Using Solution Accelerator for BDD in Small- and Medium-Sized Organizations

  • Article

By Douglas Steen

Douglas Steen

Desktop Deployment Challenges in Small- and Medium-Sized Organizations

For many small- to medium-sized organizations (75-500 desktop computers), the challenges in deploying desktop computers are as complex as those facing enterprises. To help organizations of all sizes deploy Microsoft Windows XP, Microsoft developed the Microsoft Solution Accelerators for Business Desktop Deployment (BDD).

However, the Solution Accelerator for BDD documentation can be a bit daunting: This article is designed to help you determine the fastest path through that documentation. The article also helps you determine which teams you need (even if there are only 3-4 support professionals), which tools and technologies you need, and how to streamline management after your deployment.

There are two Solution Accelerator for BDD versions ? Standard Edition and Enterprise Edition ? with the primary difference between them being that the Enterprise Edition assumes that you have a Microsoft Systems Management Server (SMS) 2003 infrastructure. Figure 1 shows an overview of the Solution Accelerator for BDD processes.

Overview of the Solution Accelerator for BDD Processes

Figure 1: Overview of the Solution Accelerator for BDD Processes

The primary message of Solution Accelerator for BDD is creating managed desktop environments. A managed desktop environment means that the desktop computers have a consistent configuration that allows you to manage and repair individual machines easily in the event of a catastrophic failure. Will a managed desktop environment pay off in a small- to medium-sized organization? Yes!

For purposes of this article, I make the following assumptions about your organization:

  • You do not have SMS 2003 in your environment. If you do have SMS 2003 in your environment, follow the guidance in the Solution Accelerator for Business Desktop Deployment Enterprise Edition.

  • You want to create a managed desktop environment for your organization. If your organization is small enough that you aren't concerned about creating a managed desktop environment, Solution Accelerator for BDD is not for you.

  • You will perform fresh installations of desktop computers rather than in-place upgrades. In a managed desktop environment, you always perform fresh installations of the operating system and applications to ensure that each computer is reset to your organization's standard. (The process of performing fresh installations of the operating system and applications is also known as wipe and load.)

Note:   For more information about the advantages of performing fresh installations of the operating system and applications, see Upgrade or Wipe-and-Load: Choosing the Best Scenario for Deploying Windows XP Professional.

Dividing the Roles and Responsibilities

Solution Accelerator for BDD, Standard Edition, describes the roles in the process in terms of teams. For purposes of this article, you can think of teams as roles that need to be performed. The roles used in Solution Accelerator for BDD, Standard Edition, are:

  • Product Management

  • Program Management

  • Development

  • User Experience

  • Test

  • Release Management

In most small- and medium-sized organizations, one person can perform more than one role. There are recommendations in the Solution Accelerator for BDD literature for roles that can be combined, such as:

  • Release Management and User Experience

  • Test and User Experience

  • Program Management and Release Management

Other combinations may compromise the strength of the roles. For example, you wouldn't want to the same person to perform the Development and Test roles.

Note:   For more information about the Solution Accelerator for BDD roles, see the Planning chapter in the Plan, Build, and Deploy Guide.

Creating the Deployment Infrastructure

One of the first steps in using Solution Accelerator for BDD, Standard Edition, is to ensure that you have the appropriate infrastructure to support it. To make sure that your infrastructure is sufficient to support a managed desktop environment, you need:

  • Active Directory infrastructure. The Microsoft Active Directory directory service acts as the account repository, provides Group Policy, and supports logon scripts. All these elements are used during the deployment process.

  • Shared folders on file servers. Use the shared folders to store images of operating systems and applications, user state migration information, and scripts and applications used during the deployment process.

  • Remote Installation Services (optional). Use Remote Installation Services (RIS) to initiate the installation of Windows XP or Microsoft Windows Preinstallation Environment (Windows PE).

  • Software Update Services (optional). Use Software Update Services (SUS) to apply security updates and software patches after your desktops have been deployed.

Solution Accelerator for BDD provides guidance for creating the deployment infrastructure in the Plan, Build, and Deploy Guide, Infrastructure Remediation Feature Team Guide, and Deployment Feature Team Guide.

Determining Application Compatibility

Before deploying Windows XP, first determine the compatibility of your existing applications with Windows XP Service Pack 2 (SP2). You should determine application compatibility in your lab environment prior to your pilot and production deployments. Solution Accelerator for BDD, Standard Edition, provides information about application compatibility in the Application Compatibility Deployment Feature Team Guide.

