🧭 End-to-End Workstation Deployment Process

Introduction

~~This~~Workstation ~~document~~Lifecycle: ~~provides~~The anImage Playbook ~~overview~~is DTC’s end‑to‑end recipe for turning any workstation—laptop, tower, or NUC—into a fully recoverable, ready‑for‑retirement asset with as little human intervention as possible. Our approach rests on four pillars:

Capture – Take a point‑in‑time image of the device well before swap‑out day.

~~full~~Protect ~~workstation~~– ~~deployment~~Back ~~lifecycle~~that image up every night (cloud, local, or both) until the old box is powered down for good.

Restore – Re‑deploy the image quickly, either on‑site or on the Ridgebrook bench.

Generalize (Optional) – Strip device‑specific identifiers so the image can become a true “gold master.”

All of this is automated through MSP360 Backup, a purpose‑built “Workstation Lifecycle: Step 1 Capture” script in NinjaRMM, and a DTCBeSure recovery environment that boots from USB, ISO, or network (netboot.xyz).

Capture & Protect

Running the Step 1 Capture script does the heavy lifting:

Installs MSP360 if missing.

Logs the agent into our staging account ([email protected]).

Creates one of two backup jobs:
- Staging Job ☁️ – Cloud‑first, restored on the Ridgebrook bench.
- Staging Job Local 📂 – Writes to an on‑site SMB share for same‑day rebuilds.

Need both paths? Re‑run the script with the other mode—jobs coexist and back up nightly until lifecycle day.

Restore (Guides Coming Soon)

The actual act of restoration is straightforward—boot the recovery image, select the repository, click Restore—but the click‑by‑click walkthroughs are still in progress:

Missing Guide	Purpose
On‑Site Restoration Imaging	Bring a system back to life directly at the client location using the Local SMB image.
Ridgebrook Bench Imaging	Re‑image hardware on our bench using the cloud copy.

While those chapters are being drafted, remember: same image in, same image out—the backup job you chose at capture totime ~~end-user~~dictates ~~production~~where ~~handoff.~~you Itpull ~~serves~~from.

Generalization: Nice‑to‑Have, Not Must‑Have

Modern EFI firmware and our management stack (Intune, NinjaRMM tags, device‑based licensing) already handle cloned drives gracefully. The Generalize step—Sysprep in Audit Mode with a ~~reference~~cleanup ~~index~~script—remains ~~and~~valuable ~~policy~~when you’re building a reusable gold image, but it’s optional for ~~all~~everyday ~~team~~lifecycle ~~members~~swaps. ~~and~~Skip ~~project~~it ~~stakeholders~~when ~~involved~~time is tight; there’s no SID‑collision drama in ~~device~~our ~~rollout and replacement.~~ecosystem.

⚠️ ~~Critical Warning:~~
~~Once this process has begun,~~ ~~no updates or configuration changes should be made to any client-facing applications or system-level configurations~~~~. If changes are introduced after image capture,~~ ~~the entire process must restart from Chapter 1: Image Capture~~~~, ensuring the new image includes those changes.~~

📘

What’s ProcessNew Chaptersin &This Documentation Index

📦 1. Image Creation & CaptureEdition

~~Guide:~~Network Boot Support. ~~Imaging~~A freshly built MSP360 recovery ISO is being added to netboot.xyz, letting techs PXE‑boot a ~~System~~failing ~~with~~machine ~~Disk2VHD~~when /USB ~~DISM~~media isn’t handy.
~~Tools:~~ ~~Disk2VHD,~~
Annual ~~DISM,~~Driver ~~sysprep,~~Pack ~~unattend.xml~~Refresh. Our Dell Family Driver Pack gets rolled into the ISO every year—no more NIC surprises during cloud restores.
~~Captures~~ ~~the~~
Monitoring ~~operating~~Hygiene. ~~system~~We track 30 nights of backup success before calling an image ~~from~~“ready.” ~~source~~Failed ~~system~~jobs totrigger .vhdxan or .wim

