2

I'm looking for suggestions on how to best manage a group of 5-10 Windows 7 PCs. My primary concern is making sure the OS and applications stay up-to-date.

My ideal solution would be to partition separate system and user volumes, then periodically push out an updated image containing all the updates. I've found instructions for splitting the OS & user volumes, but somehow I doubt this is realistic. Wouldn't the system partition need to know about the user logins? And, how to handle user installed apps?

I'd rather not have a Windows server but would consider it if necessary. What other options do I have for making this task as painless as possible?

tonyp
  • 23
  • 2
  • 1
    Active Directory. Group Policy. Done. – Michael Hampton Oct 15 '12 at 21:51
  • 1
    A windows server might not be *necessary*, but having one and setting up a domain would make it **a lot** easier. – Hennes Oct 15 '12 at 21:51
  • You're apparently starting from a very odd place. Are you new to managing Windows? How did you decide your solution above was "ideal"? No Windows sysadmins I know would describe it that way. I'm not trying to be awkward here, just trying to understand your problem. For a start partitions don't "need to know" about anything; they're ways of managing disk space & nothing else. If you build a Windows system with the users' home folders stored on a custom partition, those folders are just that: folders full of stuff. User settings including how to find those folders, are managed via the registry. – Rob Moir Oct 15 '12 at 22:03
  • Yes, I am new to managing Windows. By "ideal", I meant that it would take the hassle and responsibility of applying updates (OS, Java, Flash, etc) out of the users' hands. The users will often not bother, not know how, or be afraid to keep things up-to-date. And I can't assume they won't install a bogus antivirus or other trojan if I push them harder to do so. The main problem for me is update distribution. Policy enforcement may or may not be worth the effort on this scale, my users are not prone to tinkering. – tonyp Oct 15 '12 at 22:29

3 Answers3

1

I'd highly recommend looking into Windows Small Business Server (http://www.microsoft.com/en-us/server-cloud/windows-small-business-server/default.aspx). It will manage your user authentication, updates, Group Policies, etc., and is specifically tailored for smaller networks like what you're describing.

BenC
  • 751
  • 1
  • 9
  • 24
1

For a lot of common software packages, check out Ninite. You can create a group of programs that you want installed and kept current from the available programs. Set it up to run weekly with Task Scheduler. Any software not on their list will have to be manually updated (or some other solution).

For the OS, just set each one to automatically download and install all updates. You can set the time and day it applies any updates, if you need to get specific about it.

For some additional peace of mind, have 2 accounts on each workstation: 1 user account and 1 administrator account, and put a password on both. Keep the user account as a standard account, so that they have to ask you to make changes and you know what's on each one.

thomasjbarrett
  • 33
  • 1
  • 5
  • Thank you for pointing this out! This looks like a very handy tool even if shy of covering ALL the software that we use. I just need to decide between this solution and the whole hog roaming profile solution above. Would mod up if I could. – tonyp Oct 16 '12 at 20:20
1

What other options do I have for making this task as painless as possible?

If you want this to be painless, then Active Directory is exactly what you are looking for.

Splitting OS & user data sounds like a heck of a lot of pain to me, using AD you can have your users' data stored on the server, roaming profiles & folder redirection will make your users much happier, their data will be transparently stored on the server and easy to back up.

Deploying new images will be simple, as you've no local data to worry about.

The method you describe sounds like hell to me. How are you going to manage users? What about backing up the PCs?

Bryan
  • 7,538
  • 15
  • 68
  • 92
  • OK, it looks roaming profiles would do the trick, if that's the best way way to separate user data. Thanks! – tonyp Oct 16 '12 at 20:39