MD-101 Managing Modern Desktops

Module 07:
Deploy using on-premises
based tools

© Copyright Microsoft Corporation. All rights reserved.

 Assess deployment readiness

Module Deploy using the Microsoft Deployment Toolkit

Agenda

Deploy using Endpoint Configuration Manager

© Copyright Microsoft Corporation. All rights reserved.

Lesson 1: Assess deployment readiness

© Copyright Microsoft Corporation. All rights reserved.

Lesson 1: Assess deployment readiness
• Examine deployment guidelines
• Explore readiness tools
• Assess application compatibility
• Explore tools for application compatibility mitigation
• Prepare network and directory for deployment
• Plan a pilot

© Copyright Microsoft Corporation. All rights reserved.

Examine deployment guidelines

• Take inventory and establish infrastructure map

• Identify devices to retire
• Strategy for supporting complex application installs
• Determine opportunities for virtualization
• Establish data migration process
• Establish method for backing up data on devices where applicable
• Establish a deployment plan describing the complete process
• Create a training and post-deployment plan

© Copyright Microsoft Corporation. All rights reserved.

Explore readiness tools

Endpoint Manager Desktop Analytics MAP Toolkit

© Copyright Microsoft Corporation. All rights reserved.

Assess application compatibility

• Apps that run on Win7/8.x will typically work on Windows 10 and later
• Test compatibility – do not assume.
• Mitigate within Windows 10/11
‒ Modify the app
‒ Updates from developer
‒ Upgrade if available
‒ Permission to resource
‒ Run virtualized
‒ Compatibility mode
‒ Explore alternative apps

© Copyright Microsoft Corporation. All rights reserved.

Explore tools for application compatibility mitigation

Application Compatibility Toolkit

Client Hyper-V

Remote Desktop Services

Azure Virtual Desktop / Windows 365

© Copyright Microsoft Corporation. All rights reserved.

Prepare network and directory for deployment

• Profiles contain user data files:

‒ Size can increase rapidly when users store large files

• Large deployments impact network performance

‒ Delivery Optimization
‒ Branch Cache
‒ BITS
‒ LEDBAT

• Consider integration with Azure AD

© Copyright Microsoft Corporation. All rights reserved.

Plan a pilot

• Use deployment rings for a phased deployment

‒ Phase 1: IT and early adopters
‒ Phase 2: Pilot group
‒ Phase 3: Broad production rollout

• Document and collect feedback

• Communicate changes

© Copyright Microsoft Corporation. All rights reserved.

Lesson 2: Deploy using the Microsoft
Deployment Toolkit

© Copyright Microsoft Corporation. All rights reserved.

Lesson 2: Deploy using the Microsoft Deployment Toolkit
• Evaluate traditional deployment methods
• Setup the Microsoft Deployment Toolkit for client deployment
• Manage and deploy images using the Microsoft Deployment Toolkit

© Copyright Microsoft Corporation. All rights reserved.

Evaluate traditional deployment methods
Default Image
• No need to create an image
• Applications and settings must be applied
separately
• One image per architecture (x86/x64) can be used
for the organization
• Updates to applications do not require the image
to be re-built
• Overall deployment time is typically slower, as
configurations must be applied, and applications
installed after the OS image is deployed
• Some applications can be difficult to automate the
© Copyright Microsoft Corporation.machine,
installation
Custom Image
• Image must be created and maintained
• Applications and Settings can be included in
custom image
• The configuration and application requirements
(and sometimes hardware) of each group within an
organization can typically require several images to
be created and maintained
• Updates to applications cause images to become
stale, requiring images to be updated or re-created
frequently
• Overall deployment time is typically faster with the
configurations and applications included in the
image
• When applications are installed on the reference
All rights reserved.they are typically easier to deploy when
Setup the Microsoft Deployment Toolkit for client deployment

• Microsoft Deployment Toolkit (MDT) is a unified collection of tools, processes,

and guidance for automating desktop and server deployment
‒ Reduce deployment time
‒ Standardize desktop and server images
‒ Windows client and Windows Server deployment

• MDT setup prerequisites

‒ Active Directory Domain Services Environment
‒ Windows Server 2016 or later
‒ Windows ADK
‒ Windows Deployment Services (optional)
‒ Windows Server Update Services (optional)

© Copyright Microsoft Corporation. All rights reserved.

