virtual techdays india │ 22-24 november 2010 microsoft it: windows 7 deployment made easy aviraj...
TRANSCRIPT
virtual techdaysINDIA │ 22-24 November 2010
Microsoft IT: Windows 7 Deployment Made Easy
Aviraj Ajgekar│ Technology Evangelist │Microsoft CorporationBlog: http://blogs.technet.com/aviraj │ [email protected]
Microsoft IT: Windows 7 Deployment Made Easy
1) Windows® 7 Microsoft® Information Technology (IT) Deployment Overview:
Installation Scenarios and Image BenefitsWindows 7 Image ArchitectureImage DesignImage Setup ProcessMicrosoft Environment Overview Microsoft IT Windows 7 Deployment MetricsMicrosoft IT Approach
2) Why Microsoft IT Uses Windows 7:Improving Security with Windows 7Hardware RequirementsScenario-focused CommunicationsBitLocker™ Drive Encryption & DirectAccessHelp Desk and SupportabilityLine-of-Business (LOB) Application Compatibility
3) Keys to a Successful DeploymentIT Showcase Videos on Windows 7Microsoft Desktop Optimization Pack (MDOP)Modena: Operating System Deployment (OSD) at Microsoft
4) Resources
5) Q&A
Agenda
Installation Scenarios and Microsoft IT Image Benefits
Benefits of the Microsoft IT image:Clean installationIncludes data migration using the Windows User State Migration Tool (USMT) Structured, simple processSupported by IT, key drivers are tested!Complete installation in 2 hours, with Microsoft Office productivity appsOperating System (32-bit and 64-bit) with driver payload and applications
Installation Scenarios
Installation with Data Migration(Recommended
)
Clean InstallationWindows Vista®
Upgrade
Large campus
Windows Deployment
Services
Windows Deployment
ServicesFlat file
Medium site
Windows Deployment
Services
Windows Deployment
ServicesFlat file
Small site/ Remote
ISO ISO ISO
Windows 7 Image Architecture
Image DeliveryWindows Deployme
nt Services
ISO/USB
OSD
Factory Image
Microsoft IT Image
Documentation
Branding
Task SequencerApplications and Settings
Drivers Payload
Maintenance Scripts
Base Operating Systemunattend.xml
oobe.xml
QFEs / Patches
Boot drivers
USMT – Hard Link
Migration
Image Design
boot.wim
Boot critical drivers
USMT (optional)
install.wimBoot critical drivers
Driver payload
Driver Payload / Task Sequencer
Registry changes
Applications• Microsoft Office 2010 RTM (MUI)• Microsoft Office Communicator 2007 R2• ISA Firewall Client• IT Connection Manager (VPN)• Smart card modules• Microsoft IT Welcome Center• Microsoft IT branding (logo, background, etc.)• Windows Mobile® Device Center 6.1• Microsoft Silverlight™ 3.0• Adobe Acrobat Reader 9.2• Adobe Flash Player 10• MSW, ITWeb, Bing search connectors• FastHelp, Bing desktop gadgets• Token Activation License
System-specific drivers
Energy Star 4.0–compliant power settings
Language Packs (EN-US, DE-DE, FR-FR, JA-JP, ZH-CN)
unattent.xml
oobe.xml
Image Setup Process
7
Windows PEPnP
(text)
Restart
Operating system
OOBE(GUI)
Task sequencin
g
Restart
System
ready
Microsoft Environment Overview
Puget Sound37,213
Population
North America15,105
Population
Latin America2,235
Population
Europe Middle East and Africa
18,893Population
Asia 14,839
Population
Help desk–supported Languages
Microsoft Offices in 105 countries89,000 employees globally70,000 vendors globally220 Windows deployment servers and product servers globally on a virtual server infrastructureUsers supported by 5 call centers globally
Afrikaans Chinese Simplified Japanese Estonian Turkish Korean Polish Slovak UkrainianArabic Chinese Traditional Czech Finnish Hebrew Latvian Portuguese Spanish Urdu
Armenian Creole Danish French Hungarian Lithuanian Romanian Swahili VenezuelanBosnian Croatian Dutch German Icelandic Macedonian Russian Swedish
Bulgarian Italian English Greek Kazakhstani Norwegian Serbian Turkish
Windows 7 Deployment Metrics
As of October 2009, Windows 7 RTM installed on 84,000 client computers
Microsoft BranchCache™ has been deployed at 28 regional sites Cumulative installations from beta to RTM exceed 144,000
Microsoft IT Windows 7 Deployment Metrics
Hardware RequirementsOEM Category Model
Dell Notebook E6400Dell Notebook E6500Dell Notebook E4200Dell Notebook D830Dell Notebook D630Dell Notebook D620Dell Notebook D820Dell Notebook XTDell Notebook E4300HP Notebook nc8430HP Notebook nc6400HP Notebook 6910pHP Notebook 8510wHP Notebook 8510pHP Notebook 2710pHP Notebook 2510pHP Notebook 2530pHP Notebook 2730pHP Notebook 8530wHP Notebook 8730wHP Notebook 6930pLenovo Notebook X301Lenovo Notebook X200sLenovo Notebook T400Lenovo Notebook W500Lenovo Notebook T61pLenovo Notebook T60Lenovo Notebook X61Lenovo Notebook X61tLenovo Notebook X60Lenovo Notebook T61Lenovo Notebook T60pLenovo Notebook x60 Tablet Lenovo Notebook X300Lenovo Notebook X200tLenovo Notebook W700Toshiba Notebook Portégé M400Toshiba Notebook Tecra M5Toshiba Notebook Portégé R500Toshiba Notebook Tecra M9Toshiba Notebook Portégé M700Toshiba Notebook Tecra A9Toshiba Notebook Portégé R400Toshiba Notebook Portégé R600
