U.S. Department of Labor

This was a Windows 7 deployment project migrating users off Windows XP desktops with PointSec encryption enabled. Our S. SCCM Architect lead a team of 6 people to upgrade and migrate 5000 desktop computers and enable BitLocker replacing PointSec encryption solution. In addition we had the responsibility for implementing a new SCCM 2007 environment that will be the technology of choice for deployment the Windows 7 operating system. Their was a previous attempt to deploy SCCM 2003, so we had to ensure and clean out all old remnants of an old SCCM 2003 deployment.

What was interesting about this project was the fact all desktop computers was encrypted with PointSec, but their was no known encryption keys to decrypt machines in order to run a task sequence successfully to deploy a new operating system. What was happening is, every time a computer is rebooted by the task sequence, when the computer came back from the reboot to go into WinPE, the task sequence fails. The issue was after rebooting, WinPE was not able to access the drive due to the PointSec encryption in place. So to work around this issue, i created 2 task sequence to perform a single OS deployment. The first TS runs, captures the users state data, reboots the computers, then swap the boot file. When the boot file is swap with a fake filename, this action forces the WinPE process to re-check the management point for policies, when that happen, the process only sees the 2nd TS and then starts the 2nd TS which picks up from where the 1st TS left off and finishes the reboot process But; the process goes right into a PXE bear metal boot process, Wipes the encrypted drive, then installs the OS images, restores the users state data, and completes the OS deployment process.

We also designed and developed customized reporting dashboards that was integrated with SharePoint to share and make reports consumable and easily accessible for end users. Below is a list of some custom reports we created:

  • Report that shows which computers meets all requirements before running a Windows OS deployment.
  • Report that shows how many computers have upgraded to windows 7 and computers on Windows XP.
  • Report that shows the Software Update status of computers after they have been imaged with Windows XP.
  • Report that shows client deployment status and saturation and how many computer have BitLocker enabled.
  • Report that shows applications installed on all computers and where applications needs to be updated.