by Eric Goodman
While the days of Service Packs may be gone, Windows does still need to be upgraded on a regular basis. Microsoft has certainly made the job much easier for IT administrators but there are still some important methodologies to discuss and decisions to make. Understanding the concepts around Windows lifecycle management will help you and your organization maintain an up-to-date and secure desktop environment.
Spring Forward or Fall Back: Windows feature updates release schedule
Windows 10 feature updates are released twice per year, typically in March and September. For Enterprise customers, Microsoft supports the spring release for 18 months and supports the fall release for 30 months.
Windows 10 releases are named use the date format YYMM. So, the September 2018 fall release is called Windows 10 1809. The March 2019 spring release is called Windows 10 1903.
(Table courtesy of the Microsoft Lifecycle Fact Sheet)
You first need to decide which cadence you would like to follow. Is your organization willing to adopt the spring Windows releases and potentially upgrade more frequently? From start to finish, a typical Windows feature update can take 3-4 months to fully test, pilot and deploy to production. With 18 months of servicing for the Spring release, you must upgrade once a year to maintain support. Alternatively, you have more wiggle room with the fall release’s 30-month servicing cadence, which grants up to two years before you absolutely must upgrade.
Whether fall or spring, Microsoft adds new and shiny features to every version of Windows. You certainly don’t have to stick to a single cadence once you’ve adopted it. For example, if you just rolled out Windows 10 1803 but want to take advantage of a feature added to 1809, you can deploy 1809 without any issues.
Due to the ever-changing landscape of Windows and its cloud components, we recommend upgrading Windows at least once a year using the fall releases. Adopting the fall release and upgrading yearly gives you the best of both worlds. Your organization can leverage the new features of the latest Windows versions while maintaining the flexibility of a longer servicing lifecycle.
(More Windows version numbers and release information)
Servicing or Sequencing?
Using Configuration Manager, you have two choices in how you want to deploy the latest builds of Windows 10 – servicing plans or task sequences.
Microsoft would likely prefer that everyone use servicing plans. They’ve spent a great deal of effort developing dashboards and automation to help aid in the rollout of Windows builds.
(An example of the Windows 10 servicing dashboard in the Configuration Manager console)
The initial setup of a servicing plan may seem slightly daunting at first – including the configuration of deployment rings and servicing channels. But Microsoft is encouraging a “set it and forget it” approach that treats these rollouts less like the major OS releases of yesteryear. Instead, it is more like a routine security update that takes 30-45 minutes to install.
Under the hood, these servicing plans aren’t much more than a customized Automatic Deployment Rule (or ADR), which is something Config Manager admins should be intimately familiar with. However, while this approach may excel in automation, it lacks in the ability to customize.
This brings us to the second way of upgrading Windows using Config Manager: using a task sequence. Anyone familiar with SCCM should be familiar with a task sequence and the power it brings. A task sequence allows you to add any number of customizations that can occur before, during and after the actual Windows upgrade. SCCM even has a wizard that will generate an upgrade task sequence with suggested steps and groups for you.
(In this example task sequence, we are not only upgrading to Windows 10 1903, but also updating Office 365)
A task sequence can be useful if you want to remove certain applications that may be incompatible with the new version of Windows. You could also upgrade drivers or add additional applications along with the upgrade. However, take care not to make the task sequence too bloated. The more complexity you add, the more variables you are adding to the equation. That means more could go wrong and require troubleshooting. Not to mention, it will take an increased length of time to complete.
We prefer to use the task sequence approach and have seen the most success using that method. The task sequence might just delete one file that could interfere with the upgrade. However, the flexibility and more granular control is favorable over servicing plans.
How can the cloud help?
This last item isn’t so much of an either-or decision, but a recommendation. Microsoft has developed a cloud service called Desktop Analytics. This is the successor to their previous offering, Windows Analytics. Desktop Analytics gives you more information about the devices in your organization. It also lets you know whether they are ready to upgrade to the next version of Windows. This information can be used when upgrading from one edition of Windows 10 to another, or from Windows 7 to Windows 10. Desktop Analytics combines the data gathered from your on-premise SCCM infrastructure with other Microsoft cloud-connected devices. This can give you useful insights when preparing upgrades. Desktop Analytics is currently available as a preview service.
(The Desktop Analytics home screen displays the overall security of your devices)
You can also create a deployment plan for the rollout of a new Windows version. This deployment plan contains a dashboard where you can track your overall progress and identify the importance of installed apps in your organization.
(Sample deployment plan using Desktop Analytics)
Using the inventory data gathered by SCCM, Desktop Analytics will recommend the best machines to use in a pilot group based on the number of apps that they have installed. Machines that have the widest coverage of apps that you have labeled as important will be added to the pilot group so that those apps can be fully tested prior to rollout.
Desktop Analytics is a new offering from Microsoft, and they will no doubt be adding additional functionality soon. Best of all is that this service does not incur any additional cost beyond the existing operating system license subscriptions. It is relatively simple to configure in SCCM and provides a great benefit to your Windows upgrades.
iVision has a detailed and proven project plan that can help you manage your Windows feature updates with ease. Our engineers have a deep knowledge of Windows 10 and Configuration Manager and will ensure that you never have to stress over your upgrades again.