One of the biggest complexities in desktop management is the fact that no organization has a single desktop configuration and need. Sure, some organizations strive for that by buying the same hardware and by locking down the desktop configuration – but the fact is that some users continue to have unique needs. Some users dial (or VPN) in more than they connect to the corporate LAN. Some users need different applications, and some need the same applications configured somewhat differently. And, inevitably, differences in hardware start to creep in: Desktops and laptops, newer computer models when the manufacturer discontinued the old one, newer versions of Windows, Office, and other key applications.
These differences can start out seeming minor, and many organizations will attempt to tackle them using native tools like Group Policy, or by using home-built solutions like logon scripts. But those approaches tend to get increasingly complex over time, with more and more “conditions” to determine which computers and which users get which specific configurations, software, and other managed elements.
There should be a better way.