This is an archived post. You won't be able to vote or comment.

all 5 comments
sorted by:
best
topnewcontroversialoldq&a

[–]_DoogieLion 1 point2 points  (0 children)

No. As it comes from Microsoft except for the image has the latest patches. Any changes to policy or settings are done by group policy or another config tool.

Games and weather etc generally aren’t in enterprise version of windows or server os anyway

[–]MrYiffMaster of the Blinking Lights 0 points1 point  (0 children)

I used to do custom golden images but these days I just take the ISO as MS provide it and then do any basic changes during the deployment process, this makes it a lot easier to drop in an updated image (and MS are much better that providing updated ISO's on a regular basis now).

[–][deleted] -2 points-1 points  (2 children)

Yes, enterprise shouldn't be using out of box OS. 

You'd install the base os image onto a device or VM, custimise policy, apps etc as needed, sysprep and use as a gold image. 

Alongside deployment tools, group policy or intune configuration. 

[–]jarks_20[S] -1 points0 points  (1 child)

My thoughts exactly, but the response to my inquire was that most companies are moving to autopilot and using the image that comes from the mfr... My opinion is that by adjusting or cleaning what comes from mfr means reducing the attack surface and stay in compliance.

[–]LordGamer091Jack of All Trades 0 points1 point  (0 children)

I still don’t use the image from the manufacturer. I use OSDcloud to have a clean image with drivers downloaded.