So, last year, I wrote about how I was imaging machines using FOG as the backend, and then deploying Apps to them using PDQ Deploy. Well, I’m still doing it, but after a year of doing so, I’ve mad what I think are some good changes to it. Read on to learn how I’m doing it now, and how you can replicate!Requirements:
- Functioning Fog server. I’m on the latest Trunk version of Fog (as you should be, too), but 1.2 should work as well.
- PDQ Deploy Enterprise (for the auto deployments. You can use pro, but the auto update makes this awesome)
- PDQ Inventory Pro (for the ability to make your own dynamic collections.
So, if you have all that running, it’s pretty much idiot proof. First, get your machines registered in FOG, and build an image like you normally would. Me, I’m still building my images to be as lean as I can. They include:
- Windows (10 in this case)
- Office 2016
- Adobe Photoshop
- Adobe Premiere Pro
- Our cad software
- Our FACS software
- All windows updates
That’s it. The image comes in at a not-so-lean 21GB, but what can you ask for when you’re throwing Adobe stuff into the mix. I have it image as normal, change host name, and join the domain. That’s it for the fog side, this time! No more snapins!
Now, the magic happens the way it should, with PDQ Inventory. I have PDQ Inventory hooked up to my AD domain. I then went ahead and set it to update from AD every 20 minutes. This may be a bit overkill, but the performance hit was minimal, so why not I figured? I then went ahead and made a dynamic collection that I call “freshly imaged” In this dynamic collection, I do the following for rules:
|Computer||O/S Install Date||After||1 day ago|
|Computer||AD Created||After||1 day Ago|
That’s it. This will filter down my AD to all computers that had their OS installed after 1 day ago, OR had their AD created 1 day ago. Pretty simple, huh?
In PDQ Deploy, I simply made a schedule deploying out the packages I wanted to this dynamic image on a 15 minute schedule, and told it to remove machines it had already done from the queue. So now, a machine fires up, it images, it joins AD, PDQ sees it, throws new packages on it, and it’s good to go.
I’m loving it!
So, with Windows 10, I was finding that for some reason when the machine as joining the domain, it wasn’t updating Group Policies correctly. This means my firewall exceptions for PDQ weren’t getting pushed down, and PDQ couldn’t send out applications. I got around this pretty simply though!
Basically, I made a simple bat file that had gpupdate /force /boot in it. This made the machine update and reboot, as expected. I then went into FOG, and made a Snapin called GPUpdate. I attached this to my groups, so it’d be included when imaging. Now, the machine images, joins the domain, runs GP update, and then PDQ takes over. Works great!