Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Windows 7 Deployment using Altiris Deployment Solution 6.9 SP4
1. Windows 7 Deployment using
Altiris Deployment Solution 6.9
MIKE PRUETT
MANAGER, INFORMATION TECHNOLOGY
ISTA PHARMACEUTICALS, INC.
2. Outline
Who we are
Project Scope
Research
Software Compatibility
Image Build
Methodology
Staging
Deployment Process
Exceptions
After-Thoughts
References
3. Who we are
Founded in 1992 as Advanced Corneal Systems
IPO on August 2000
Fourth Largest Branded Prescription eye care
business in the US
4 Selling Products, Several more in the Pipeline
2010 $157 million annual revenues
Named number 1 on Deloitte’s Orange County Fast
50 List, 3 Years in a row. (2008,2009,2010)
4. Project Scope
IT Department identified the need for a Software
upgrade from Windows XP SP3 to Windows 7
Enterprise.
Most workstations had a mix of Volume License & OEM
software installed.
45 % of Home Office leased workstations were due back
to Hardware Vendor (Dell) starting in Q1 2011.
All of Remote Sales Force workstations were due for
Hardware Refresh, starting in end of Q3.
Migration and Upgrade needed to happen during off-
hours, or when Employees machine was in shop for
servicing.
5. Research
Using NS Reports to determine hardware Windows 7
System Requirement readiness.
Assets and Inventory > Inventory > Windows > Hardware
Count of Computers by Processor Speed, Type, and OS
Memory Configuration by Computer
Computers by Total Disk Size
Using NS Reports to determine software Windows 7
System Requirement readiness.
Assets and Inventory > Inventory > Windows >
Software/Applications
Count of Distinct Add/Remove Program Applications
Count of Products by Version and Manufacturer
Count of Computers by Install Directories
6. Research (continued)
When running previously mentioned reports, always change the
Target Collection to “All Windows Workstations”
Review current application install base for required upgrades. (For
instance, Acrobat 7 Professional/Standard does NOT load on
Windows 7 64-Bit!!)
Expect to upgrade current Anti-Virus software. (Windows XP AV
Clients are not going to cut it!)
ISTA decided to implement Window 7 64-Bit on all machines that
met the following specs:
1.8 Ghz processor or better
Processor needed to be of the Core Duo or Core Duo 2 type (or Better)
4GB of Memory or better
If machine could be upgraded to 4GB then it would be
80GB SATA Hard Drive Minimum (The WINDOWS directory is 40GB in size)
Any machines that did not meet this spec would be replaced.
7. Software Compatibility
Due to the fact that most/all of our Install base had Windows XP 32-Bit…
our current software packages might not be compatible
Utilizing a few Windows 7 Test machines, we deployed/tested our Major
software applications
We built a list of Apps, and denoted which had been tested, and which
worked under Windows 7
We were not concerned with any of the Microsoft Apps, due to the fact that
we are EA customers
We determined that some of our crucial apps did not work with Win 7
We had considered XP Mode/MED-V, but after reading that Microsoft did
not consider those tools a Long-Term solution, we opted against it.
A few of the Apps worked successfully under Terminal Services. So we set
up a few TermServ boxes to support those users.
For the few remaining applications that have not been upgraded, or cannot
run under Terminal Services, we are awaiting updates from the vendor.
(That group has not been upgraded to Win 7 yet)
8. Methodology
ISTA needed a deployment methodology which
supported the upgraded equipment & complete
replacement hardware.
We settled on using a Lite-Touch & a Zero-Touch
deployment Method:
Zero-Touch for those machines which were being upgraded directly.
(No Replacement)
Lite-Touch for the users who were getting a new machine, with all of
their data transferred.
Data transfer would be done using Microsoft's USMT
tool
We would have used PCT, but our installed version did
not support Windows 7 64-Bit restoral. (It now does in
SP5)
9. Methodology (continued)
The steps determined for each method were roughly the
same:
User Data Archival (Transferred to Network Share)
Deploy Image
Deploy Customized Drivers
Install Software Packages
Restore User Data
Cleanup Desktop Environment
The only difference was the “User Data Archival”, as this
was done on the users original machine. Then the rest of
the Job was completed on the new machine.
10. Image Build
Similar to Windows XP, build a machine with fresh copy of Win7
installed.
Customized the User Profile before Imaging, then copy to the
Default Profile.
We decided to keep our Images small, based on how few machines
had similar software selections. No apps installed before Sysprep
Left Aclient/Altiris Agent off image before Sysprep. (Would install
later on using SetupComplete.cmd)
Image capture choices…
RDeploy (works in Linux, and Windows PXE)
Ghost (Windows Only, did not support Win7 till SP4)
ImageX (Was not an option in SP3, now included in SP5)
We chose RDeploy, as we wanted to deploy the image using faster
Linux PXE boot.
11. Image Build (continued)
ISTA’s Image prep is as follows…
1. Install Win7 (no drivers/apps)
2. Customize Default User Profile
3. Capture Image, label “Before Sysprep”
4. Copy Sysprep tools onto machine.
5. Extract & Create Unattend.XML file
6. Copy Unattend.XML file to USB FlashDrive
7. Run Sysprep /generalize /oobe /shutdown
8. Capture Image, label “Sysprep”
Now Customize the Unattend.XML file & Test your
image.
