Deploying Windows XP, Business Desktop Deployment
There are many innovative approaches to simplifying XP deployments (e.g., disk imaging, Windows PE functionality, or eliminating the need for standard installation methods) or by employing various automation, centralized management, and remote administration techniques.
However, most of these solutions are either based on a single technology or consist of a number loosely related utilities that, when combined, deliver a semi-cohesive process requiring considerable coordination. This can be fairly difficult in larger environments where dealing with operating system rollouts is challenging, not only from a technology perspective but also from the project management point of view. To address this problem, Microsoft developed Solution Accelerator for Business Desktop Deployment (BDD), which is the topic of this article.
Microsoft Solution Accelerator for Business Desktop Deployment is a framework designed in accordance with best industry practice. Its purpose is to guide the administrator through the entire process of deploying Windows XP Professional Service Pack 2 (including support for Multilingual User Interface Pack and 64-bit edition of the operating system), Windows XP Tablet Edition, and Microsoft Office 2003 Professional. The scope of its guidance extends from the initial stages of the process such as collecting hardware and software inventory, ensuring compatibility of existing applications, creating operating system images, optimizing relevant infrastructure components, and user state migration through the actual rollout of the operating system and core applications, to post-deployment tasks, such as noncore application installation.
Solution Accelerator for Business Desktop Deployment (BDD) is intended for medium and large enterprises and consulting vendors, which provide this type of services to customers. It is fairly inefficient for SMBs because much of the value is found in its dependencies on other software and the relative complexity of procedures that must be implemented to support it.
What differentiates the Solution Accelerator for BDD from technologies presented so far is its focus on processes and the technology that facilitates them. Although it assumes availability of all necessary software components, it delivers substantial added value by providing guidance in each step of planning, testing, implementation, and facilitating adherence to Microsoft recommendations. Solution Accelerator for BDD is based on concepts derived from Microsoft Solution Framework (MSF) version 3.0 and closely follows its principles. It features a customizable, scalable, extensible, well-documented, and seamlessly integrated set of processes that cover software-based (design and development) and infrastructure (design and deployment) activities.
Solution Accelerator for BDD (currently at version 2.5) is freely downloadable from the Microsoft Web Site in Standard and Enterprise editions. Both downloads are in form of the Windows Installer packages (called BDDStandard.msi and BDDEnterprise.msi, respectively). The prerequisite for the installation is .NET Framework version 1.1.4322, which is found in the download area of Microsoft's Web site. It should also be supplemented with Service Pack 1.
After the installation completes, the corresponding item will appear in the My Programs menu with two shortcuts one for BDD Explorer, the other for the Getting Started Guide. The BDD Explorer is implemented as an HTA application with an intuitive interface that takes you through each phase of the deployment process.
The Standard Edition
The Standard Edition
The Standard Edition is optimized for midsize companies (i.e., those with between 250 and 500 desktops), but it is flexible enough to accommodate environments far beyond this range (from 25 to 5,000 systems, in situations where Systems Management Server 2003 is not used). Its operation involves using a disk imaging product (such as Symantec Ghost Solution Suite) and Windows PE. (For more information on this subject, refer to an earlier article in this series). In addition, customers must purchase a sufficient number of Windows XP Professional and Microsoft Office Professional 2003 Edition licenses. Although having an Active Directory and Remote Installation Services implementation considerably simplifies deployment efforts with the Standard Edition, they are not part of the requirements set (which might become a deciding factor when selecting Solution Accelerator for BDD appropriate for an environment).
Remaining components, downloadable free of charge from the Microsoft Web site, include Microsoft User State Migration Toolkit (USMT) 2.6, Microsoft Application Compatibility Toolkit 4.0, Microsoft Office Access 2003 Conversion Toolkit, Windows XP Professional with Service Pack 2, and Office Professional 2003 Edition Service Pack 1.
To differentiate the process of deploying the operating system following the Solution Accelerator for BDD Standard Edition guidelines from other, similar methodologies, Microsoft coined the term "Lite Touch" network installation. This term conveys the notion that in the absence of Active Directory, Systems Management Server 2003 with Operating System Deployment Feature Pack, or Remote Installation Services servers, installing the new operating system will likely require, at the very least, a short visit to the location where target computers reside (e.g., to initiate the process using installation CD).
The Enterprise Edition
The Enterprise Edition is intended for organizations with 500 or more managed desktops. Its requirements are considerably more rigorous than the Standard counterpart. Complying with these requirements, however, yields substantial benefits described collectively as the "Zero Touch" deployment model (as opposed to "Light Touch" network installation). The model consists of two components: Zero Touch Install (ZTI) and Zero Touch Provisioning (ZTP), which leverage functionality present in the Active Directory, Systems Management Server 2003 Service Pack 1, its Operating System Deployment Feature Pack add-on (for more information, refer to one of our earlier articles covering this subject), and Remote Installation Services technology.
