The Enterprise Edition
The Enterprise Edition is intended for organizations with 500 or more managed desktops. Its requirements are considerably more rigorous than the Standard counterpart. Complying with these requirements, however, yields substantial benefits — described collectively as the “Zero Touch” deployment model (as opposed to “Light Touch” network installation). The model consists of two components: Zero Touch Install (ZTI) and Zero Touch Provisioning (ZTP), which leverage functionality present in the Active Directory, Systems Management Server 2003 Service Pack 1, its Operating System Deployment Feature Pack add-on (for more information, refer to one of our earlier articles covering this subject), and Remote Installation Services technology.
Zero Touch Install relies on Systems Management Server 2003 Operating System Deployment Feature Pack and Users State Migration Tool for centralized installation of operating system images on target computers, eliminating the need for setting foot at the physical location. It is also possible to leverage Remote Installation Services to accomplish this goal. The need for a third-party imaging product is eliminated since the SMS 2003 Operating System Feature Pack relies on the Windows Imaging (WIM) technology. Windows PE licensing requirements are automatically satisfied through ownership of Systems Management Server 2003.
Zero Touch Provisioning reduces support costs by facilitating the delegation of common user management tasks (which otherwise must be handled by help desk or system administrators) to designated managers. Such tasks include password changes and resets, altering membership of selected security or distribution Active Directory groups, initiating the installation or uninstallation of published applications, and launching Windows XP Professional upgrade
The configuration of underlying system involves identifying managers, their users, and tasks they can perform on their behalf. Subsequently, users can place requests for completing delegated tasks to their managers via e-mail or directly through a provisioning Web portal. This functionality is delivered through Microsoft BizTalk Server 2004 combined with SharePoint Services (or SharePoint Portal Server 2003), and Authorization Manager components of Windows 2003 Server operating system (as well as SQL Server 2000 with Analysis Services) are installed on the provisioning server. The server takes care of coordinating the authorization workflow and, once approvals are obtained, it applies changes to Active Directory accounts or forwards client requests to the SMS 2003 infrastructure (which, in turn, uses its standard software distribution mechanism to deliver applications or operating system upgrade to target computers).
Keep in mind that Solution Accelerator for BDD (in both Standard and Enterprise editions) uses a “wipe and load” scenario for the deployment of Windows XP operating system. This is intentional, since its purpose is to create a fully managed environment without any legacy dependencies.
Application packaging can be handled with any suitable third-party software. Two popular choices are Wise Packaging Studio 5.5 from Wise Solutions and InstallShield, which is currently at version 11 from InstallShield.
Both Zero Touch Install and Provisioning take advantage of the monitoring and reporting functionality in Microsoft Operations Manager (MOM) 2005 to oversee progress of deployments and overall health of underlying infrastructure. Both also rely on some free software. In addition to the components the Standard Edition uses, also needed are SQL Server 2000 Reporting Services Service Pack 1 and SMS 2003 Operating System Deployment Feature Pack, as well as its prerequisite SMS 2003 Service Pack 1. Use of Zero Touch Install does not preclude the ability to apply the Lite Touch approach, which still comes in handy when dealing with a stand-alone or nonmanaged system within the enterprise.
Keep in mind that Solution Accelerator for BDD (in both Standard and Enterprise editions) uses a “wipe and load” scenario for the deployment of Windows XP operating system. This is intentional, since its purpose is to create a fully managed environment without any legacy dependencies. This does not mean, however, that user data or settings are lost — use of the User State Migration Tool (USMT) ensures they are preserved (for more information on this technology, refer to our two-part article Deploying Windows XP, Managing User State).
Both the Standard and Enterprise editions come with detailed step-by-step guides that document each stage of Planning, Development, and Implementation phases of the transition to the new operating system, along with a compliant set of applications, improved security settings, optimized user productivity, and administrative efficiency. The guides have an intuitive interface: Hyperlinks between related sections and checkboxes mark progress during each phase. Since the scope of work would typically be handled by separate functional teams, the documentation is divided into multiple Team Guides, each covering an individual stage of the process (such as the Application Compatibility Remediation Feature Team Guide — updated for the Application Compatibility Toolkit 4.0, Supplemental Application Feature Team Guide, Core Application Packaging Feature Team Guide, Supplemental Application Packaging Feature Team Guide, Infrastructure Remediation Feature Team Guide, Security Feature Team Guide, User State Migration Feature Team Guide, Imaging System Feature Team Guide, Deployment Feature Team Guide, and Operations Feature Team Guide).
Also included are sample documents that illustrate the Windows XP deployment project lifetime in two fictitious businesses (midsize Trey Research using Solution Accelerator for BDD Standard Edition and Woodgrove National Bank employing the Solution Accelerator for BDD Enterprise Edition). The samples include project plans, business cases, application knowledge sheets, client build requirements, network and workstation hardware upgrades sheets, communication plans, functional specifications, migration plans, pilot plans, site deployment plans, test plans, test specifications, training plans, and application compatibility symptoms sheets.
Several project management tools provide risk analysis functionality (Risk Template Tool and Simple Risk Assessment Tool). Others guide through application packaging and automation of their installation (e.g., newly introduced in the version 2.5, Supplemental Applications Feature Team Guide). Multiple scripts handle such activities as build and configuration of deployment servers, creation of operating system images, and delivering these images to managed desktops. Last, but certainly not least, the Solution Accelerator for BDD offers desktop security configuration recommendations, including patching methodology. Details can be found in the Security Feature Team Guide and in the Risk Template Tools for Standard and Enterprise editions.