Microsoft Deployment Toolkit (MDT) 2012 includes the Deployment Workbench which helps build a Lite Touch Installation without the steep learning curve of other Microsoft tools, specifically SCCM Configuration Manager. Today at TechEd 2013, Johan Arwidmark presented a simplified approach to reference image preparation along with getting it deployed to multiple hardware configurations with a Lite Touch approach.
MDT 2012 Update is a free set of utilities designed around systems deployment. To achieve a Lite Touch deployment we’re going to look at the Deployment Workbench to create and configure reference images for any deployment situation.
Lite Touch Pros:
1. Compatible Image - standard image that is compatible no matter how it is deployed.
2. Easy compared to SCCM Configuration Manager. Less moving parts means less room for error. Think of it as the layman’s Config Man.
3. Fast - Config Manager takes about 4 days to build a reference image where with MDT 2012 you can do it in half the time.
4. Easy to delegate - infrastructure requirements is only a SMB share. That's it. Point to the share and as long as network access is available the image will deploy. Very easy for image admins to hand off to techs. Personally my favorite feature here is that the SMB creds are hidden in the tool; techs will not necessarily have access to this information.
5. Suspend action in the sequence. Pause a certain point of the deployment for manual actions. Shortcut on desktop to resume task sequence, make manual changes and take a vm snapshot, and click the shortcut to resume the automatic sequencing. Software you just can’t automatically deploy? Put a Suspend in the plan to install the troublesome app and then double-click the shortcut to resume the automatic image prep.
6. VM test bed - very efficient with snapshots. Blow away changes and instantly revert to snapshots to do something different.
7. WSUS integration (which can step on the toes of Config Manager). Recommended to stand up dedicated WSUS server for reference images. Enable WSUS by disabling the disabled option (confusing double negatives can be tricky). Stick to a local WSUS as it is 100% reliable and offers a higher level of driver control. Specify in config file: WSUSServer=http://wsus01:8530
Why do we deploy Windows? To run applications on it! MDT gives you the ability to add in hot fixes, language packs, and application installers. Can use installation wrapper for logical software deployment operations (different arch, IF ELSE END etc) or built-in silent install switches (/q /passive etc).
When it’s all said and done, the deployment plans are saved as nothing more than an XML file. So cracking open and changing the deployment sequencing plan will not be too difficult for those comfortable in XML. The task sequencing within the deployment plan resembles the old Win XP Sysprep ini file. Very straightforward component listing such as TaskSequenceID=XYZ. Looping Powershell into the task sequencing can increase automation exponentially.
The end goal is a very Lite Touch deployment where kicking off the deployment plan is all that will be needed. The following can be fully automated:
* Create virtual machine
* Mount ISO
* Run deployment task sequence
* Capture WIM to file share
The session was very intriguing and as a veteran systems deployment engineer Johan obviously preferred MDT 2012 SP1 over Configuration Manager 2012. That being said, ConfigMan can do some very cool things with WIMs created in with MDT, including injecting the majority of Microsoft updates into dated WIMs via WSUS.