Jump to content


Sign in to follow this  
anyweb

Deploying Windows 10 in the enterprise using traditional and modern techniques, my notes from the Ignite session

Recommended Posts

Introduction

Yesterday I was stuck in my hotel room with a terrible cold (flu) but I motivated myself to get out of bed and attend some sessions today, as that is what Microsoft Ignite is all about.

I just attended the following session at Ignite: “BRK3018 – Deploying Windows 10 in the enterprise using traditional and modern techniques”, and wanted to share my rough notes.

The session was led by these 2 clever guys from Microsoft.

Pre-Windows 10 servicing problems

Here John discussed the current challenges customers have with servicing Windows 7 or Windows 8, operating systems that are pre-Windows 10. Those operating systems have Individual servicing problems, expensive custom deployment and auditing. Which can result in:

Reduced quality, users not running what Microsoft have tested, no consistency in ecosystem.

Windows as a Service (WAAS)

Windows as a service, is composed of two main types of updates, quality updates (such as security updates, cumulative updates) and feature updates (whch are full blown new Windows releases that come out twice a year).

Windows 10 gets better with each release, things like WIP, AppLocker and so on

clear-improvements-with-each-windows-10-

With enhanced security, more tools for IT and end user productivity features. Change management is key.

service-lifecycle-management-1024x574.pn

Modern Desktop Servicing Framework, this Servicing framework is the same across Office and Windows.

service-ready-enterprise.png

In-place upgrade (IPU) is the recommended method (recommended over wipe and load) of upgrading to Windows 10 (either from Windows 7, Windows 8 or Windows 10 previous versions), updating documentation with common tasks.

modern-desktop-servicing.png

See the Microsoft docs about IPU here.

WDS-less PXE

  • Available in SCCM 1806.
  • Network booting no longer requires Windows Deployment Services (WDS)
  • Windows Client SKU can now host the PXE enabled DP role
  • Removes the need for unnecessary branch infrastructure.

Roadmap

Windows 10 1809 support (and that’s still not released yet on Microsoft VLSC as of 2018/9/26).

Full Cloud Management gateway support for OSD scenarios

  • download on demand
  • boot media

Continued Security Improvements

  • Network Access Account reduction

Simplification

  • Image Management
  • Driver Management
  • Management insights rules

A look at some new features,  a lot of these features were the result of user voice items.

Offline servicing drive letter check,

This allows you to force offline servicing to take place on a specific drive, this is useful as previously it would use your temp folder based on your login profile.

The Phased deployment model

The phased deployment model can be used as a red button/green button rollout with automatic or manual control of when deployments (osd/software updates) can roll out to say pilot collections of devices, and later, to production, you gauge the percentage of what you consider a successful deployment prior to rolling it out to phase 2.

Boundary groups and content
Inherent fallback to default boundary group, can be overridden. Doesn’t fallback for say, vpn clients, can specify cloud distribution points’s as associated

Multiple peer 2 peer options

peer-to-peer-options.png

Added support for Windows LedBat, you can enable it on the Distribution point properties

bandwidth-control-with-windows-ledbat.pn

Improvements to the Quality update download size, starting with baselines based on Windows 10 version 1809, no change needed in Configmgr.

quality-update-download-size.png

Feature update delivery, large download size to the pc.

With the Unified Update Platform, get’s to the latest update in one step, in other words, you update the feature update, and instead of then updating to another new quality update, that you are patched and ready to go in one step, Microsoft will be announcing a public preview for that coming soon with Configmr and WSUS.

feature-update-delivery.png

Windows Autopilot

Announced at Microsoft Ignite last year (2017), helps customers moving to modern management.

Windows AutoPilot Scenarios.

windows-autopilot-scenarios.png
Hyrbid azure ad join, starting in 1809, can be hybrid azure ad joined (enrolled into Intune and device joined to on premise AD).

Also announced Windows Autopilot for existing devices…

Use Intune to create dynamic groups for those autopilot devices.

Can pre-assign users to devices, in the Intune console you find the device (in Windows Enrollment, Windows AutoPilot devices), click assign user,

assign-user-1024x370.pngWhen they go through autopilot they wont be prompted for the email address, instead they’ll get a custom welcome and a more personalized login.

Windows Autopilot and ConfigMgr

Autopilot task sequence, supported starting with windows 10 1809

AutoPilot-Task-Sequence.png
Create a package with the JSON file which was created using the Powershell cmdlets

powershell-cmdlets-1024x241.pngThen create the autopilot task sequence, add the package, provisioning the device using the task sequence

that’s it from me, until next time, adios.

Share this post


Link to post
Share on other sites


Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...