Zero Touch Install relies on Systems Management Server 2003 Operating System Deployment Feature Pack and Users State Migration Tool for centralized installation of operating system images on target computers, eliminating the need for setting foot at the physical location. It is also possible to leverage Remote Installation Services to accomplish this goal. The need for a third-party imaging product is eliminated since the SMS 2003 Operating System Feature Pack relies on the Windows Imaging (WIM) technology. Windows PE licensing requirements are automatically satisfied through ownership of Systems Management Server 2003.
Zero Touch Provisioning reduces support costs by facilitating the delegation of common user management tasks (which otherwise must be handled by help desk or system administrators) to designated managers. Such tasks include password changes and resets, altering membership of selected security or distribution Active Directory groups, initiating the installation or uninstallation of published applications, and launching Windows XP Professional upgrade
The configuration of underlying system involves identifying managers, their users, and tasks they can perform on their behalf. Subsequently, users can place requests for completing delegated tasks to their managers via e-mail or directly through a provisioning Web portal. This functionality is delivered through Microsoft BizTalk Server 2004 combined with SharePoint Services (or SharePoint Portal Server 2003), and Authorization Manager components of Windows 2003 Server operating system (as well as SQL Server 2000 with Analysis Services) are installed on the provisioning server. The server takes care of coordinating the authorization workflow and, once approvals are obtained, it applies changes to Active Directory accounts or forwards client requests to the SMS 2003 infrastructure (which, in turn, uses its standard software distribution mechanism to deliver applications or operating system upgrade to target computers).
Application packaging can be handled with any suitable third-party software. Two popular choices are Wise Packaging Studio 5.5 from Wise Solutions and InstallShield, which is currently at version 11 from InstallShield.
Both Zero Touch Install and Provisioning take advantage of the monitoring and reporting functionality in Microsoft Operations Manager (MOM) 2005 to oversee progress of deployments and overall health of underlying infrastructure. Both also rely on some free software. In addition to the components the Standard Edition uses, also needed are SQL Server 2000 Reporting Services Service Pack 1 and SMS 2003 Operating System Deployment Feature Pack, as well as its prerequisite SMS 2003 Service Pack 1. Use of Zero Touch Install does not preclude the ability to apply the Lite Touch approach, which still comes in handy when dealing with a stand-alone or nonmanaged system within the enterprise.
Keep in mind that Solution Accelerator for BDD (in both Standard and Enterprise editions) uses a "wipe and load" scenario for the deployment of Windows XP operating system. This is intentional, since its purpose is to create a fully managed environment without any legacy dependencies. This does not mean, however, that user data or settings are lost use of the User State Migration Tool (USMT) ensures they are preserved (for more information on this technology, refer to our two-part article Deploying Windows XP, Managing User State).
Both the Standard and Enterprise editions come with detailed step-by-step guides that document each stage of Planning, Development, and Implementation phases of the transition to the new operating system, along with a compliant set of applications, improved security settings, optimized user productivity, and administrative efficiency. The guides have an intuitive interface: Hyperlinks between related sections and checkboxes mark progress during each phase. Since the scope of work would typically be handled by separate functional teams, the documentation is divided into multiple Team Guides, each covering an individual stage of the process (such as the Application Compatibility Remediation Feature Team Guide updated for the Application Compatibility Toolkit 4.0, Supplemental Application Feature Team Guide, Core Application Packaging Feature Team Guide, Supplemental Application Packaging Feature Team Guide, Infrastructure Remediation Feature Team Guide, Security Feature Team Guide, User State Migration Feature Team Guide, Imaging System Feature Team Guide, Deployment Feature Team Guide, and Operations Feature Team Guide).
Also included are sample documents that illustrate the Windows XP deployment project lifetime in two fictitious businesses (midsize Trey Research using Solution Accelerator for BDD Standard Edition and Woodgrove National Bank employing the Solution Accelerator for BDD Enterprise Edition). The samples include project plans, business cases, application knowledge sheets, client build requirements, network and workstation hardware upgrades sheets, communication plans, functional specifications, migration plans, pilot plans, site deployment plans, test plans, test specifications, training plans, and application compatibility symptoms sheets.
Several project management tools provide risk analysis functionality (Risk Template Tool and Simple Risk Assessment Tool). Others guide through application packaging and automation of their installation (e.g., newly introduced in the version 2.5, Supplemental Applications Feature Team Guide). Multiple scripts handle such activities as build and configuration of deployment servers, creation of operating system images, and delivering these images to managed desktops. Last, but certainly not least, the Solution Accelerator for BDD offers desktop security configuration recommendations, including patching methodology. Details can be found in the Security Feature Team Guide and in the Risk Template Tools for Standard and Enterprise editions.
Article courtesy of ServerWatch