15

I'm working with a startup that's teaching kids to program. We've just obtained our first "fleet" of laptops - half a dozen refurbished thinkpads running Windows 7 - and I'm looking for the best way to administer and maintain them.

I've already determined that it appears to make sense to buy a volume license key, so I can use reimaging rights and generate a single known good image I can write to all of them, and use to wipe out a computer whenever I need to. What I'm wondering about now is how best to manage them on an ongoing basis.

The laptops will run on a variety of networks - none of them controlled by us - and we've got no central office or servers. We'd rather not acquire any.

I'd like to be able to easily push out updates and new software to all the laptops, as well as doing things like remotely configuring administrator accounts, and managing patches to make sure the laptops are kept up to date.

As a tiny startup, funds are limited, and money spent on software licenses is money we could have spent on more hardware, so expensive solutions are a bit of a no-go.

Does anyone have any recommendations for how we can most easily do this?

Falcon Momot
  • 25,584
Nick Johnson
  • 364
  • 1
  • 10

5 Answers5

14

This is the perfect use case for Microsoft Intune. While it is primarily known as an MDM solution, it also has PC management capabilities as well, such as app deployment and patch management. It's also completely cloud-based and is licensed on a per-device per-month basis, so it can scale as you grow.

If you're already managing internal devices with System a Center Configuration Manager, it has some neat integration. If not, it's perfectly functional as a standalone product as well.

MDMarra
  • 101,323
0

It would be possible to automatically connect each laptop to a VPN network. All you would need is an VPN server / router. And some configuration for the laptop to connect to vpn on logon. After that you could simply RDP to it.

Bartas Kondrotas
  • 1
0

Depending on your budget (which you haven't stated) I think a good solution for you could be that of a HP Microserver with some extra RAM as a domain controller?

That way you have an extremely portable server with the ability to push out updates and lock down the laptops with group policy?

For that amount of laptops the Microserver will easily be able to handle the load and you'll have everything you're wanting.

The downside is of course the cost. You're probably looking at about £1300- maybe more to get a finished solution.

However once it's setup it'll be low maintenance and you can add to it when and where you find the money with things like RAID and perhaps a small switch?

SORoss
  • 1
0

I'm not sure if this will cover all you need but...

At the place I am recently employed, company-issued laptops (which are running Windows) are required to be able to access the company VPN. Namely, VPN access is only allowed using company-issued laptops.

Users are not admins on their local machine. Therefore, company IT personnel do all the administering, like setting Windows Update schedules, setting the schedules for anti-virus update, etc.

At first glance, it seemed annoying to me as a user not to be able to admin a laptop I take home or install what I want, and it probably takes the IT group some resources to manage the laptop fleet, but I suspect this methodology reduces external threats that free-floating laptops might otherwise present.

Good luck.

local guy
  • 1
0

I would recommend Meraki Systems Manager. It's an entirely cloud-managed solution that's free for up to 100 devices. It's probably not as robust as Microsoft InTune or Systems Center Configuration Manager, but it may fit the bill for the price. My favorite feature is the VNC-based remote assistance.

ghaberek
  • 129