Currently, 70% of system drivers delivered to users via Windows Update through enterprise image automationNo system BIOS updates required for global deploymentExtensive testing by Microsoft IT and Windows of the Microsoft IT three-year installation base, resulting bugs and issues being addressed and resolved:
46 portable computers by RTM, 22 desktop computers by RTM
Windows 7
Significant shift in hardware requirements from previous operating system requirementsPoor driver coverage at RTMOlder systems required BIOS updates to take advantage on new operating system and driversMany different driver sources, causing user confusion
Windows Vista Lessons
Minimum Hardware Requirement Windows Vista hardware LogoRTM Minimum Hardware Requirements:
Processor: 1 GHz 32-bit or 64-bit processorMemory: 1 GB of system memory (Microsoft 2–4 GB)Hard disk: 16 GB of available disk spaceVideo card: Support for Microsoft DirectX® 9 graphics with 128 MB of memory (to enable the Windows Aero® theme) and at minimum a Windows Vista–supported driver.
Hardware Requirements
BitLocker
Difficult to implement broadly on existing hardware without full wipe and re-partitionRequired user accessing BIOS to enable TPM 1.2Required high touch from the help desk
Windows Vista Lessons
Improvement in Windows tools for BitLockerSignificant improvement to the Drive Shrink toolMicrosoft IT–documented business rules and automation to streamline deployment
Windows 7
Tool scripts Windows 7 calls: no custom code for BitLocker:
Turn on BitLockerTake ownership of the TPMDrive Shrink and security partition creationEncryption of the drive
Focus on managing business rules and automating setup
Tool
Exclusion of Russia and China from BitLocker requirementTool enforces BitLocker compliance: future investigating NAPOpt-out process for valid business reasonsPIN policy
Business Rules
DirectAccess
Client benefits:Remote connectivity - “it just works”No VPNMore productive–“always on corpnet” vs. limitations of only mail RPC/HTTPNo long quarantine times for health checksFirewall traversal–access from hotels, customer sites, home90%+ satisfaction rates, with the highest NSAT scores (148 NSAT)Productivity gains reported in survey87% survey respondents reported instant productivity gains–every user has saved as much as 1 hour each day as a result of using DirectAccess (Small Survey Results)
IT benefits:Increased manageability, operational efficiencies, always on, proactive monitoring, and patch management Enhanced securityNAP for health validationEncryptionEvaluating potential cost savings for Internet-connected Offices (ICO) by not requiring dedicated leased lines.
IPsec and IPv6 encryption client to network edge; ultimately end to EndStrong authentication smart cards TPMCurrently piloting TPM storage of certificate with BitLocker and PIN enabledFirewall traversal via IP-HTTPSNetwork Access Protection (NAP) for client health validation, enforcement, and reporting
Microsoft IT’s remote access technologies overlapThree transport methods (VPN, TS Gateway, DirectAccess)Five publishing methods (remote access portal, TS Web portal, mobile, OWA, RPC/HTTP)User confusionHigh operational costs supporting numerous technologiesLow user satisfaction (NSAT) vs. security compliance
Remote Access IT: Approach
Results
DirectAccessServer
DirectAccessClient
Application servers
Domain Controller /DNS server
NAP/NPSServer
Intranet
Internet
RC
Beta
Pre
-beta
RTM
Oct (M3) Nov (M3) Dec (M3) Jan (Beta) Feb (Beta) Mar (Beta) Apr (Beta) May (RC) Jun (RC) Jul (RC) RTM
0 0 0
0.2059 0.2059 0.2059 0.2059
0.1772 0.1772 0.1772
0.251
15.57% 15.17% 14.26%
9.79%
12.59%11.57%
14.87%
8.43%10.26% 9.77%
5.29%
15% 15% 15% 15% 15% 15% 15%
12% 12% 12%10%
Incident Rate TrendVista Dogfood Windows 7 Dogfood Windows 7 Goal
Top Customer Pain Points
Help Desk and Supportability
Issue Classification%
Vol.Comments
Setup: help 49.7% Help with Install/ RIS/ DVD
Display driver issues 10.9%Display drivers/video drivers require updates
Configure: help Personalize computer: settings
5.9%Personalize computer/remove Windows .old
Domain user not admin.