You can determine application compatibility by using the Microsoft Application Compatibility Toolkit 3.0. The Application Compatibility Toolkit allows you to inventory existing applications, then assists in providing fixes for incompatible applications. You can use Microsoft Virtual PC 2004 in conjunction with the Application Compatibility Toolkit to create a virtual copy of your target desktop environments, then test the compatibility of your existing applications.

Note:   You can use these same processes and infrastructure to test security updates and patches prior to deploying them in your production environment.

Migrating User State Information

As previously stated, in a managed desktop environment you should perform fresh installations of operating systems and applications instead of performing in-place upgrades. When you deploy your desktop computers using this method, you need to capture the user state information prior to deploying the desktop computer. After you deploy the operating system and applications, you need to restore the user state information.

You can use the Microsoft Windows User State Migration Tool (USMT) to capture and restore user state information. You can run USMT manually, or you can automate USMT by creating batch files and scripts. You can use command-line syntax to initiate USMT from within a script.

Note:   For more information about using USMT, refer to the User State Migration Feature Team Guide for Solution Accelerator for BDD, Standard Edition.

Deploying Desktop Operating Systems

With all the previous steps in place, you are now ready to deploy the desktop operating system. To deploy the desktop operating system, perform the following steps:

  1. Select your deployment method: the System Preparation Tool (Sysprep), RIS, or unattended installation. (For more information about these deployment methods, see Automating and Customizing Installations in the Microsoft Windows Server 2003 Deployment Kit.)

  2. Create images of Windows XP and Windows PE. (For more information about Windows XP images, see the Computer Imaging System Feature Team Guide and the Deployment Feature Team Guide.)

  3. Ensure that you have the appropriate access permissions to deploy the operating system. (For more information about the security requirements for performing deployments, see the Deployment Feature Team Guide and the Security Feature Team Guide.)

  4. Deploy the operating system images. (In Solution Accelerator for BDD, the method for deploying the operating system images, whether by RIS or by Sysprep, is referred to as Lite Touch network-based deployment. For more information, see the Deployment Feature Team Guide.)

  5. Deploy applications, such as Microsoft Office 2003. (For more information about automatically initiating the deployment of applications, see the Office Upgrade Feature Team Guide and the Supplemental Applications Feature Team Guide.)

Applying Security Updates and Software Patches

Now that the operating system and applications are deployed, you enter the maintenance and operations phase of the life cycle. You should deploy the operating system and applications with the latest security updates and software patches available at the time. However, applying new updates and patches must be an ongoing process if you are to maintain your deployment.

You can apply security updates and software patches in your environment by using one of the following methods:

  • SUS

  • Active Directory Group Policy

  • Logon scripts

  • Windows and Office Updates

Table 1 lists the characteristics of each method for applying security updates and software patches.

KEY: Feature Included = Feature Included

Table 1: Characteristics for Methods for Applying Security Updates and Software Patches

Characteristic

SUS

Group Policy

Logon Scripts

Windows and Office Updates

Automatic download of updates from the Internet

Feature Included

      

Feature Included

Automatic notification of available updates

  

Feature Included

      

Feature Included

Centrally approve updates before deployment

  

Feature Included

  

Feature Included

  

Feature Included

  

Specify updates as mandatory

  

Feature Included

  

Feature Included

  

Feature Included

  

Target specific computers or groups of computers

  

Feature Included

  

Feature Included

  

Feature Included

  

Appropriate for managed desktop environments

  

Feature Included

  

Feature Included

  

Feature Included

  

Apply updates for applications developed in your organization

  

Feature Included

  

Feature Included

  

Feature Included

  

Note:   While you can use Windows Update to apply software updates and software patches, doing so is not recommended in a managed desktop environment because you can't centrally approve the updates and because this method requires the user to have administrator-level permissions on the desktop.

Faster Deployment with Fewer Mistakes

Even in small- to medium-sized organizations, Solution Accelerator for BDD can help you create a managed desktop environment ? all in less time and with fewer mistakes. With very few steps, a little up-front effort, and the help of Solution Accelerator for BDD, you can have an environment that is easier to support and maintain.

For More Information

Discussions in Desktop Deployment
Ask your desktop deployment questions here. Discuss deployment tips and best practices with your peers, and give feedback on articles that are featured in the Desktop Deployment Center.

About the Author
Douglas Steen is an architect, consultant, technical trainer, and author who focuses on Microsoft products and integration technologies. Doug has been designing and creating hardware and software solutions since 1975 and has written several training courses, books, and online articles. Most recently, Doug wrote most of the IIS 6.0 Deployment Guide for Microsoft Press, a series of white papers for Microsoft about Active Directory, and portions of the Solution Accelerator for Business Desktop Deployment Enterprise Edition. You can contact Doug at dsteen@msn.com.

Print This Page  Print This Page

Rate This Page  Rate This Page