- SmartDeploy: Rethinking software deployment to remote workers in times of a pandemic - Thu, Jul 30 2020
- Outlook attachments now blocked in Office 365 - Tue, Nov 19 2019
- PolicyPak MDM Edition: Group Policy and more for BYOD - Tue, Oct 29 2019
The Microsoft Desktop Optimization Pack (MDOP) is the premier collection of client management tools that aim to solve the most complicated management problems. Each release brings new products or major updates. Keeping with tradition, Microsoft has released the second update for 2014.
Like its predecessor, MDOP 2014 R2 consists of six tools grouped into three categories. The management category consists of Advanced Group Policy Management (AGPM) and Microsoft BitLocker Administration and Monitoring (MBAM). The restore category is a single product known as the Diagnostic and Recovery Toolkit (DaRT).
The final category, virtualization, received all of the attention in this release. This category consists of Application Virtualization (App-V), User Experience Virtualization (UE-V), and the now almost-defunct Microsoft Enterprise Desktop Virtualization (MED-V).
Updates to Microsoft Application Virtualization – App-V 5.0 SP3
Detractors of App-V will point out that performance isn’t always on par with traditional applications or that managing packages is too difficult. Microsoft continued to address both of those concerns with the SP3 update to App-V 5.0.
The updated App-V Sequencer for App-V 5.0 SP3
The biggest changes this service pack brought were improvements to connection groups. When an App-V package executes, it is completely isolated from other applications. Normally, it is an awesome benefit to virtualize applications because programs can’t mess each other up. Connection groups allow you to link multiple App-V packages. For example, a group could include two different financial applications that the financial department needs. App-V 5.0 SP3 makes connection groups a lot easier to implement. PowerShell cmdlets were also added for connection group management.
The App-V update made application publishing more flexible and automated. An App-V administrator can now publish a package to specific users by using the PowerShell cmdlet Publish-AppvClientPackage and the –UserSID parameter. Admins can combine this with Get-ADUser to find a specific user SID.
This update streamlines the App-V deployment for Office 2013 and includes previously released hotfixes that improve performance for application publishing and launching. You can package Office 2013 from the Click to Run media or from a standard setup.
On a side note, I do find it funny that, although Windows has stopped receiving service packs in the traditional sense, smaller products are still under the older style of updating. See a list of all of the App-V 5.0 SP3 changes here.
Updates to User Experience Virtualization – UE-V 2.1
Extracting a user’s application data from his or her profile has always proved troublesome. Administrators could redirect the roaming appdata folder with Folder Redirection. The constant read/writes required for this could significantly tax file servers. Administrators could roam the user profile, but doing so would likely lead to issues with slower logons. UE-V solves both of these problems by allowing administrators to roam settings selectively for certain applications.
Installing the UE-V 2.1 sync agent
UE-V 2.1 includes four big updates. The biggest improvement, to me, is the ability to synchronize settings across external and cloud-based storage. In previous versions of UE-V, settings were stored in the root of a user’s Active Directory home folder. UE-V 2.1 allows these settings to be stored in OneDrive for Business, Work Folders, or other storage locations.
This latest update expands roaming settings for Office 2013. Signatures in Outlook have been one of those annoying profile-specific settings for a while. UE-V 2.1 supports roaming of the signature and the ability to apply the signature to new or reply/forward emails. UE-V 2.1 is also aware of settings being synced with Office 365.
Credentials stored in Windows Credential Manager can also be roamed. Though this is not enabled by default, administrators can allow users to sync domain passwords and certificates across UE-V configured machines.
Finally, UE-V 2.1 is aware of Microsoft Account sync settings. UE-V can sync items normally handled by a Microsoft Account. This allows users to take advantage of synced settings without needing to cross into a non-domain network.
Microsoft Account sync settings that UE-V 2.1 can now handle
If you are interested in setting up UE-V, see our guide on setting up UE-V.
Adapting MDOP for the future
Parts of MDOP are beginning to age. MED-V, which allows XP applications to be virtualized in a RemoteApp-esque fashion, was once an awesome tool. For organizations that migrated past XP, this tool is useless.
Adding tools to ease Windows 8 or Windows 10 support should be a priority. A tool that makes Microsoft Accounts incredibly easy to manage on an enterprise scale would be a lovely addition. Additional automation support in AGPM would be another great update. For MDOP to remain relevant, Microsoft must continue to add must-have technologies to the suite.