Microsoft Surface 3 Manuel d'utilisateur

© 2014 Microsoft Page 1 Surface Pro 3 Deployment and Administration Guide Published: December 2014 Version 1.0

© 2014 Microsoft Page 10  BitLocker Encryption – Chapter 8  Asset Tagging – Chapter 8  Network Boot – Chapter 3, Chapter 4, Chapter

© 2014 Microsoft Page 100 selection profile in the task sequence. Selection profiles are covered in the Importing Drivers section in this

© 2014 Microsoft Page 101 Figure 5.3: WMI Model Name for Surface Pro 3. To add automatic selection of a task sequence for Surface Pro 3

© 2014 Microsoft Page 102  SkipTaskSequence – Setting SkipTaskSequence to YES will bypass the Task Sequence page of the Windows Deploym

© 2014 Microsoft Page 103 Importing the Custom Image To use the custom image developed in the reference deployment scenario described in

© 2014 Microsoft Page 104 deployment share to the Operating Systems folder of the production deployment share. Also copy the test deploym

© 2014 Microsoft Page 105 command for installation will vary from application to application, so it is important to consult the documenta

© 2014 Microsoft Page 106 o Application Name – Enter Reader o Version – Enter 11.0.09 or the version of your Adobe Reader installation

© 2014 Microsoft Page 107  Destination – Specify a name for the folder in which to place the installation files, or leave the folder na

© 2014 Microsoft Page 108 2. Ensure your administrative user account has permission to write to this folder. 3. Download the Office Dep

© 2014 Microsoft Page 109 Figure 5.9: Save As Type Drop Down Menu in Notepad. 7. Name the file download.xml and save it to the Office1

© 2014 Microsoft Page 11 with applications and drivers, is configured for central management through SCCM, and is ready for use by the en

© 2014 Microsoft Page 110 2. Select Save As from the File menu. 3. Select All Files from the Save As Type drop down menu. 4. Name the

© 2014 Microsoft Page 111 2. Expand the deployment share and select the Applications folder. 3. Select New Application from the Actions

© 2014 Microsoft Page 112 Creating the Production Deployment Task Sequence To perform the deployment, a new task sequence that specifies

© 2014 Microsoft Page 113 Figure 5.12: Three Install Applications Steps. 6. Select the first Install Applications step. 7. Change the

© 2014 Microsoft Page 114 11. Change the setting Install multiple applications to Install a single application, then select Browse and ch

© 2014 Microsoft Page 115 therefore will not appear. The Installation Progress window will appear to show the progress of the deployment

© 2014 Microsoft Page 116 Figure 5.14: Deployment Workbench Showing Three Deployment Shares. Linking the Deployment Shares After the off

© 2014 Microsoft Page 117 Figure 5.15: Deployment Workbench Showing Linked Deployment Share Folder. 3. Select New Linked Deployment Sh

© 2014 Microsoft Page 118 o Linked deployment share UNC path – Enter or browse to the location of the offline deployment share. Note: Th

© 2014 Microsoft Page 119 6. The Replicate to Linked Deployment Share dialog box displays a progress bar on the Progress screen as repl

© 2014 Microsoft Page 12 Chapter 2 – Deployment Introduction Deployment Concepts This section discusses the concepts you’ll need to gain

© 2014 Microsoft Page 120 3. Enter the following command and press Enter to launch the Diskpart Command-Line Utility: diskpart 4. Ente

© 2014 Microsoft Page 121  General Settings – Enter the following configuration for the offline media and then click Next.  Media Pat

© 2014 Microsoft Page 122 6. Right-click and select Paste to overwrite the offline media rules. 7. Alter the following settings:  Joi

© 2014 Microsoft Page 123 SkipSummary=NO SkipFinalSummary=YES Listing 5.3: Offline Media Rules. Add the SkipBDDWelcome setting to the Bo

© 2014 Microsoft Page 124 Figure 5.20: Offline Media Files Selected. 9. Enter or browse to the location of the prepared USB stick. 10.

