstation operating systems and that of the server environment.

Mass Distribution Using MDT and WDS

Mass Distribution Using SCCM

Microsoft Deployment Toolkit consolidates the toolsets for Windows 7 and Office 2010 deployment in a single console. The software is not designed for standalone operation, it uses several tools in the background to automate processes, e.g. WAIK, or USMT. The core concept of the product requires the creation of a distribution share, where the building blocks for the installation process will be organized into subdirectories. Built-in wizards assist in swiftly configuring the appropriate installation environment, as a  number of predefined operations are included in the software. The source for the image to embed into the Task Sequence script can be the original installation media or even files placed on the WDS server.

Similarly to MDT, SCCM also uses the toolset of the Task Sequence script and WDS, however, a completely automated, Zero-Touch Installation can be implemented with this tool. Compared to the previous solution, SCCM can apply static and dynamic group membership logic to categorize the entities into different targets, and then prescribe the installation of the operating system and related applications as optional or mandatory for the various groups. With the integrated Wake-On-Lan (WOL) capability, the process can be enforced even when the machines are turned off. As the different user groups require different application sets, these should not be installed into the reference image, but the software distribution features of SCCM should be used, instead. As a result, the Task Sequence script used in SCCM can consist of significantly less steps than the version used by MDT, since SCCM applies different methods for the installation of drivers, software and updates.

MDT can create customized WinPE files that call the response file and scripts from the working directory after the boot phase of the machines is completed. These WinPE files can also be placed on the WDS server, so the boot process of the machines can even be controlled through the network.

Office 2010 Deployment Options The distribution architecture for Office 2010 is fundamentally identical with the earlier structure for Office 2007. There is, however, an important difference: Now the Office versions available through Volume Licensing programs require activation using one of the Volume Activation technologies. Key Management Service (KMS), Multiple Activation Key (MAK), MAK Proxy, or a combination of these methods can be used as activation methods.

Selection of the Appropriate Distribution Method

WDS Administration Console After the boot stage, the system administrator can configure the decision points identified in the steps of the Task Sequence script created by MDT. With the questionnaire filled in, the process becomes automatic and produces the required environment.

There are five recommended methods available for the centralized deployment of Office 2010: network share, Group Policy startup script, centralized distribution through management software, Application Virtualization and Presentation Virtualization. The above methods can also be combined, e.g. the virtualized Office 2010 application can be distributed through the central administration system. Although the Group Policy Software Installation feature (GPSI) can be successfully used to deliver generic software, this solution is not supported for the distribution of Office 2010. As an alternative solution, the automated launch of a script linked to the machine boot event is recommended.

Mass Deployment of Windows 7 and Office 2010    21

Network Installation

Application Virtualization Using App-V

A very simple approach to Office 2010 deployment is when the system administrator copies the contents of the installation kit to a network share, and provides access to the share to users and their machines. This may be an ideal solution for smaller organizations, as no comprehensive management infrastructure is required, users can launch the Office installation as required. The drawback of this solution is that the process is manual, and does not provide information about the machines successfully installed with the desired application.

With the implementation of Application Virtualization, Office 2010 can be made entirely independent of the underlying operating system and the other applications installed on the computer. As a result, all compatibility issues that would hinder or block Office deployment are eliminated. Following the installation of the client component required for running the packaged virtual applications, the App-V client is ready to run any Office 2010 components packaged using App-V. System administrators can centrally control which user has the rights to use a given Office module.

Startup Scripts Embedded into Group Policy

Rules for the restrictions can also be based on group membership. Several system administration solutions are available for delivering application packages, and they meet the requirements of all different usage patterns, be it online or offline clients or using fast or slow connections.

Using group policy, system administrators can create startup scripts for computers to perform an automated installation of the desired Office 2010 components. The script can be written in any language supported by the client machines, e.g. VB Script, JScript, command-line executable, etc.

Presentation Virtualization Using Remote Desktop Services One of the main benefits of this solution is that operators can rely on a familiar and commonly used tool, Active Directory Group Policy to centrally distribute Office. So they can utilize proven practices and accumulated experience to easily deploy the new Office version. For organizations where Group Policy is the most prominent central administration tool, a scripted install is the ideal choice.

