Managing and deploying Windows Vista James O’Neill IT Pro Evangelist Microsoft UK Ltd

Managing and deploying Managing and deploying Windows VistaWindows Vista

James O’Neill IT Pro EvangelistMicrosoft UK Ltd.http://blogs.technet.com/jamesone

Vista for the IT Professional

SupportEasier to supportHelp users to help themselves

ManagementBetter control

DeploymentNew imaging technology, new install process

So, we’re going to look at

DeploymentSystem image manager, ImageX, Windows PE

Management and SupportUser access control, Group Policy , Resource protection, Reliability Analysis, Scheduling, Event view ....

What’s new in installation ?

A new “Pre-installation environment” Windows PE 2.0 (now for everyone)32 bit and 64 bit versionsUses Vista drivers and utilities

A new installation file format .WIMCan hold multiple imagesCompressed and single instancedCommand line tools to capture & apply images

PE’s role in Vista installation...

Boot Windows PEPE is stored in a bootable WIM fileCopied to a RAM disk and boots from thereLoads storage and network drivers

If Windows Setup is present, run itStep user through image choice & installation

If not, present a Command PromptFor maintenance tasks

Image X - Image X - with Windows PE

Image X - we sawImage X - we saw/ info/ info/ apply/ apply/ capture / capture

MANY Installation Methods

Standard DVD imageStandard DVD image + AutoUnattend.xmlApply captured image from command lineBoot into Windows deployment services

Apply captured image or image from the DVD

Create DVD with captured imageRestore a complete PC back up

Uses recovery environment

Least flexible but usually fastest

Preparing Vista for imaging

Need an image to be ready for first boot

New product keyFull hardware check and performance testCreate a local adminEtc ...

Done with SysPrep.

SYSPREPSYSPREP

So far we know...

We can make an PE boot disk

We can capture Vista with imagex /capture {more switches}

We can prepare a new disk with PE tools

DiskPart, Format

We can apply Vista to a new machine withimagex /apply {more switches}

... Can we make it easier ?

Windows Deployment Services

Installation: add RIS, install WDS “patch”

Need AD , DHCP and DNS working firstPatch is part of WAIK

Clients Network boot in WDS

WDS manager has images to bootAt least the BOOT.WIM from Vista DVD

And to install (from DVD or captured)

Install images from the DVD

Boot image, from the DVD

One image to catch them all...

Windows Deployment Services 1 Windows Deployment Services 1 Booting into the capture processand imaging the sysprep’ed PC

WDS 1: We sawWDS 1: We saw•WDS Manager,WDS Manager,•PXE boot to the WDS Boot ChoicesPXE boot to the WDS Boot Choices•Adding a driver to PE after bootAdding a driver to PE after boot•Starting the Capture processStarting the Capture process

Later we’ll do this bit ....

Installing normally

System Image Manager

All Setup information in one XML file

The file is built using SIM

Vista Setup looks for AutoUnattend.xml

e.g. Boot off CD, insert USB key with XML file

System Image ManagerSystem Image Manager

Manageability and support

User Account ControlUser Account ControlWindows Resource ProtectionWindows Resource Protection

New Event Viewer and Logging New Event Viewer and Logging InfrastructureInfrastructureNew Task SchedulerNew Task SchedulerReliability Analysis ComponentReliability Analysis Component

Maintain PC configurationMaintain PC configuration

Desktop Troubleshooting andDesktop Troubleshooting andTask AutomationTask Automation

Group Policy EnhancementsGroup Policy EnhancementsUpdate Management ImprovementsUpdate Management ImprovementsNew WMI Providers and Windows New WMI Providers and Windows Remote ManagementRemote Management

Simplify Configuration Simplify Configuration Management Management

3 Management Goals:3 Management Goals:

Features and Improvements

Issues with non-admin users

Can user perform

required tasks to be

productive without help

desk support?

Will existing 3rd party and LOB applications run for standard users?

Can enterprise support and maintain desktops where users do not have administrator privileges?

Require admin rights less oftenAllow users to:

View clock/calendar & change time zoneConfigure secure wireless (WEP/WPA)Change power management settings Create and configure a VPNAdd pre-approved drivers

Run Defrag as a scheduled system process

Data redirection to help legacy apps(Demo in Steve’s session)

UAC: Confirm use of rights

All users run as Standard User by default

Filtered token created during logon

Explicit consent required for elevation

Installer DetectionPredictable shell elevation paths (also Demo’d in Steve’s session)

Cope with misuse of rights

Windows Resource Protection resources

Only changed by OS Trusted Installer Service If modified are replaced with trusted copiesSystem files and registry settings protected

Accidental changes by user

Software installers

Prevents damaging configuration changes

Improvements in Group Policy

Hundreds more settings extend reach

Policy applied more reliably & efficiently

Easier to use improved for admins

Power Power ManagementManagement

Device Device InstallatioInstallatio

n and n and UsageUsage

Internet Internet ExplorerExplorer

IPSEC & IPSEC & Windows Windows FirewallFirewall

Printer Printer DeploymentDeployment

TroubleshootiTroubleshooting & ng &

DiagnosticsDiagnostics

User User Account Account ControlControl

iSCSIiSCSI Windows Windows DefenderDefender

Windows Windows Error Error

ReportingReporting

Remote Remote AssistanceAssistance

Terminal Terminal ServicesServices

GlobalizatioGlobalizationn ShellShell TabletTablet

Over 500 new settings across key areas

Extending Reach

Reliability and ease of use

Network aware application of Group Policy

Support for editing Group Policy settings in Multilingual

Environments

Support for Multiple Local GPOs

Reliable and Efficient Application of Policy

Easier to Use

GPMC integrated into Windows

Search and filter (Post Windows Vista)

Templates (Post Windows Vista)

Group PolicyGroup Policy

Updates: less painful…

Windows Update requiring fewer reboots

Down by 1/6th since August 2003

Updates less frequentWas weekly , now monthly

Consolidated reboots Multiple patches single reboot

…better still in Windows Vista

Patches can be applied directly to images

Auto-update everything

Platform technology to reduce reboots

Windows InstallerRestart managerOffice can resume after a reboot

New Event logging

Right data to diagnose problemsThe right data…but not too much dataImproved supporting information for all events

“Schematized” events (XML) Richer informationEasy integration with management toolsSupports Ad-hoc diagnosis

Better Event Viewer experience

One place for events for all components

Filters and views put focus on key events

Events are actionableAssociate a task with an event with one click

Event SubscriptionsCan subscribe to events & view them centrallyBased on Windows Remote Management

Event viewerEvent viewer

New Task Scheduler

Power and flexibilityNew triggers, conditional launch etcCompletely scriptable

VisibilityTask dashboard

Improved reliability and resource allocation

Retry tasks in case of failureRun when next available

Task SchedulerTask SchedulerVisiting Backup, Restore points and Defrag

Reliability Analysis Console

Analyze crashes and hangsTracks frequency and type of user disruptionsShows connections between application installs and other system events

Reliability Analysis ConsoleReliability Analysis Console

Review

Installation has more choices andmore control than ever

Download the WAIK

Many improvements to managabilityGroup PolicySchedulingEvent ViewerAnalysis

Your life really is easier with Vista !

© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation.

Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN

THIS PRESENTATION.