~~Verifies boot~~alert and ~~partition~~retry.
~~structure integrity (GPT conversion, EFI layout)~~

☁️ 2. Upload to Azure File Share

~~Guide:~~ ~~Uploading Captured Image to Azure Storage~~

~~Storage account:~~ clientosimages01e2usdtc

~~File share:~~ client-os-images-01

~~Each image stored in its own PSA-labeled folder~~

🧪 3. Offline Boot & Testing (Optional VM Validation)

~~Guide:~~ ~~Booting & Validating Offline Image Before Cleanup~~

~~Hypervisor:~~ ELDERBRAIN

~~Test image boot on an isolated VM environment before generalization~~

~~Confirm conversion, EFI boot, and OS integrity~~

🧼 4. Generalization & Sysprep

~~Guide:~~ ~~Generalizing an OS Image for Deployment~~

~~Clear agent tokens (NinjaRMM, Veeam, Blackpoint, MSP360)~~

~~Disable telemetry~~

~~Sysprep with unattend.xml to skip OOBE and finalize image~~

🏷️ 5. Post-Image Workstation Organization

~~Guide:~~ ~~Post-Image Workstation Preparation & Inventory Staging~~

~~Device naming, NinjaRMM validation, physical labeling~~

~~Staging in inventory area for production deployment~~

🔁 6. Profile Backup & Restore

~~Guide:~~ ~~Restore User Profiles With ProfWiz~~

~~Profile backup from original devices~~

~~Domain join and restore via ProfWiz~~

~~Align workstations into proper OUs unless stated otherwise in SOW~~

🧪 7. Application Testing & Readiness

~~Guide:~~ ~~Client Application Testing (Pre-Deployment)~~

~~Verify all business apps operate correctly without hardware peripherals~~

~~Smoke test with known credentials or test data~~

🔄 8. On-Site Workstation Swap & Validation

~~Guide:~~ ~~On-Site Workstation Swap & Field Validation~~

~~Field team performs workstation swap~~

~~Reconnect all hardware~~

~~Final round of application and peripheral testing~~

~~Target: 30 minutes per workstation max~~

✅

Roadmap Final& Notes

To‑Dos

Immediate Tasks

Deploy MSP360 recovery ISO to netboot.xyz
- ~~All~~ ~~stages~~
  Build ~~must~~latest beISO ~~followed~~→ ~~sequentially~~
- ~~Deviating~~→ ~~from~~Add ~~the~~“DTC MSP360 Recovery” ~~documented~~menu ~~steps~~item ~~may~~→ ~~result~~PXE‑test inon ~~profile~~Ridgebrook ~~loss,~~VLAN.
  ~~app malfunction, or failed deployment~~
- ~~Once application testing is passed, deployment is complete and system is considered production-ready~~

~~For~~Draft missing Restore chapters
- On‑Site Restoration Imaging
- Ridgebrook Bench Imaging

Verify nightly backup success for 30 consecutive days on both cloud & local jobs.

Recurring Maintenance

Rebuild recovery ISO annually with freshest driver packs.

Review Generalize workflow each quarter; update docs if our management stack changes.

Where We’re Headed

By the time you finish this book, you’ll have a repeatable, audited process for imaging, backing up, and resurrecting any ~~updates~~workstation toin ~~critical~~the ~~applications~~fleet—whether you’re at HQ with a stack of USB sticks or ~~configurations~~remote ~~post-image,~~with ~~restart~~nothing atbut ~~Chapter~~the 1network ~~to capture~~and a ~~new~~good ~~baseline.~~PXE ~~This~~menu. ~~ensures~~Ready? ~~consistency~~Let’s jump into Chapter 1: Capture and ~~prevents~~start ~~mismatched~~protecting ~~environments~~those ~~across the deployment.~~endpoints.