Windows 7 Deployment using Altiris Deployment Solution 6.9 SP4
Windows 7 Deployment usingAltiris Deployment Solution 6.9 MIKE PRUETT MANAGER, INFORMATION TECHNOLOGY ISTA PHARMACEUTICALS, INC.
Outline Who we are Project Scope Research Software Compatibility Image Build Methodology Staging Deployment Process Exceptions After-Thoughts References
Who we are Founded in 1992 as Advanced Corneal Systems IPO on August 2000 Fourth Largest Branded Prescription eye care business in the US 4 Selling Products, Several more in the Pipeline 2010 $157 million annual revenues Named number 1 on Deloitte’s Orange County Fast 50 List, 3 Years in a row. (2008,2009,2010)
Project Scope IT Department identified the need for a Software upgrade from Windows XP SP3 to Windows 7 Enterprise. Most workstations had a mix of Volume License & OEM software installed. 45 % of Home Office leased workstations were due back to Hardware Vendor (Dell) starting in Q1 2011. All of Remote Sales Force workstations were due for Hardware Refresh, starting in end of Q3. Migration and Upgrade needed to happen during off- hours, or when Employees machine was in shop for servicing.
Research Using NS Reports to determine hardware Windows 7 System Requirement readiness. Assets and Inventory > Inventory > Windows > Hardware Count of Computers by Processor Speed, Type, and OS Memory Configuration by Computer Computers by Total Disk Size Using NS Reports to determine software Windows 7 System Requirement readiness. Assets and Inventory > Inventory > Windows > Software/Applications Count of Distinct Add/Remove Program Applications Count of Products by Version and Manufacturer Count of Computers by Install Directories
Research (continued) When running previously mentioned reports, always change the Target Collection to “All Windows Workstations” Review current application install base for required upgrades. (For instance, Acrobat 7 Professional/Standard does NOT load on Windows 7 64-Bit!!) Expect to upgrade current Anti-Virus software. (Windows XP AV Clients are not going to cut it!) ISTA decided to implement Window 7 64-Bit on all machines that met the following specs: 1.8 Ghz processor or better Processor needed to be of the Core Duo or Core Duo 2 type (or Better) 4GB of Memory or better If machine could be upgraded to 4GB then it would be 80GB SATA Hard Drive Minimum (The WINDOWS directory is 40GB in size) Any machines that did not meet this spec would be replaced.
Software Compatibility Due to the fact that most/all of our Install base had Windows XP 32-Bit… our current software packages might not be compatible Utilizing a few Windows 7 Test machines, we deployed/tested our Major software applications We built a list of Apps, and denoted which had been tested, and which worked under Windows 7 We were not concerned with any of the Microsoft Apps, due to the fact that we are EA customers We determined that some of our crucial apps did not work with Win 7 We had considered XP Mode/MED-V, but after reading that Microsoft did not consider those tools a Long-Term solution, we opted against it. A few of the Apps worked successfully under Terminal Services. So we set up a few TermServ boxes to support those users. For the few remaining applications that have not been upgraded, or cannot run under Terminal Services, we are awaiting updates from the vendor. (That group has not been upgraded to Win 7 yet)
Methodology ISTA needed a deployment methodology which supported the upgraded equipment & complete replacement hardware. We settled on using a Lite-Touch & a Zero-Touch deployment Method: Zero-Touch for those machines which were being upgraded directly. (No Replacement) Lite-Touch for the users who were getting a new machine, with all of their data transferred. Data transfer would be done using Microsofts USMT tool We would have used PCT, but our installed version did not support Windows 7 64-Bit restoral. (It now does in SP5)
Methodology (continued) The steps determined for each method were roughly the same: User Data Archival (Transferred to Network Share) Deploy Image Deploy Customized Drivers Install Software Packages Restore User Data Cleanup Desktop Environment The only difference was the “User Data Archival”, as this was done on the users original machine. Then the rest of the Job was completed on the new machine.
Image Build Similar to Windows XP, build a machine with fresh copy of Win7 installed. Customized the User Profile before Imaging, then copy to the Default Profile. We decided to keep our Images small, based on how few machines had similar software selections. No apps installed before Sysprep Left Aclient/Altiris Agent off image before Sysprep. (Would install later on using SetupComplete.cmd) Image capture choices… RDeploy (works in Linux, and Windows PXE) Ghost (Windows Only, did not support Win7 till SP4) ImageX (Was not an option in SP3, now included in SP5) We chose RDeploy, as we wanted to deploy the image using faster Linux PXE boot.