3.0% Need admin rights
Windows fails to start correctly
3.0%Windows fails to start correctly/ unable to start
Activation (error/key needed)
2.3%Activation key needed for Ultimate editions
Domain join/trust relation
2.1% Domain join
Information requests 2.0%Generic information requests
Network printer 1.7% Printer setup/driver
Summary80.6
%
Dedicated help desk queues for dogfood Daily triage for help desk incidents and detailed root cause analysis to understand top and emerging issuesImproved IVR to drive incident volume avoidance Problem Recorder, Action Center, with troubleshooters used for help desk troubleshooting Assisted support without setup issue not offeredSupport for multiple heterogeneous graphics cardsSignificant improvement in startup, networking, and memory performance leading to better user experienceGreater out-of-the-box compatibility
Windows 7
Help desk focused around user issue resolution, not on feedback and product improvement User calls went to general dogfood support queues Minimal incident trending and call volume analysis to drive product feedback Significant call drivers:
Assisted setup without issuesSetup, activation , drivers, networking etc.Multi-monitor supportLong startup time and application sluggishnessNon-Microsoft application and device-compatibility issues
Windows Vista Lessons
Line of Business Application Compatibility
Issues were with Internet Explorer related–not operating system issues Internet Explorer 8 Compatibility View reduced issues One application with significant compatibility concerns: Currently leveraging Windows XP Mode for users with that application (in the Future, leverage Microsoft Enterprise Desktop Virtualization [MED-V]) Did over a year of real enterprise testing that resulted in a better product
Windows XP Windows Vista Windows 7Engineering Group Apps Engineering Group Apps Engineering Group Apps
AIT 143 AIT 144 AIT 81EXD - LPO 20 Field IT 88 Field IT 50RXD 19 RXD 41 Business Group Engineering 31E&D Division 16 SMD - ASM 39 EXD - LPO 19Field IT 11 EXD - LPO 30 RXD 16Clearing for App Discovery 11 E&D Division 23 SMD - ASM 14Business Group Engineering 9 EXD - OEM IT 22 Business Intelligence 14SMD - ASM 8 Business Group Engineering 18 SMD - InfoSec 6Business Intelligence 4 SMD - InfoSec 17 MSCOM 1SMD - InfoSec 3 Business Intelligence 11 MSIT Apps 1MMS Infrastructure Services 3 Clearing for App Discovery 6 EXD - OEM IT 1
MSCOM 3 MBS 5 Total 234MSIT Apps 2 MMS Infrastructure Services 5EXD - EAS 1 MSIT Apps 3Global Service Automation 1 EXD - EAS 2
MBS 1 Total 454Total 255
Individual Applications Tested (Participation)
Win
dow
s
49%vs. last wave
Multiple major milestone test passes: Consolidated test passes with Windows Internet Explorer 8 stand-aloneConsolidated testing infrastructure: Provided application teams with server-based virtual “client” sessions for testingFocused on vital few applications that exercised core infrastructure and programing methodsTested 234 applications out of 1,500 total LOB applications
Expanded testing to cover more applicationsNet results did significantly improve product quality
Windows Vista Lessons Windows 7 Approach Results
http://download.microsoft.com/download/4/e/8/4e8c1b99-54f1-4be7-8e9b-78024015848d/LOBApplicationCompatibilityTesting_TWP.doc
Keys to Successful Deployment
Seamless user experience
BitLocker
Application compatibility
User satisfaction
Costs
Modena: OSD at Microsoft
Modena: A Feature of MDT 2010
Powerful pre-flightDomain and OU selectionChecks credentials, machine ownershipVolume and backup selectionLanguage and localeSelective application deployment
Resources
Customer Ready Content for Windows 7
• Additional content on Microsoft IT deployments and best practices can be found on http://www.microsoft.com/itshowcase
• Microsoft IT Showcase Webcasts http://www.microsoft.com/howmicrosoftdoesitwebcasts
• Microsoft TechNet http://www.microsoft.com/technet/itshowcase
• Microsoft IT Showcase Windows 7 content http://technet.microsoft.com/en-us/library/bb687804.aspx
• http://blogs.technet.com/aviraj
Q & A
virtual techdaysINDIA │ 22-24 November 2010
Springboard Series
http://www.microsoft.com/springboard
The right resources, the right technical level, at the right time in your adoption lifecycle
Under which of the following tabs of the Springboard series for Windows 7 would you find a link to ebook on Essential Guidance for Deploying Windows 7: Discover & Explore, Pilot & Deploy, Manage? Send in your answer to: [email protected]
virtual techdaysTHANKS│22-24 November 2010
Email: [email protected] Blog: http://blogs.technet.com/aviraj