Setup the Microsoft Deployment Toolkit for client deployment

• Key features and components

‒ Windows client support
‒ Windows Server 2016 and later support
‒ The ability to automate a sequential set of tasks into a single repeatable deliverable, that can
be then replicated onto many devices
‒ User interface that enables end users to customize their Windows OS installation
‒ Displays the status of currently running deployments
‒ Offline BitLocker
‒ Support for running the User State Migration Tool (USMT) capture offline
‒ Granular customization

© Copyright Microsoft Corporation. All rights reserved.

Setup the Microsoft Deployment Toolkit for client deployment

Components of Deployment
Workbench
Operating system (OS images)
Applications
Drivers
Packages
Task sequences
• Gather
• Format and Partition
• Inject Drivers
• Apply Operating System
• Windows Update
© Copyright Microsoft Corporation. All rights reserved.
Setup the Microsoft Deployment Toolkit for client deployment
Can MDT can be part of your overall deployment strategy?

Do you want to deploy a standard golden image to your users?

How many applications are part of this image?

Should users have choice about which applications they have?

Should each device be the same?

How many hardware types do you need to manage?

Do you need to deploy applications after the device has been built?

How will you deliver software updates?

© Copyright Microsoft Corporation. All rights reserved.

Manage and deploy images using the Microsoft Deployment
Toolkit
Creating a reference image
1 Create a reference images with the necessary configuration and build upon some of the
prerequisites, such as a deployment share and configuration rules and settings

2 Adding an application to the captured image

Add any applications and scripts you want to install to the MDT build lab share

Deploying a reference image with a task sequence

3
A sequential set of steps that will reference various components imported into MDT
• Gather
• Format and Partition Disk
• Apply OS Image
• Inject Drivers
• Install Applications

© Copyright Microsoft Corporation. All rights reserved.

Manage and deploy images using the Microsoft Deployment
Toolkit
Lite-touch installation (LTI) Zero-touch installation (ZTI) User-driven installation (UDI)

Automated deployments that require some Deployment is completely automated The user can interact during the deployment,
user intervention without any user intervention giving them certain choices for configuration

Configuration options may include choosing

Both MDT and Configuration Manager Beneficial when performing many
the device name, selecting apps to install,
support LTI deployments deployments simultaneously
language, etc.

LTI deployments using MDT require minimal Can be more difficult to implement than Unlike ZTI, where every setting must be
infrastructure and are less complex than zero- LTI/UDI deployments and require defined, UDI allows the end user to decide
touch deployments Configuration Manager certain options

© Copyright Microsoft Corporation. All rights reserved.

Manage and deploy images using the
Microsoft Deployment Toolkit
Managing Deployment Share Rules

Bootstrap.ini
Bootstrap.ini is copied from the Control folder to the boot image, so
the boot image needs to be updated every time you change that file
Add only a minimal set of rules to Bootstrap.ini, such as which
deployment server and share to connect to (the DEPLOYROOT value)

CustomSettings.ini
Put the other rules in CustomSettings.ini because that file is updated
immediately when you select OK

© Copyright Microsoft Corporation. All rights reserved.

Manage and deploy images using the Microsoft Deployment
Toolkit
To aid the resolution of issues in
MDT, enable the in-built
monitoring capability from the
properties of the deployment
share
Right-click the deployment share,
select Properties, select the
Monitoring tab, and then select
Enable monitoring for this
deployment share
After enabling the monitor, you
can track any task sequences
with connectivity and review the
issues

© Copyright Microsoft Corporation. All rights reserved.

Lesson 3: Deploy using Endpoint
Configuration Manager

© Copyright Microsoft Corporation. All rights reserved.

Lesson 3: Deploy using Endpoint Configuration Manager
• Explore client deployment using Configuration Manager
• Manage client deployment using Configuration Manager
• Plan in-place upgrades using Configuration Manager

© Copyright Microsoft Corporation. All rights reserved.

Explore client deployment using Configuration Manager

• Role of Configuration Manager in a modern desktop journey

‒ With modern management tools, such as Intune and Autopilot, and the innovative changes
to Configuration Manager, it can now act as a bridge between how things were done, and
how things can be done in a more modern and agile way
• Building on the foundations of MDT
‒ Access to a wider expanse of task sequence variables with which to utilize during OS
deployment
‒ MDT Rules engine offers a raft of in-built options to aid OS deployment
‒ The ability to install Windows features without the knowledge of code
‒ Log file collection out of a template task sequence wizard

© Copyright Microsoft Corporation. All rights reserved.