Using Administrative Software If the organization uses an existing central systems management application (e.g. System Center Essentials, System Center Configuration Manager), centralized mass deployment becomes a simpler task. The use of SCE or SCCM is recommended for the life-cycle management of the IT system, depending on the company size, and both tools make the deployment of Office 2010 a fast and transparent process. The contents of the installation kit can be customized for individual locations in multi-sited systems, resulting in bandwidth savings. With advanced troubleshooting and repair tools, and highly versatile report control features, the applications enable accurate tracking of the entire process life-cycle, so statistics and compliance reports can also be easily created.

22 

  Mass Deployment of Windows 7 and Office 2010

As part of the Windows Server 2008 R2 Remote Desktop Services package, a comprehensive solution is available to support Presentation Virtualization, with several new features compared to the previous release. Office 2010 applications installed on Remote Desktop Session Host servers are accessible to users through several connection methods. Applications run on the server infrastructure, the connected device only needs to display the user interface. RemoteApp technology, also available in Windows Server 2008 R2, enables users to see the interface of only the relevant application, not a complete Windows desktop and work interface, streamlining everyday use. This solution greatly simplifies Office deployment, maintenance and version upgrades, as the required management tasks only need to be completed on the servers running the RDSH role. A further benefit is the reduced bandwidth utilization, as only the mouse, keyboard and screen information travels through the network. The services built into the Remote Desktop Services package (RD Gateway, RD Web Access, RD Connection Broker) also simplify mobile use, as there are several solutions for the Internet-based secure publication of RemoteApp programs.

RDS+App-V Method Corporate deployments of Office 2010 often require a combination of the different distribution methods. The combined use of Presentation and Application Virtualization methods can replace several earlier solutions that were implemented with compromises. Presentation Virtualization often raises issues related to application compatibility and the parallel use of different versions of a given software. App-V-based Application Virtualization can be utilized to eliminate such issues. In this scenario, applications continue to run using the resources of the RDSH server; however, no installation on the RDSH servers is required, as the applications are managed by the App-V client.

on external assistance to a minimal extent. Windows 7 offers several built-in tools well-suited for use even with average user skills, e.g. troubleshooting tools, system restore tool, reliability history, Problem Steps Recorder, etc.

RD Session Host

Client

App-V

. Using RemoteApp technology, applications virtualized through App-V can be accessed via a number of different interfaces, so Presentation Virtualization is also provided.

How to Customize Office 2010 Installations The utility to create response files was available as part of the Office Resource Kit in earlier Office releases. With Office 2007, the Office Customization Tool became a part of the installation package, available to configure several parameters for the installation. The same applies to Office 2010, only the range of available settings has extended, as the 2010 product release has also changed significantly in terms of functionality. While creating the response file, parameters beyond those available as part of a „conventional” installation can also be set. Several policy-type configuration changes can also be specified to fine-tune user-specific and machine-specific settings of the installed Office components.

Central Administration of the Resulting System Depending on the size of the company, there are several management solutions available to control the implemented state-of-the-art work environment. If the size of the organization does not justify the constant presence of a system administrator, or central management software, users typically resolve emerging issues by themselves or relying

Built-in Diagnostics Tools in Windows 7 The introduction of Active Directory offers significant benefits already starting from 10 to 20 users, as the central management of privileges, inventory and group policy configuration features may be required even for organizations of this size. The directory solution offered by Microsoft is especially well-scalable to meet the needs of enterprises with even hundreds of thousands of users. The centralized activation of primed versions is an essential issue for both Windows 7 and Office 2010. Microsoft Volume Activation Management Tool 2.0 can discover the computers connected to the network, and based on data collected from them, it can create statistics of the activation state of individual entities. Following the mapping of the system, all installed copies of Windows 7 and Office 2010 can be activated through the VAMT console, while the appropriate product key can also be set. Microsoft provides two solutions for meeting system management challenges, and for centralizing operational tasks related to configuration management. System Center Essentials is the recommended solution for small and mid-sized businesses, while System Center Configuration Manager is primarily aimed at mid-sized and large enterprises.

Mass Deployment of Windows 7 and Office 2010    23

More information: http://www.microsoft.com

www.microsoft.com

© 2011 Microsoft Corporation. Minden jog fenntartva. Ez a dokumentum kizárólag tájékoztatási célokat szolgál. A Microsoft semmilyen kifejezett vagy vélelmezett garanciát nem vállal a jelen összefoglalóban szereplő információval kapcsolatban. A dokumentumban szereplő logók és terméknevek a Microsoft vállalatcsoport védjegyei.