Real Men Don't Click

Automatic Software Deployment


Installation media

The purpose of this exercise is to automate software deployment in an organisation. This requires, for starter, that software can be installed hands-free, unattended, yet without having to accept the default configuration imposed by the software developer : we may want to impose certain preferences, options, choose where the software is installed, etc. Methods to do that are investigated in the Unattended Software Setup page. For automatic, unatended software deplyement to work, the installation files need to be accessible to the workstations. We therefore put them in shared directories on a network server :

Because we approach these resources by their share name, we do not need to know the exact location of the directory, as long as it is shared with the right name. We can increase transparancy by assigning drive letters to these shares, so that even the server name can change without affecting the scripts.

Base Line and well-defined exceptions

We aim for a reproducable automatic installation of software. This only makes sense if we first define a 'baseline workstation' : a configuration that is common for all workstations. Eg : all workstations will have Microsoft Windows XP, Microsoft Office 2003, Internet Explorer, an ODBC-connection to a given database, etc. This needs to be defined first, otherwise, you won't know what to install.

On top of that, there may be exceptions, or rather : extensions to the baseline. Eg : on top of the baseline setup, the workstations used in the Financial department require a bookkeeping application and pc-banking software. On top of the baseline setup, workstations in the Human Resources department need access to certain databases and applications that only the HRM department uses (or is aloowed access to). Etc. Again, it is necessary to define these exceptions in such a way that the can be expressed in terms of "if user is member of Financial department, then run instal_bookkeeping script, else do nothing".

Deployment Methods

base line : scripts for unattended installation

In Unattended Software Setup, we describe command lines and scripts to setup software unattended. It goes without saying that, once we have defined a baseline, we can easily create a baseline configuration script. In it simpliest form, that would be a batch file that calls all scripts needed to configure the baseline workstation : configure the network, install software, add printers, ...

This master setup script could be run immediately after an unattended installation of the operatingh system and be started manually or by a statement in the operating system answer file, thus allowing us to create a standardized baseline workstation with hardly any intervention. This can be accomplished by cloning the hard disk of a model workstation as well, but the script approach is, contrary to cloning, more independent of the hardware. And with clooning, you still need to 'finetune' the setup afterwards (give the machine a unique name, ...), so why not just script the whole thing to start with ?

Active Directory Group Policy Objects for Software Deployment

For software deployment and configuration that is specific to certain groups of users or computers, we may develop specific scripts (eg. an install_software_for_HRM_dpt batch file that calls all install scripts for this specific group of users / computers). This approach can be usefull for an initial setup.

It is also possible to deploy software through Microsoft Active Directory Group Policy Objects. In this approach, 'setup packages' are linked to Active Directory Organizational Units, possibly filtered further by membership of security groups. The setup packages will then be executed (or not) based on the fact that the computer and/or the user reside in the given Organizational Unit. Obviously, this offers a very flexible way of managing software deployment, provided the Active Directory is well organized : if all users are thrown together in 'Users' and all computers in 'Computers', there's hardly a way to diversify.

Software deployment through Active Directory Group Policy Objects works best with Windows Installer Packages (msi, mst, ... ). There are, however, workarounds for legacy installers : you can wrap command lines in so-called 'zap' files.

Deployment Methods : 3rd Party Tools

So far, we've used scripts and Active Directory to deploy software. This technology is 'free', i.e. it comes with your Windows operating system so you don't need to buy anything extra. That will do just fine for small businesses, I suppose.

You can, of course, also buy software deployment and software management sollutions. Microsoft offers SMS. You may also want to have a look at SiteKeeper. There are many others. And even with those, you will need to think about your software deployment in terms of what is my baseline, who needs what, and how can i group them.

And of course you can attempt to setup your own home brewed deployment system.

Koen Noens
June 7th, 2005
Alle rechten voorbehouden