Skip over navigation

Main Navigation

Subnavigation Area

 

About Us > Know-How

PREMIER KNOW-HOW

 

New York, NY May 16, 2005

Premier Know How Image

Building And Maintaining a Corporate Desktop

contributed by Mike Cunningham

With the proliferation of virus outbreaks and security breaches on the desktop, it has become increasingly important to maintain a secure, standardized desktop in a corporate environment. While a well maintained desktop is often your best defense against a virus, a standard desktop combined with a proven update methodology will ensure an effective and timely response to security threats. In addition, a standard desktop eliminates much of the guesswork on the helpdesk, resulting in increased productivity among staff.

Premier has developed a proven methodology for assisting organizations with the deployment of Windows desktops that covers the complete lifecycle of the project, starting with the initial image build and concluding with delivering updates to the PCs that have already been deployed. Premier's approach can be separated into three distinct phases, with each playing a critical role in the overall success of the project. These phases are listed below:

  • Image Build Process
  • Image Deployment
  • Maintenance & Software Distribution

Image Build Process

The image build phase refers to the installation of the operating system and core applications on a reference computer. At the conclusion of this phase, sysprep is run on the reference computer and the image is copied to the network. Premier's method of building the image is fully automated, starting with an unattended installation of Windows, followed by the automated installation of core applications and concluding with sysprep. Automating the image build makes sense for several reasons. It ensures that the image is built in a consistent fashion and can be repeated over and over if necessary. The time required to build an image is reduced from days to a couple of hours, during which time no user intervention is required.

Key features and benefits from Premier's image build process are listed below:

  • Fully automated image build routine using industry standard automation methods (unattend.txt, .VBS scripts)
  • Slipstreamed distribution point with Service Packs, hotfixes
  • Limited hardware dependencies- one image can be used for all hardware platforms
  • .MSI installation of core applications with resilient source paths
  • Image versioning- version is written to registry (used for image maintenance)

Image Deployment

Once the image has been copied to the network, it is ready to be downloaded to other computers in your organization. This may seem like a simple task, but there are several factors to consider. Do you need to layer on departmental applications or settings? How will the computers be named? Do you require regional settings? The answers to these types of questions usually lead to automation scripts that run during the image deployment process.

While the requirements differ from client to client, listed below are some examples of how Premier has assisted clients with the deployment process:

  • Windows PE bootable CD is used to connect to the network to download the image. PE allows us to run advanced scripts to perform such functions as modify the local sysprep.inf before the computer is booted, thus inserting correct regional settings, computer name and domain information
  • Create a hidden partition to be used for image backups
  • Obtain the computer's serial number and name the PC accordingly
  • Using WMI scripts, rename network connections (i.e Wireless adapter)
  • Use WMI to determine the computer type and install applications if applicable
  • Obtain IP address information and update .ini files accordingly
  • Modify the 'RunOnce' key for the Default User profile, ensuring that a command is run for each user who logs on for the first time.

Maintenance & Software Distribution

Now that the image has been delivered to the user, our attention turns to desktop maintenance. Namely, how do we guard against unwanted changes to the image and how do we deliver patches or software updates? An organization's best defense against unwanted changes to the image is by adhering to strict security policies (both procedural and technical) and enforcing comprehensive Group Policy Objects (GPOs). A detailed discussion of GPOs and security is outside the scope of this document; instead we will focus on delivering software updates.

To effectively manage desktop updates, an organization will require a software distribution system such as Microsoft's SMS or Altiris' Software Delivery Suite. An effective software distribution system should address the following areas:

  • Advanced delivery of packages- scheduling options, silent installation, 'wake-up'
  • Tight integration with .MSI based packages
  • Advanced status reporting
  • Tight integration with patch management
  • Hardware / Software inventory
  • Ability to query the registry on client computers

With a software distribution system in place, we key off of the image version to deliver updates to the PCs. Every change (or set of changes) to the image is grouped into an update package and results in an image revision change. Upon successful execution of the update, the new image version is written to the registry. The software distribution system queries the client computers for the image version, groups these computers together and delivers the update. For example, the image 3.44 image update will be delivered to any computers with image version 3.43.

more Know How

Contact Premier

OFFICE CONTACT INFO

Footer Navigation

Copyright © 2002- Premier Technology Solutions. All other trademarks property of their respective owners.