© 2014 Microsoft Page 125 After the deployment process is complete, the Installation Progress dialog box will automatically close and you

© 2014 Microsoft Page 126 Chapter 6 – Automated Deployment with SCCM Unlike the lite-touch scenarios covered in Chapter 3, Chapter 4, and

© 2014 Microsoft Page 127 o Microsoft Deployment Toolkit (MDT) o Windows Deployment Services (WDS)  Managed Surface Pro 3 o Domain

© 2014 Microsoft Page 128 Integrating MDT with SCCM Before the deployment process can be configured, the MDT components will need to be a

© 2014 Microsoft Page 129 After the integration has been completed, in SCCM, locate the Create MDT Task Sequence button in the Task Seque

© 2014 Microsoft Page 13 the Preboot Execution Environment (PXE) standard. The Surface Pro 3 supports PXE boot through the docking statio

© 2014 Microsoft Page 130 Note: Drivers can be organized into folders and subfolders within the Drivers folder for further organization.

© 2014 Microsoft Page 131 Note: The location of the drivers to be imported must be a network share (UNC).  Driver details – A list of

© 2014 Microsoft Page 132  Name – Name the package Surface Pro 3.  Comment – Supply any desired comment.  Path – Enter the network

© 2014 Microsoft Page 133 Figure 6.7: Specifying Boot Image in Import Drivers Wizard.  Summary – Confirm the selected options and the

© 2014 Microsoft Page 134  Driver details – A list of all of the drivers found will appear on this page, specify the following options

© 2014 Microsoft Page 135 Driver Pack and Surface Ethernet Adapter drivers are now included in a package that can be deployed to managed

© 2014 Microsoft Page 136  Completion – Confirmation of successful import is shown, click Close to complete the Add Operating System Im

© 2014 Microsoft Page 137 Figure 6.10: MDT Package Creation.  MDT Details – Provide a name and if desired, version, language, manufac

© 2014 Microsoft Page 138 Figure 6.11: ConfigMgr Client Package.  USMT Package – Select the Specify an existing USMT package option,

© 2014 Microsoft Page 139 Figure 6.12: USMT Client Package. For more information about USMT, see the Deployment Tools section of Chapte

© 2014 Microsoft Page 14 entered manually. Another example is the pairing wizard for the Surface Pen for Surface Pro 3, which is covered

© 2014 Microsoft Page 140 Figure 6.13: Settings Package.  Settings Details – Provide a name and if desired, version, language, manufa

© 2014 Microsoft Page 141 Figure 6.14: Auto Apply Drivers Step. 6. In the For each hardware device section of the Properties tab, sele

© 2014 Microsoft Page 142 Figure 6.15: Apply Operating System Image Step. 5. Check the Use an unattended or Sysprep answer file for a

© 2014 Microsoft Page 143 Deploying the Operating System Task Sequence to the Client This section outlines how to make the component pack

© 2014 Microsoft Page 144 Figure 6.16: Deploy Software Wizard Task Sequence and Collection.  Deployment Settings – Define if the depl

© 2014 Microsoft Page 145 Figure 6.17: Deployment Settings.  Scheduling – You can set when the task sequence will be made available,

© 2014 Microsoft Page 146 Figure 6.18: Deployment Schedule.  User Experience – You can configure a number of options as shown in Figu

© 2014 Microsoft Page 147 Figure 6.19: Deployment User Experience.  Alerts – You can configure alerts for success or failure of the d

© 2014 Microsoft Page 148 Figure 6.20: Maintenance Period Scheduling in Software Center. You may note that the deployment is performed

© 2014 Microsoft Page 149 To deploy the task sequence to computers which are unknown to SCCM, a new deployment must be created. This new

© 2014 Microsoft Page 15 Licensing An important consideration when deploying the Windows operating system is how licensing will be manage

© 2014 Microsoft Page 150 Figure 6.21: PXE Boot Settings. 6. Click OK to close the distribution point properties. Note: If the deploym

© 2014 Microsoft Page 151 Figure 6.22: PXE Boot Task Sequence Selection.

© 2014 Microsoft Page 152 PART III ADMINISTRATION

© 2014 Microsoft Page 153 Chapter 7 – Administration Overview This chapter covers the basics of administering Surface Pro 3 devices in yo

© 2014 Microsoft Page 154 Windows Intune Windows Intune is a cloud based management solution that provides a web-accessible interface for

© 2014 Microsoft Page 155 BitLocker Encryption With both Windows 8.1 Professional and Windows 8.1 Enterprise, Surface Pro 3 devices suppo

© 2014 Microsoft Page 156 Note: Because the Surface Ethernet Adapter has a fixed MAC address, if you share the adapter among multiple com

© 2014 Microsoft Page 157 Chapter 8 – Administration Scenarios For many organizations, Surface Pro 3 devices provide additional functiona

© 2014 Microsoft Page 158 Enabling PIN Authentication on Surface Pro 3 Although the on-screen keyboard is provided in the preboot environ

