I am after the best practise approach for mass deploying EEPC to laptops. For arguments sake lets use 1000 endpoints. Surely deploying the product on an ad hock one at a time would not necessarily be the best approach?
My thinking was:
Mass deployment tasks.
1. Deploy EEGO (evaluate disk status for EEPC ready state)
2. Deploy EEAdmin and EEPC in same manner as (1) whilst utilizing a 'disabled' policy and removing the reboot prompt after EEPC deployment.
3. All endpoints would then require a reboot which can either be;
3.1 Scheduled via existing methods.
3.2 Wait until users reboot manually.
3.3 Requesting this via end user communication.
4. Enable EEPC to start the HDD encryption with autoboot enabled meaning no change in user experience.
Scheduled policy changes.
5. Schedule and communicate the activation of PBA to a predetermined number of endpoints, 20, 50, 100...?? per day (Not sure what the best practise here would be). Sure this would depend on the user communication and they way they understand and handle the change.
Any other ideas or recommendations of approaching a quick turnaround. Real examples would be appreciated.
Thanks.Message was edited by: wcoetsee on 3/11/11 7:03:14 PM
This is a very good approach and one that I have generally advocated for a long time - all the way back to the SafeBoot days. The beauty of temporarily using autoboot mode is that it eliminates the possibility of any end user helpdesk calls for password issues or user account issues. So if you do get a helpdesk call while in that state, you can jump directly to the more advanced troubleshooting.
There are lots of other things to consider for deployments...
What other challenges or considerations has the community faced?