Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 1 Windows Desktop Deployment Service at LANL Mark Wingard Central.

Similar presentations


Presentation on theme: "Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 1 Windows Desktop Deployment Service at LANL Mark Wingard Central."— Presentation transcript:

1 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 1 Windows Desktop Deployment Service at LANL Mark Wingard Central Services and Development Team CTN-1 Los Alamos National Laboratory LA-UR-08-2667

2 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 2 The History of Windows Deployment at LANL Central Services and Development (CSD) Efforts 2000 – “Scripted Install” - Installation of a networked Ghost image with a DOS boot floppy Slow Driver issues 2003 – “Expressway” - Installation of a networked Ghost image with a DOS boot CD Drivers stored on CD Issues w/ maintaining drivers, especially NIC drivers 2005 – “Dynamic Expressway” - Network-based installation of applications and security hardening Presumed XP was already installed Field Technician Effort 2006 – BartPE CD with XP Ghost image with all applications pre-installed Not supported by CSD Unwanted/unlicensed applications had to be uninstalled Limited QA No version control

3 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 3 NLIT 2007 Sessions XLoad Presentation by LLNL Windows XP Setup Disk by SNL Vista Deployment Presentation by ORNL

4 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 4 XLoad - LLNL Windows.NET Framework 1.1 Running on Win PE Leveraged WMI Custom Code by LLNL developers No support for Vista at the time LANL Management really liked it

5 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 5 Sandia’s XP Setup Disk Custom application by SNL Developers Used various installation methods for standard or customized XP install No Application installation Unique to Sandia

6 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 6 ORNL’s PC Loader Used Microsoft’s BDD 2007 Highly customizable Free How did we miss their presentation???

7 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 7 Microsoft’s Business Desktop Deployment (BDD) New Deployment method (Solution Accelerator) from Microsoft based on “Best Practices” Collection of scripts WinPE boot from various sources Operating system image building tools User State Migration (migrating users’ data and settings) Various installation scenarios: — Bare Metal — Refresh — Side-by-Side Microsoft Deployment Toolkit Works with or without SMS — LANL uses SMS 2003 (Upgrading to SCCM) Free and supported by Microsoft!!

8 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 8 Microsoft Deployment Toolkit 2008 Highly customizable Lite Touch (without SMS/SCCM) Zero Touch (with SMS/SCCM) Works with XP, Vista, 2003 Server, 2008 Server Dynamic Driver injection User State Migration Additional application support Security update support Tools to build custom images (WAIK) File-based image Can be updated offline Images, application, drivers, etc. stored on network WinPe boot: CD USB Windows Deployment Server (PXE boot) Refresh from existing system

9 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 9 MS Deployment Flow Build custom image Install XP SP2 on reference computer — Harden to NIST 800-68 configuration guidelines and latest patches — Install base applications Office Pro 2003, Adobe Acrobat, Symantec AntiVirus, Windows Defender, SMS 2003 client, Utilities, Installers for other applications and security script Capture image using Windows Automated Installation Toolkit (WAIK) tools and save to network Gather drivers for supported hardware Build installers for additional applications Build ISO for WinPE for new computer installs Provide ISO to field technicians Field techs install image and additional apps as desired Computer reboots w/ auto-logon as Administrator Tech joins computer to Active Directory Runs script to rename/disable Administrator and Guest New computer installed in less than 30 minutes!

10 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 10 Windows Desktop Deployment Service (DDS) Beta 1 Restriction to support static IP addresses only Custom code added to support static IPs No ability to add additional applications New ISO/CD required when changes were made Support for common Dell workstations models only

11 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 11 DDS Beta 1

12 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 12 DDS Beta 1 Image Choices

13 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 13 DDS Beta 2 New and existing systems are deployed through firewall router New computer boots from CD Router provides DHCP address Support for Refresh of existing computers No CD boot required User settings and data migrated Two image choices New Computer with pre-installed, base applications Existing Computer with identical image as New Computer Menu of additional, optional applications

14 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 14 DDS Beta 2 Illustrated

15 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 15 DDS Beta 2 Illustrated Cont’

16 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 16 DDS Communications Internal Web Site Change Control Board

17 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 17 DDS Future Add support for Laptops Other manufacturers (HP, IBM…) Vista Servers 64-bit Provision new computers as delivered to LANL Continue to leverage NIST-approved settings to achieve security compliance Integrate with SCCM

18 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 18 DDS Beta 2 Vs You be the judge!

19 Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 19 Questions (and maybe Answers)


Download ppt "Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 1 Windows Desktop Deployment Service at LANL Mark Wingard Central."

Similar presentations


Ads by Google