I am currently designing a rollout of Windows 7 to a shop of approximately 80-100 desks. The office is a flat network without routing between servers and desktops. There are a few Windows Server 2008 R2 servers running a 2008 domain. Most of the workstations are newer machines that were installed with Vista or XP for program compatibility reasons. The compatibility issue has been resolved and the client is ready to move to Windows 7 Professional.
All of the workstations are compatible and capable of running Microsoft Hyper-V Server 2008 R2 (Stand Alone). For my questions assume that each workstation will run their own copy of Hyper-V Server with virtualized Windows 7 as guest OS. Please also assume that the specs are adequate and there will be no large deployment of new desktops in the near future. The client has volume licensing for Windows clients and Microsoft Office.
The business’s main concern is to minimize downtime of employee workstations. I would like to know:
- If Sysprep would work on the Hyper-V Server with the Win 7 virtual image host already in out of box mode Ready for first boot?
- If the Hyper-V server OS (the base on each workstation) would/should become domain members
- Are there enough tangible benefits to the client to outweigh the added complexity. It is very appealing to the client that if a machine is FUBAR, a new image can be deployed and running in an extremely short amount of time. (Client insists on local admin rights for all and they do mess up their machines.)
To summarize, it appears that you are asking whether it makes sense to deploy Windows Hyper-V Server 2008 R2 on each desktop computer in order to simplify the process of deploying clean images to client workstations.
Answer: no, it does not make sense to use Hyper-V Server on every desktop, for a multitude of reasons including the following:
- No one else does this. You will be completely on your own with this unsupported configuration. Very simply, Windows Hyper-V Server 2008 R2 is a product that is never meant to leave the server room.
- Audio (headphones/microphones/speakers) will not work on any of your workstations. Hyper-V does not virtualize audio drivers.
- USB ports will not work on any of your workstations for any purpose. Hyper-V does not support USB redirection.
If you are looking for a centralized, zero-licensing-cost solution that would allow you to centrally and efficiently re-image any workstation in your environment (or all workstations in your environment) very quickly, the FOG project will give you exactly what you need. I have seen FOG deployed in Active Directory environments such that an administrator can re-image any workstation at will, and any workstation re-imaged in this way can be made to automatically re-join the domain and reboot after coming back online.
Of course, there are non-free products that provide similar functionality, perhaps with less flexbility, but with the added benefit of commercial support. Potential examples include Altiris, Shavlik, Kace, etc.
For frequent central imaging of workstations to work well without aggravating users, you will need to use roaming profiles with the Desktop and Documents folders redirected to file server shares. Don’t ignore that last part: folder redirection is pretty much mandatory for roaming profiles to work well. This approach will ensure that they won’t “lose their stuff” when their workstations get wiped.
Be sure to specify an appropriately sized and appropriately robust file server as part of this deployment: RAID-10/RAID-6/RAID-Z2, redundant controllers, redundant PSUs, redundant UPSs, redundant wall circuits with separate breakers, appropriate backup/DR strategies in place and tested, etc. If workstations are expected to be re-imaged frequently, users cannot store anything on them, which means everything must be stored centrally; this isn’t a bad thing, but “when you put all your eggs in one basket, you’d better buy a [very] good basket.“