Microsoft Deployment Toolkit (MDT) allows for network-based OS and application deployment for Windows systems.
Deployment can be initiated via network booting or booting from USB media, and IT partners can select from a range of applications to include as part of the deployment. Drivers are included for most campus standard models, and there is a simple process for requesting additional drivers.
Aggie Desktop provides MDT as a service to the UC Davis campus. Campus units may take advantage of this service rather than running their own MDT or other Windows deployment infrastructure infrastructure.
For information on how to use the Aggie Desktop MDT service, please see http://kb.ucdavis.edu/?id=2072.
The standard Aggie Desktop build applies various minimum security standard configurations, including:
- Installing the current versions of Windows 10 and Office with all current patches available up to the time of deployment
- Updating drivers and BIOS to latest versions on Dell systems via Dell Command Update
- Binding the system to uConnect Active Directory, which applies both campus-wide and unit-wide configuration standards (e.g., minimum password requirements) via Group Policy
- Encrypting the primary drive using Microsoft Bitlocker with key escrowed to uConnect Active Directory
- Configuring the Microsoft LAPS system which randomizes and periodically rotates the local administrative password, storing it in uConnect Active Directory
- Installing the BigFix client