Microsoft Deployment Toolkit and Windows Deployment Services

by Glenn Thomas

SHARE

Home » Articles and insights » Microsoft Deployment Toolkit and Windows Deployment Services

In this article, I will be highlighting the benefits of having the “right” Microsoft Windows Deployment technologies setup within your environment, along with Microsoft Deployment Toolkit (MDT) to simplify your client operating system deployments.

The article will list the important Microsoft technologies that need to be in place to make deployments successful and will give insight on how each of these technologies plays a vital role within your environment to give your end-users the best Windows experience possible. Having the “right” deployment solution setup for your network will save your IT department time, money, and reduce your support calls.

Microsoft Deployment Toolkit

My involvement in countless Microsoft deployment projects over my career (for SMBs, large businesses, and educational environments) has given me a comprehensive understanding what server-side technologies exist and how they can be leveraged together with using the Microsoft Deployment Toolkit to automate the tasks associated with desktop deployments and their on-going management. This includes delivering to the end-users a 100% working system with little or no, hands-on manual investment on your part, and the ability to maintain that system moving forward.

My theory to IT administration – like most IT administrators should be, is how can I become more productive by using “IT” to my advantage – doing more with less time, minimizing potential mistakes, and putting solutions in place to reduce the amount of end-user helpdesk tickets being created. And of course, how can I free up my time to learn new stuff like PowerShell – while keeping the technology running smooth and keeping everyone happy?

CASE STUDY

This Wisconsin manufacturer needed to modernize its IT infrastructure to support rapid business growth.

Discover what they did

The dream

Imagine this for a moment. A flexible and manageable deployment environment where new computers can be purchased and delivered (even to remote locations) with a freshly imaged Windows 10 installation, and containing all the latest Windows security updates. Furthermore, bulky applications like Microsoft Office, Adobe Creative Suite, and Autodesk Inventor are automatically installed, all your 3rd party applications are installed, and users can log in and start working immediately without the need to migrate their files or settings – all taking either ZERO, or only a few key-strokes to make this happen.  We’ll focus on this later, but this can be accomplished using Windows Deploy Services along with the Microsoft Deployment Toolkit.

The reality

Now think about your current environment:

  • How long does it take to swap-out someone’s computer with a new replacement?
  • Is your environment running in a way that users can easily roam from computer to computer, or from desktop to laptops, or even go off-site, and know that the user will always have their files and settings available to them, even offline, and they won’t have to endure lengthy logons in the process?
  • What about situations where manufacturer [brand X] doesn’t offer that specific model workstation/PC anymore?
  • Can the hardware drivers and/or software packaged being deployed to your new computers be swapped-out with newer versions or releases -without- the need of updating your reference computer image?
  • Or what about the more modern-day scenarios with Microsoft’s new ‘Software as a Service’ model where Microsoft releases another Windows 10 build every 6 months, and your reference machine is no longer valid or fails during the Sysprep phase of the capture process?

Chances are, you are likely having to rebuild your Windows 10 reference image from scratch with the Windows 10 .ISO build and then re-install that long list of applications, re-capture it, and hope didn’t miss any steps in the process, or you’ll have to do it all over again – ugh… Talk about a headache.

Before Microsoft Deployment Toolkit

Travel back with me for a moment to the pre-Windows 7 days.  It was tough to deploy Windows to different hardware platforms without maintaining separate reference images (a.k.a monolithic images) for each and every model of computers in your organization. During this time, I witnessed first-hand how much time it would take getting that “golden” image perhaps even “universal” image (images that had hardware drivers for different make/models built-in that would work in nearly all deployment scenarios) setup with all the software they needed. Not to mention, the amount of time spent maintaining separate images for one client, let alone, in my role as an IT consultant, maintaining dozens of client images – everyone unique for each location or customer.

Granted, medium to large IT environments commonly tried to stick to 3-4 specific models of computers which may have worked fine for them initially, but as the environment and personnel changed over time, maintaining these images slowly became a nightmare. Smaller environments?  Forget it!  You would have to go through a lot of work to get a working deployment system in place and the advantages of having a deployment solution typically didn’t outweigh the initial complexity and time spent.