© 2014 Microsoft Page 159  BDEPin – This rule is used to define a PIN if the setting in BDEInstall is configured to use a PIN protector

© 2014 Microsoft Page 16 Note: The deployment of images in organizations with Volume Licensing agreements for Windows 8.1 Professional is

© 2014 Microsoft Page 160 5. Type the following command using the /WIMFile: option with DISM to specify the path you located in Step 3 t

© 2014 Microsoft Page 161  Summary – This page will present a summary of the specified options, click Next.  Progress – This page wil

© 2014 Microsoft Page 162 UDDir=%OSDComputerName% This will create a folder with the computer name on the share UserData on the deployme

© 2014 Microsoft Page 163 on the hard drive to keep the data during deployment. If there is not enough room, it will fall back on the UDS

© 2014 Microsoft Page 164 PART IV APPENDIX

© 2014 Microsoft Page 165 References Description Type Link The Deployment Guys Blog http://blogs.technet.com/b/deploymentguys/ Windows f

© 2014 Microsoft Page 166 Microsoft Premier Support Site Support http://premier.microsoft.com/ Active Directory-Based Activation Overview

© 2014 Microsoft Page 17 which eliminates the need for separate installation or configuration. The deployment can be fully automated but

© 2014 Microsoft Page 18 For larger deployments, there are additional scalability considerations, such as:  Selecting technologies tha

© 2014 Microsoft Page 19 to perform only a single task, others are complete solutions that can perform every step of a deployment. Most o

© 2014 Microsoft Page 2 © 2014 Microsoft. All rights reserved. Surface is a trademark of Microsoft Corporation. Computrace is a trade

© 2014 Microsoft Page 20 Windows Preinstallation Environment (WinPE) Alternate boot operating system used to perform deployments and imag

© 2014 Microsoft Page 21 to meet a wide variety of tasks. Windows PE is runs exclusively from RAM to make sure no files are locked in the

© 2014 Microsoft Page 22 MDT is also highly automated, with an extensive set of preconfigured scripts and a process for scripting each st

© 2014 Microsoft Page 23 Caution: The first item under the Deployment Workbench is the Information Center, where you will find the docume

© 2014 Microsoft Page 24 deployment share must be capable of deploying to an entire organization. In other cases, deployment shares may b

© 2014 Microsoft Page 25 Another deployment share could be used to provide a full-featured deployment across the organization, but is sec

© 2014 Microsoft Page 26 Driver Management As the Microsoft Deployment Toolkit is able to manage drivers independently of the operating s

© 2014 Microsoft Page 27 Note: MDT provides full support for the management and sideloading of Windows Store apps (APPX). Sideloading is

© 2014 Microsoft Page 28 MDT can also be used to manage packages that contain features or packs. Through the selection profile functional

© 2014 Microsoft Page 29 o Applications: A pre-selected set of applications including Office, accounting software, and the custom develo

© 2014 Microsoft Page 3 Contents PART I – DEPLOYMENT OVERVIEW Chapter 1 – Overview ...

© 2014 Microsoft Page 30 actually included on the original installation media (either OEM or volume license media) for the operating syst

© 2014 Microsoft Page 31 example, some applications cannot be configured through installation or scripts and require that they be configu

© 2014 Microsoft Page 32 Develop Deployment ProcessStartNODeploymentSuccessful?Import Deployment Into ProductionYESNOEndYESTest Deploymen

© 2014 Microsoft Page 33 of the production environment. For example, if you are deploying organization wide, but you pilot the deployment

© 2014 Microsoft Page 34 A recommended tactic to help the end user adjust to the new experience is a “white glove” delivery, in which IT

© 2014 Microsoft Page 35 PART II DEPLOYMENT STEP-BY-STEP

© 2014 Microsoft Page 36 Chapter 3 – Manual Deployment with MDT This chapter shows you how to perform a basic deployment, which includes

© 2014 Microsoft Page 37 Surface Pro 3 DeviceDeployment Server Figure 3.1: Overview of Lab Environment. The overall process is that depl

© 2014 Microsoft Page 38 Figure 3.2: Downloading Windows ADK. To permit downloads in Internet Explorer (IE) on Windows Server 2012 R2,

© 2014 Microsoft Page 39 The Windows ADK download includes a small setup file that is used to select and download only the desired compo

© 2014 Microsoft Page 4 Planning for Deployment ...

