|Microsoft Deployment Toolkit
Integration with Security Compliance Manager Templates
MDT allows you to apply security and compliance configuration templates to the operating system as a part of the deployment process. The security and compliance configuration templates are exported from the SCM to a Group Policy object (GPO) pack that MDT can use.
This feature is provided by including the Apply Local GPO Package task sequence step, which is included in the appropriate MDT task sequence templates. The Apply Local GPO Package task sequence step runs the ZTIApplyGPOPack.wsf script, which is responsible for applying the GPO packs to the target computer.
The appropriate GPO pack is selected based on the operating system being deployed. MDT includes GPO packs for the following operating systems:
· Windows 7 with SP1
· Windows Server 2008 R2 with SP1
· Windows Server 2008 with SP2
· Windows Vista with SP2
Note SCM does not include security and compliance configuration templates for the Windows 8 or Windows Server 2012 operating systems.
You can create GPO packs that are customized for your organization using the SCM. You can add new GPO packs to support operating system updates as they become available using the SCM, as well.
For more information about this new feature, see the section, Applying Group Policy Object Packs, in the MDT document Using the Microsoft Deployment Toolkit.