At the end-of-the-day, the monolithic-based deployment environment was hard to maintain and keep up to date. Problems like:

  • How can I add this driver when a new computer model is purchased?
  • How can I remove this program and add this other one?
  • Oops, I already deployed 200 PC’s and I forgot to include AutoDesk Inventor or Solidworks on the engineering computers

… and of course, all those complaints from end-users when you roll out a new image (or images) to your organization and the sudden cries of, “Where did my Microsoft Office shortcuts go?” ring endlessly throughout the workday.   Your stress levels increase and your patience plummets as you wonder why end-users can’t seem to figure out that the Office applications are under the Start Menu.   Furthermore, your helpdesk technicians are sneaker-netting around for weeks putting out fires that could’ve easily been prevented.  Then, multiple years after this frustrating experience, you decide to hold off on deploying newer versions of Windows because the benefits didn’t outweigh the costs of upgrading and having to deal with all the headaches that went along with the process.  –SIGH– We’ve all been there…

The present – Windows Deployment Services and MDT

If we fast forward a few years to the present day, we find that Microsoft has made significant changes to all their Windows operating systems and server technologies to set the path for improving deployments and the end-users’ overall desktop experience.

Even with these new changes and improvements available from Microsoft, many admins (including myself!) stuck to using monolithic images and tools like: Ghost, Clonezilla, some “home brewed” WinPE builds, ImageX scripts, and Windows Deployment Services (WDS) to get the job done. With some exceptions, most of those solutions worked fine for the most part and got the job done at the end of the day. But, because I came from this monolithic mindset, Windows deployment environments were difficult to maintain. Over time, I ended up re-thinking how I was managing those monolithic imaged-based solutions which led me to transition to, and learning, a more robust and flexible deployment system.

Windows 7 through Windows 10, and Server 2008 R2 through Server 2016, can all be delivered through one common deployment platform via Microsoft Deployment Toolkit (MDT) and controlled and managed using Microsoft Server’s built-in technologies without much work. Best of all, this process completely removes the need for building all those reference images and maintaining them. Software installation packages can be built that work across all different versions of Windows, and best of all, the entire design can be customized to fit your unique environment.

Deployments – preparation is the key

Going beyond the mere basics and getting to a Lite Touch Installation (LTI) or Zero Touch Installation (ZTI) environment will take a lot more preparation and design upfront (including the right logical-thinking mindset) to make sure your Windows environment runs properly.

For example, having things automated in such a way where a new deployment automatically generates a customized/unique hostname based on:

  • physical location,
  • make/model of hardware
  • whether they’re servers, virtual machines, or clients

…and then, based on the information above, are dropped into the correct Organizational Unit (OU) automatically, which will in turn:

  • Install all the correct driver packs (without worry about driver overlap)
  • Receive the correct set of 3rd party application installs
  • Allow flexibility for certain applications (such as CAD-based applications like: AutoDesk Inventor, Solidworks, AutoCAD, Catia, ProEngineer/Creo) to be selected on-deployment, or post-deployment
  • Install network printers
  • Map network drives
  • Create shortcuts
  • Migrate end-user settings and files from their old computer to the new computer automatically

… virtually to the point where your end-users become capable of performing their own computer refreshes if needed – yikes!

Too good to believe?   Well, in today’s age of deployment tools that are readily available, it’s not a dream, it’s a reality.

Using the right tools

To achieve this goal, IT support technicians need to familiarize themselves with useful Microsoft technologies such as:

  • Microsoft Deployment Toolkit (MDT) – including remote site setup understanding
  • Active Directory and Active Directory design (ADUC)
  • Group Policies and Group Policy design (GPOs)
  • Windows Server Update Services (WSUS)
  • MSI Packages and Re-Packaged Software within MSI
    (or other software deployment software like PDQ deploy or Chocolatey)
  • Distributed File System (DFS)
  • File Server Resource Manager (FSRM)
  • Correct NTFS Permissions for Folder Redirection
  • Correct NTFS Permissions for Roaming profiles
  • KMS for Volume Licensing
  • Computer BIOS settings (Boot Order, PXE Boot, WOL, Secure Boot, UEFI vs Legacy)

Everything listed here serves a unique purpose and needs to be set up correctly for this level of deployment to work. This is where myself, and other engineers at Source One Technology, can help you hit the ground running within a few days. We can help you design and set up this environment, train you on how to maintain it, and let you take over from there. The best part of the features described here in this article is that they are ALL included for free with -ANY- edition of Microsoft Windows Server 2008/2012/2016.  Not only that, but the Microsoft Deployment Toolkit (MDT) is a free download from Microsoft as well!

Glenn Thomas

Glenn Thomas

Glenn is a Network Engineer at Source One Technology and has been providing IT consulting services to Enterprises, SMBs, schools, and nonprofits in Waukesha, Milwaukee, Dane, Washington , Jefferson, Ozaukee, Kenosha, Racine counties and across Wisconsin for over 15 years.

Tired of wasting time and money on frustrating IT issues and vendors?