© 2014 Microsoft Page 40 Figure 3.5: Downloading Microsoft Deployment Toolkit (MDT) 2013. When downloading MDT, the only required compo

© 2014 Microsoft Page 41 After you download and run the applicable MSI setup application, follow the prompts and accept all of the defau

© 2014 Microsoft Page 42 Figure 3.8: Add Roles and Features Wizard. 4. The Add Roles and Features Wizard presents a series of steps, a

© 2014 Microsoft Page 43 Figure 3.9: Add Roles and Feature Wizard Additional Features Prompt. Click Add Features to accept the new feat

© 2014 Microsoft Page 44 Figure 3.10: Windows Deployment Services Configuration Wizard. 3. The Windows Deployment Services Configurati

© 2014 Microsoft Page 45 Figure 3.11. PXE Server Initial Settings.  Task Progress – Displays a progress bar during the configuration

© 2014 Microsoft Page 46 Figure 3.12: New Deployment Share Wizard. The New Deployment Share Wizard presents a series of sequential step

© 2014 Microsoft Page 47 Note: Single license keys must be entered individually on each computer, so this option should be checked in mos

© 2014 Microsoft Page 48 After the deployment share is created, you’ll see many sub-folders under the name of the deployment share in the

© 2014 Microsoft Page 49 Figure 3.15: Import Operating System Wizard. 5. The Import Operating System Wizard presents a series of steps

© 2014 Microsoft Page 5 Customizing the Start Screen ...

© 2014 Microsoft Page 50  Confirmation – Displays confirmation of success or errors generated while importing the operating system file

© 2014 Microsoft Page 51 Downloading the Surface Pro 3 Firmware and Driver Pack For Surface Pro 3, as well as Surface Pro and Surface Pro

© 2014 Microsoft Page 52 Importing Drivers for Windows PE When configuring a deployment share for an organization that uses many computer

© 2014 Microsoft Page 53 8. Select the Import Drivers option from the Actions pane to launch the Import Driver Wizard, as shown in Figur

© 2014 Microsoft Page 54  General Settings – Specify the name WinPE for the selection profile and any desired comments, then click Next

© 2014 Microsoft Page 55 Figure 3.21: Windows PE Selection Profile.  Click OK to apply the changes and close the window. Note: Repeat

© 2014 Microsoft Page 56  Confirmation – Confirmation of the successful creation of the folder will be displayed here. Click Finish. 7.

© 2014 Microsoft Page 57 Figure 3.22: Deployment Share Showing Surface Pro 3 Firmware Drivers. Creating the Surface Pro 3 Win 8.1 x64 Se

© 2014 Microsoft Page 58 Figure 3.23: Windows 8.1 x64 Folder Selected In Selection Profile.  Summary – Confirm the specified options

© 2014 Microsoft Page 59 Figure 3.24: New Task Sequence Wizard. 3. The New Task Sequence Wizard presents a series of steps, as follows

© 2014 Microsoft Page 6 Importing the Operating System Image ...

© 2014 Microsoft Page 60  Confirmation – Displays confirmation of success or errors generated while creating the task sequence. Click F

© 2014 Microsoft Page 61 Note: Specifying the selection profile in the deployment task sequence will make the task sequence applicable to

© 2014 Microsoft Page 62 3. The Update Deployment Share Wizard presents a series of steps, as follows:  Options – Enables you to selec

© 2014 Microsoft Page 63 Figure 3.27: WDS Console Showing Imported Boot Image. Deploying the Basic Scenario After creating the deploymen

© 2014 Microsoft Page 64 Figure 3.28: Surface Pro 3 Device Booting from the Network. 6. The network adapter will receive an IP address

© 2014 Microsoft Page 65 Windows Deployment Wizard After the boot image is loaded onto the target Surface Pro 3 device, the Microsoft Dep

© 2014 Microsoft Page 66 o Keep existing partitions – Indicates that any existing partitions should be preserved and not formatted or pa

© 2014 Microsoft Page 67 Figure 3.32: Installation Progress Bar. At the completion of a successful deployment, a Deployment Summary page

© 2014 Microsoft Page 68 Chapter 4 – Reference Deployment with MDT One of the most common deployment tasks required by an organization is

© 2014 Microsoft Page 69 Instructions for installation of the deployment tools are provided in Chapter 3.  Virtual Machine (VM) 2: Refe

© 2014 Microsoft Page 7 Pen Pairing ...

