First off, this is my first post after lurking for years, so a HUGE thank you to Tom Elliott and the rest of the development team for an outstanding product! I am a Windows guy first, and a casual Linux guy second, so could not have gotten everything working without the help I received by searching through the forums. FOG has been a basic necessity for me for around 8 years (since version 0.26), so it is high time I give back. In this post I will share why I use FOG over other imaging platforms, and a basic overview of the FOG workflow (for me anyway).
Why FOG?
I work for a tech school that has about 700 Windows 7/10 PCs under a volume Microsoft license. We have many different classrooms with very diverse software requirements. Some of the classrooms require upwards of 60 applications to be installed. This makes it very difficult or impossible to deploy systems the Microsoft way (WDS, packaging applications and pushing over network). Changes to such programs require updates to the application package. Some people may prefer this over the FOG/image way, which is to set up a computer exactly the way you want it, take a snapshot (image) and deploy that image. I would suspect that entities with only a few software applications to keep up with may actually prefer that method, but for me FOG is the answer.
My workflow
I generally only install Windows once per model of computer, ever. Most of our computers don’t have optical drives any more, so I use RUFUS to copy a Windows ISO to USB flash drive (much faster this way, and less trouble in general). I don’t bother with multi-model images because the time spent slipstreaming network drivers, etc usually takes me more time than installing Windows, especially via USB flash drive on modern computers. Plus, way more time is spent customizing images than installing Windows and drivers, so there’s not much return on time investment for me. Yes, having a single base image is cool, but in practice unless someone has dozens of different computer models to image it isn’t worth the time investment. IMHO anyway.
I build one BASE image for each model computer (install Windows, enter Audit mode with CTRL-SHIFT-F3 (important), install drivers and Windows updates only). Then, while still in Audit mode, I upload a BASE image. If the computer model is a Dell E5430 and the year is 2017, I will name the image E5430.BASE.17. In subsequent years, I won’t typically bother making a new BASE image unless I need new drivers or move to a new OS.
I then build a CORE image, starting with the BASE image for that model (downloading BASE to the computer if necessary using FOG). The CORE image adds Windows updates (assuming I started with an older BASE image), Office suites and basic applications like Notepad++, VLC, etc that I haven’t yet packaged for deployment via GPO. Nothing class-specific yet, just applications that EVERYONE will (or could) use. I use the same naming convention as for the BASE image, so a Dell E5430 core image in 2017 will be named E5430.CORE.17.
If I plan to deploy a core image as-is to anyone (teachers or classrooms without further specialized applications) I will then sysprep the machine to get it out of Audit mode, and after it shuts down I will upload an image named E5430.CORE.17.Prepped. Only Prepped images are deployed to end users. Nobody should ever use a computer that is in Audit mode.
If there is a classroom that needs a custom set of software I will start with a CORE image (downloading CORE to the computer if necessary using FOG), install specialized applications (Autodesk Inventor, Adobe Creative Cloud, etc), then upload a new image with the classroom name, such as E5430.AUTOTECH.17. You could sysprep immediately and only upload E5430.AUTOTECH.17.Prepped, but I like to be able to go back and customize or fix images as needed without having to reinstall all the applications from scratch.
Using FOG groups, I will assign Prepped images to every classroom so that I can reimage an entire classroom with just a few clicks. This makes it dead simple to reimage classrooms during Christmas break and summer.
The following year (usually spring/summer), I will download one of the non-prepped CORE images to a computer of the same model, and update as needed from that point. This way, I should only ever install Windows once on a particular model (unless there is a need to rebuild the BASE image). I do tend to rebuild the CORE image every year to get latest Windows updates and reduce the load on my WSUS server and network, as well as update Office suite, but even this is not absolutely necessary. However, downloading CORE and then reinstalling new software versions is much better than downloading a class-specific image and uninstalling then reinstalling software. Windows doesn’t always behave well when large applications are uninstalled and then reinstalled.
When I order new computers, I print barcode labels containing an asset number (E5430-0001 for example) and stick them on each computer. I then use a barcode scanner to build an Access database containing a list of matched asset numbers and MAC addresses from the computers (most computers have barcoded MAC labels). I use Access instead of Excel because it goes to a new line automatically (no intervention needed to drop to the next row). Copy/pasting this data into a spreadsheet and saving as CSV allows me to import the hosts directly to FOG. I can then add the new hosts to a temporary group and update the image to be used, the OS, AD join info, etc so they are ready to be pushed out without having to go through the FOG host registration process. Just turn on the computer, set the BIOS to boot to PXE if it is not already set up that way, and let the image load! FOG can serve as a simple but powerful computer inventory tool in this way.