Bring Your Own Mac

Written by Ingmar Verheij on December 23rd, 2013. Posted in Desktop Player

Bring Your Own MacThe Bring Your Own Device (BYOD) trend is no longer a hype, we see more and more people bringing their (own) Mac to the office. The simplicity of Apple devices combined with the power (and of course the esthetics)  makes them a wanted device. More and more people consider an Apple MacBook to be a serious option to replace their (corporate dictated) Dell / HP / IBM / Lenovo / etc laptop.

From a corporate IT perspective the BYOD trend is a pain in the ass. All of the sudden IT is confronted with unmanaged devices (if you bring your own, support your own) that need to access corporate resources. In real life there is no such thing as unmanaged devices. If your CFO has a problem with his shiny MacBook Pro you fix it.

MDT: Force users to supply an OSD computer name (MININT)

Written by Ingmar Verheij on December 19th, 2013. Posted in MDT

Machine that are deployed via Microsoft Deployment Toolkit (MDT) are provided with  a computer name that’s provided during installation. By default this is a generated computer name similar to “MININT-79S84T2”.

Since the GUI of MDT is quite slow – and won’t show an hourglass –  I noticed people tend to click [Next] twice on the previous screen. As a result they automatically accept the generated computer name instead of providing their own. It’s more friendly to block the [Next] button on the Computer Details screen so users are force to provide a proper computer name.

Windows Deployment Wizard - Computer Details - MININT-79S84T2Windows Deployment Wizard - Computer Details - !Invullen

MDT: Select operating system based on computer name

Written by Ingmar Verheij on December 19th, 2013. Posted in MDT

Windows VersionsBy default a single operating system is linked to a task sequences in Microsoft Deployment Toolkit (MDT). This means that if you have different operating systems you need to built (and maintain) a task sequence for each operating system.

A customer has different client types and wants to use a single task sequence to deploy different images. For this purpose a custom task is added that selects an operating system based on the prefix of the provided computer’s name.

MDT: Set default domain in LiteTouch

Written by Ingmar Verheij on December 19th, 2013. Posted in MDT

When a machine boots Microsoft Deployment Toolkit (MDT) LiteTouch via Windows PE it requires credentials to connect to the deployment share. By default the user name, password an domain are required fields. In most environment the domain is equal for most users, making it user friendly to configure a default domain.

User Credentials - DefaultUser Credentials - DOMAIN

MDT: Secure the Deployment Share

Written by Ingmar Verheij on December 19th, 2013. Posted in MDT

With a default installation of Microsoft Deployment Toolkit (MDT) the Deployment Share is not secure. All users are allowed to read / write which makes it vulnerable to unauthorized access and possibly exposes access to (installation) passwords.

The default permissions on a folder are:

  • Administrators – Full Control
  • CREATOR OWNER – Full Control
  • SYSTEM – Full Control
  • Users – Read & Execute + Create file / write data + Create Folders / append data