© 2014 Microsoft Page 70 Note: It is recommended to use generation 1 virtual machines for image creation because the resulting images are

© 2014 Microsoft Page 71 Figure 4.2: New Deployment Share Options. 3. Continue clicking Next to complete and close the New Deployment

© 2014 Microsoft Page 72 Figure 4.3: Original Deployment Share Rules. Notice that the options in the [Default] section correspond to th

© 2014 Microsoft Page 73 SkipTimeZone=YES TimeZoneName=Pacific Standard Time UserDomain=SP3DEPLOY UserID=MDT UserPassword=P@ssw0rd SkipFi

© 2014 Microsoft Page 74 Configuring Boot Media Rules In the same way that rules defined in customsettings.ini control the behavior of th

© 2014 Microsoft Page 75 [Default] DeployRoot=\\SP3DEPLOY\LabDeploymentShare UserDomain=SP3DEPLOY UserID=MDT UserPassword=P@ssw0rd SkipB

© 2014 Microsoft Page 76  OS Info – Contains information regarding the operating system used by the task sequence and a button to edit

© 2014 Microsoft Page 77 Note: Enabling Windows Update during deployment will significantly increase the time required to perform the dep

© 2014 Microsoft Page 78 Figure 4.7: WDS PXE Boot Screen. 4. Press Enter to boot from the network. This launches the MDT boot media an

© 2014 Microsoft Page 79 6. Enter the desired computer name on the Computer Details page as shown in Figure 4.9 and click Next. Figure

© 2014 Microsoft Page 8 PART I DEPLOYMENT OVERVIEW

© 2014 Microsoft Page 80 When complete, the Windows Deployment Wizard will close automatically and the system will be logged in as the A

© 2014 Microsoft Page 81 Figure 4.11: Configured Microsoft Surface Wallpaper. Customizing the Default User Account Picture The default u

© 2014 Microsoft Page 82 Figure 4.12: User Account Picture Before Replacement. 3. For the default user account, these four images must

© 2014 Microsoft Page 83 5. When prompted to Replace or Skip Files, select Replace the files in the destination. 6. When the Destinatio

© 2014 Microsoft Page 84 Figure 4.15: Start Screen Before Customization. As an example, this procedure shows you to uninstall and un-pr

© 2014 Microsoft Page 85 Figure 4.16: Get-AppxPackage Output. Note: The output from this statement can be written to a text file to mak

© 2014 Microsoft Page 86 Figure 4.17 shows the same Start Screen as in Figure 4.15, but with the Sports app removed. Figure 4.17: Start

© 2014 Microsoft Page 87 Figure 4.18: Start Screen Before Customization. To export and import a Start Screen layout template, follow the

© 2014 Microsoft Page 88 Figure 4.19: Start Screen After Customization. Note: The same PowerShell cmdlets can also be used to generate

© 2014 Microsoft Page 89 Figure 4.20: Capture Task Sequence.  Select Template – Select the Sysprep and Capture template and click Nex

© 2014 Microsoft Page 9 Chapter 1 – Overview Purpose of This Guide This guide was constructed to show you best practices for deploying Wi

© 2014 Microsoft Page 90 Figure 4.21: Capture and Reference Deployment Task Sequences. Note: It is possible to perform the deployment a

© 2014 Microsoft Page 91 Note: Another advantage in using a virtual machine as a reference system is the ability to use checkpoints or sn

© 2014 Microsoft Page 92 Testing the Image After the image has been captured, it is ready to be used to deploy to other computers. To ver

© 2014 Microsoft Page 93  General Settings – Enter the desired task sequence ID, name, and comments. Click Next.  Select Template – S

© 2014 Microsoft Page 94 5. Select the EditFind menu or press Ctrl+F to launch the Find dialog box. Note: With a large number of availa

© 2014 Microsoft Page 95 When the image is applied to the target system, the specialize pass will run, which copies the Administrator pro

© 2014 Microsoft Page 96 Chapter 5 – Automated Deployment with MDT The automated deployment scenario in this chapter builds upon the refe

© 2014 Microsoft Page 97 PC1(Connected Device)PC2(Offline Device)Production Deployment ServerFigure 5.1: Offline Deployment Scenario Comp

© 2014 Microsoft Page 98 Figure 5.2: Disabling PXE Response to Clients. 5. Close Windows Deployment Services. Creating the Production

© 2014 Microsoft Page 99 Priority=Default Properties=MyCustomProperty [Default] OSInstall=Y SkipCapture=YES SkipAdminPassword=YES SkipPr