Image Build (continued) ISTA’s Image prep is as follows…1. Install Win7 (no drivers/apps)2. Customize Default User Profile3. Capture Image, label “Before Sysprep”4. Copy Sysprep tools onto machine.5. Extract & Create Unattend.XML file6. Copy Unattend.XML file to USB FlashDrive7. Run Sysprep /generalize /oobe /shutdown8. Capture Image, label “Sysprep” Now Customize the Unattend.XML file & Test your image.
Deploy Windows 7 x64 Image (continued)@echo offREM Driver Install ScriptECHO Driver Install ScriptREM Find Current ModelSet model="%#!computer@model_num%"ECHO %model%REM pauseREM Get Production NameIf %model%=="0G868N" set retrieve=E6400If %model%=="0U695R" set retrieve=E6400If %model%=="0K42JR" set retrieve=E6410If %model%=="0D8H24" set retrieve=E4310If %model%=="0D517D" set retrieve=760If %model%=="0R230R" set retrieve=760If %model%=="0D441T" set retrieve=980ECHO Copy Over Driver files...rem mkdir c:drivers.Rdeploywindowsfirm.exe -recurse copy G:7x64%retrieve% prod:drivers
Deploy Windows 7 x64 Image (continued)REM Start Service ModeECHO Injecting Drivers into Image...".WAIKTools_v2x86ServicingDism.exe" /Image:C: /logpath:C:dism.log /add-driver:C:drivers /recurseECHO Copying the new AClient files....Rdeploywindowsfirm.exe copy .AgentsAClientdagent_x64.msi prod:WindowsSystem32dagent.msiECHO Preparing the Unattended Setup Files...REM Tokenizing the Unattend File...REM ReplaceTokens .Sysprepunattend.xml .temp%ID%.xmlREM Copying the Tokenized Unattend File....Rdeploywindowsfirm.exe copy .temp%ID%.xml prod:WindowsSystem32Sysprepunattend.xml.Rdeploywindowsfirm.exe copy .temp%ID%.xml prod:WindowsPantherunattend.xml.Rdeploywindowsfirm.exe copy prod:WindowsSystem32Sysprepunattend.xml prod:unattend.xmlREM Copying the SetupComplete File....Rdeploywindowsfirm.exe copy .Sysprepsetupcomplete.cmd prod:WindowsSetupScriptsSetupComplete.cmd
Set Firewall Exceptions@ECHO OFFREM Set Windows Firewall Exceptions...netsh firewall set service type = FILEANDPRINT mode = DISABLE >>%windir%system32AltirisFW.logecho Simple File Sharing turned off on: %DATE% %TIME%>>%windir%system32AltirisFW.lognetsh advfirewall set allprofiles state off >>%windir%system32AltirisFW.logecho Firewall Exceptions Completed on: %DATE% %TIME%>%windir%system32AltirisFW.log:end
Exceptions For those software packages that were unique to several machines, we created network install jobs Those jobs were listed under the “Software” folder, so the Desktop Analyst could include it into his jobs
After-Thoughts Don’t rush project! Give your users ample opportunity to experience Windows 7 before they are upgraded Train your Staff, then train User base For legacy applications, consider using SVS or APP-V for application virtualization (we did not have enough time!) Schedule the upgrade around any Hardware Refresh efforts, or Lease returns Check internal website compatibility with Internet Explorer 8!!! DON’T run your Deployment Server on a VM! DON’T forget to update to the latest Service Pack! We started on SP3, and had lots of problems. It wasn’t until SP5 that everything worked out as planned!
References About MED-V.. http://technet.microsoft.com/en- us/library/ee872305.aspx Why XP Mode & MED-V are not long-term solutions http://redmondmag.com/articles/2011/04/19/microsoft -panel-offers-windows-xp-migration-tips.aspx Creating a Windows 7 Self Updating Hardware Independent Image… https://www- secure.symantec.com/connect/articles/creating- windows-7-self-updating-hardware-independent-image- using-deployment-solution-69sp4