Explore client deployment using Configuration Manager

Exploring Configuration Manager

• OS Deployment • Real Time query and reporting

• Application Management • Enterprise Scalability
• Update Management • Azure AD Integration
• Servicing Management • Proactive cadence adoption through
• Device Inventory (CMDB) Desktop Analytics
• Basic License Tracking • Remote Control

• Self Service Software Catalogue • User Settings Capture and Restore

• Cloud Management capability

© Copyright Microsoft Corporation. All rights reserved.

Explore client deployment using Configuration Manager

Exploring the Deployment Components Configuration Manager

• Boot images
‒ The Windows Preinstallation Environment (Windows PE) images that are used to start a
Windows deployment
‒ Start boot images from a CD or DVD, an ISO file, a USB device, or over the network using a
Pre-Boot Execution Environment (PXE) server
‒ Use x64 platform

• Considerations for customizing boot images

© Copyright Microsoft Corporation. All rights reserved.

Explore client deployment using Configuration Manager

Exploring the Deployment Components Configuration Manager

OS images Operating system Device drivers Software updates Task sequences

upgrade packages
Stored in the Windows You can install device Provide a set of tools Configuration Manager
Imaging (WIM) file The source setup files drivers on destination and resources that can uses task sequences to
format for an operating system computers without help manage the task of provide schedule-based
including them in the tracking and applying deployments that can
A compressed collection You can also use this
operating system image software updates to be fully automated and
of reference files and package to deliver a
that is being deployed client computers require no user
folders that are required vanilla image down onto
interaction (zero-touch
to successfully install a device Configuration Manager Configuration Manager
installation or ZTI)
and configure an provides a driver catalog builds on the basic
Import operating system
operating system on a in the Software Library offerings of MDT and Automate components
upgrade packages to
computer workspace, consisting of provides a management in Configuration
Configuration Manager
two nodes: Drivers and plane that can segregate Manager (software
You must select an from a DVD or mounted
Driver Packages updates by type or OS, update packages, the
operating system image ISO file
and work with existing application model, and
for all operating system
processes for release Cloud Management
deployment scenarios
management Gateway

© Copyright Microsoft Corporation. All rights reserved.

Manage client deployment using Configuration Manager
Methods for Composing a Windows Deployment using Configuration Manager
Task sequences
Like MDT task sequences, but can draw on other
elements within it, such as applications created
packages and scripts
Integrate the Configuration Manager task sequence
engine with the MDT binaries for greater flexibility
Scenarios for using a task sequence
© Copyright Microsoft Corporation. All rights reserved.
Deployment collections
After creating the task sequence, you can target it at
a deployment collection to allow the successful
delivery
Prevents unintended delivery of an OS.
Target unknown computers to present any new
device acquired with an ability to launch a created
task sequence
Manage client deployment using Configuration Manager

Troubleshooting a Windows Deployment using Configuration Manager

Reporting Log files

With a reporting services point configured in Configuration Manager produces numerous log files
Configuration Manager, you can access to a set of on both the client and server side to aid with
tools and resources that help you use the advanced troubleshooting
reporting capabilities of SQL Server Reporting Examples:
Services (SSRS) and Power BI Report Server
• Ccmsetup.log
• SMSTS.log
• AppEnforce.log
• Execmgr.log

© Copyright Microsoft Corporation. All rights reserved.

Plan in-place upgrades using Configuration Manager

Recommended path to Windows 10 or Windows 11

Preserves all data, settings, apps, and drivers

Can be rolled back at any point

Leverages Windows setup

Use task sequences leveraging either MDT or Configuration Manager

© Copyright Microsoft Corporation. All rights reserved.

Plan in-place upgrades using Configuration Manager

• Ensure upgrade path is supported

‒ Can’t upgrade x86 to x64
‒ Can’t downgrade editions

• Sufficient hardware resources

• Windows 10/11 compatible hardware and apps
• OS language must be the same
• Dual boot/multiboot is not supported
• Can only upgrade with standard image (install.wim)

© Copyright Microsoft Corporation. All rights reserved.

Written Lab

Deploying Windows 11 using Deploying Windows 11 using

Microsoft Deployment Toolkit Endpoint Configuration Manager

© Copyright Microsoft Corporation. All rights reserved.

© Copyright Microsoft Corporation. All rights reserved.