16. Deploy Windows 7 x64 Image (continued)
@echo off
REM Driver Install Script
ECHO Driver Install Script
REM Find Current Model
Set model="%#!computer@model_num%"
ECHO %model%
REM pause
REM Get Production Name
If %model%=="0G868N" set retrieve=E6400
If %model%=="0U695R" set retrieve=E6400
If %model%=="0K42JR" set retrieve=E6410
If %model%=="0D8H24" set retrieve=E4310
If %model%=="0D517D" set retrieve=760
If %model%=="0R230R" set retrieve=760
If %model%=="0D441T" set retrieve=980
ECHO Copy Over Driver files...
rem mkdir c:drivers
.Rdeploywindowsfirm.exe -recurse copy G:7x64%retrieve% prod:drivers
17. Deploy Windows 7 x64 Image (continued)
REM Start Service Mode
ECHO Injecting Drivers into Image...
".WAIKTools_v2x86ServicingDism.exe" /Image:C: /logpath:C:dism.log /add-driver:C:drivers /recurse
ECHO Copying the new AClient files...
.Rdeploywindowsfirm.exe copy .AgentsAClientdagent_x64.msi prod:WindowsSystem32dagent.msi
ECHO Preparing the Unattended Setup Files...
REM Tokenizing the Unattend File...
REM ReplaceTokens .Sysprepunattend.xml .temp%ID%.xml
REM Copying the Tokenized Unattend File...
.Rdeploywindowsfirm.exe copy .temp%ID%.xml prod:WindowsSystem32Sysprepunattend.xml
.Rdeploywindowsfirm.exe copy .temp%ID%.xml prod:WindowsPantherunattend.xml
.Rdeploywindowsfirm.exe copy prod:WindowsSystem32Sysprepunattend.xml prod:unattend.xml
REM Copying the SetupComplete File...
.Rdeploywindowsfirm.exe copy .Sysprepsetupcomplete.cmd prod:WindowsSetupScriptsSetupComplete.cmd
18. Set Firewall Exceptions
@ECHO OFF
REM Set Windows Firewall Exceptions...
netsh firewall set service type = FILEANDPRINT mode = DISABLE >>%windir%system32AltirisFW.log
echo Simple File Sharing turned off on: %DATE% %TIME%>>%windir%system32AltirisFW.log
netsh advfirewall set allprofiles state off >>%windir%system32AltirisFW.log
echo Firewall Exceptions Completed on: %DATE% %TIME%>%windir%system32AltirisFW.log
:end
21. Restore User Data
REM USMT 4.0 - LoadState
ECHO Mounting Drive...
net use z: <ServerName>usmtdata$
ECHO Running ScanState...
z:amd64Loadstate.exe z:captures%COMPUTERNAME% /i:z:amd64migdocs.xml /i:z:amd64migapp.xml
/l:z:captures%COMPUTERNAME%loadstate.log
ECHO Unmounting Drive...
net use z: /delete
22. Customize Desktop
@ECHO OFF
REM Customizing End-User Desktop...
REM Copying Desktop Shortcuts...
IF NOT EXIST "%SystemDrive%UsersPublicDesktop" GOTO END
ECHO Deleting Old Desktop Shortcuts...
DEL "%SystemDrive%UsersPublicDesktop*.lnk"
ECHO Copying Desktop Shortcuts...
XCOPY /Y "<ServerName>DeployUtilitiesx64Icons*.ico" "%SystemRoot%System32"
XCOPY /Y "<ServerName>DeployUtilitiesx64Links*.lnk" "%SystemDrive%UsersPublicDesktop"
REM Installing Drive Mapping and Backup Script(s)...
ECHO Installing Drive Mapping and Backup Script(s)...
XCOPY /Y "<ServerName>DeployUtilitiesx64Scripts*.vbs" "%SystemDrive%UsersPublic"
XCOPY /Y "<ServerName>DeployUtilitiesx64Scripts*.xml" "%SystemDrive%UsersPublic"
REM Applying Registry Fixes...
ECHO Applying Registry Fixes...
REGEDIT /S "<ServerName>DeployUtilitiesx64Registrygeneral.reg"
REGEDIT /S "<ServerName>DeployUtilitiesx64Registry7zip.reg"
:END
23. Exceptions
For those software packages that were unique to several
machines, we created network install jobs
Those jobs were listed under the “Software” folder, so the
Desktop Analyst could include it into his jobs
24. After-Thoughts
Don’t rush project!
Give your users ample opportunity to experience Windows 7
before they are upgraded
Train your Staff, then train User base
For legacy applications, consider using SVS or APP-V for
application virtualization (we did not have enough time!)
Schedule the upgrade around any Hardware Refresh efforts,
or Lease returns
Check internal website compatibility with Internet Explorer
8!!!
DON’T run your Deployment Server on a VM!
DON’T forget to update to the latest Service Pack!
We started on SP3, and had lots of problems. It wasn’t until SP5 that
everything worked out as planned!
25. References
About MED-V..
http://technet.microsoft.com/en-
us/library/ee872305.aspx
Why XP Mode & MED-V are not long-term solutions
http://redmondmag.com/articles/2011/04/19/microsoft
-panel-offers-windows-xp-migration-tips.aspx
Creating a Windows 7 Self Updating Hardware
Independent Image…
https://www-
secure.symantec.com/connect/articles/creating-
windows-7-self-updating-hardware-independent-image-
using-deployment-solution-69sp4