Date post: | 14-Feb-2018 |
Category: |
Documents |
Upload: | trinhkhuong |
View: | 240 times |
Download: | 5 times |
How to migrate to Windows 10Migration methods and lessons learned
Who am I?David Biot
Competence Center Lead IT Lifecycle Management
> 7 years of experience with client and server management
@davidbiot
www.linkedin.com/in/davidbiot
Agenda
Prepare Deploy
Manage Adopt
Prepare
Be ConvincedSegment Users by Branch
HW Compatibility
Application Compatibility
Be Convinced
Windows 10
ConvergedOS kernel
Convergedapp model
Be Convinced - One Converged Windows Platform
How scared of Windows-as-a-Service are you?
Nothing can scare me
I have faith in Microsoft’s approach, but I still need some
convincing
I want to believe in it, but I don’t see it (yet)
Microsoft can’t tell me what to do: This is why I won’t upgrade!
Business targeted release
Current Branch for Business
Consumer targeted release
Public GA release
Current Branch
Windows Insiders“Slow ring”
Preview Release
Customer EarlyAccess
Windows Insider“Fast ring”
Preview Release
Customer Early Access
Dogfood Release
Broad Internal Validation
*Conceptual illustration only
Qu
alit
y &
Val
ue*
Time
Engineering Builds
Business targeted release
Segment Users by Branch
1.000.000
10.000100.000
100.000.000+
Bulk of corporate
devices
Broad Corporate Systems
Current Branch for Business
Ring 2
Limited Corporate Systems
Current Branch for Business
Ring 1
IT ProIT Dev
Early AdoptersChange Agents
Current Branch for Business
Ring 0
IT ProIT Dev
Primary PC
CurrentBranch
Segment Users by Branch
Lab SystemsIT ProIT Dev2nd PC
WindowsInsider
Preview Branch
100%
4 Months(minimum)
8 Months(minimum)
12 month deployment (minimum)
Develop TestUser Acceptance
TestingPre-
ProductionProduction
Segment Users by BranchBranch Ring Opt Out Deferral % of devices
WIP N/A User N/A <1
CB N/A Admin Move to CBB 10
CBB 0 E.g. 2 months 45
1 E.g. 4 months 30
2 E.g. 6 months 15
0
20
40
60
80
100
WIP Current Branch CBB 0 CBB 1 CBB 2
% Devices Upgraded
Segment Users by Branch – Hopping Branches
Preview CB CBB LTSB
Preview In-place upgradeDowngrade –
Reinstall WindowsDowngrade –
Reinstall Windows
Downgrade –
Reinstall Windows
CBIn-place upgrade In-place upgrade Downgrade –
Reinstall Windows
Downgrade –
Reinstall Windows
CBBIn-place upgrade
In-place upgradeIn-place upgrade Downgrade –
Reinstall Windows
LTSB In-place upgrade In-place upgrade In-place upgrade In-place upgrade
Current
HW CompatibilityRequirements have not changed since Windows Vista (2007)!
1 gigahertz (GHz) or faster processor or SoC
1 gigabyte (GB) for 32-bit or 2 GB for 64-bit
16 GB for 32-bit OS 20 GB for 64-bit OS
DirectX 9 or later with WDDM 1.0 driver
800 x 600
HW Compatibility
Some special requests
Feature Component
Speech recognitionHigh fidelity microphone arrayHardware driver with microphone array geometry exposed
Windows HelloIlluminated infrared camera for facial recognitionFinger print reader which supports the Window Biometric Framework
Secure BootUEFI v2.3.1 Errata B and has the Microsoft Windows Certification Authority in the UEFI signature database
Bitlocker Trusted Platform Module (TPM) 1.2, TPM 2.0 or a USB flash drive
Client Hyper-V64-bit system with second level address translation (SLAT) with 2 GB additional RAM
Device encryption InstantGo and TPM 2.0
Application Compatibility – Windows Applications
=> Remember your branches!
Have you already migrated to IE11?
Application Compatibility – Web Applications
12
Jan
uar
y 2
01
6
Application Compatibility – Web Applications
Enterprise
Mode
Collection
Point
Pilot Users
Enterprise
Mode
Site List
IE8
, IE9
, IE1
0, I
E11
Inte
rnet
Exp
lore
r 1
1
All Users
Collection
Point Site Discovery
XML
Enterprise Site Discovery Toolkit
Enterprise Mode
Web Applications
& Websites
Web Applications
& Websites
Bulk Import
Administrator
Review /
ModificationTest
&
Deploy
Prepare
Be ConvincedSegment Users by Branch
HW Compatibility
Application Compatibility
Deploy
Architecture EditionImage
StrategyDeployment
Strategies
Architecture
Advantages Disadvantages
64-bit Operating System
(Recommended)
32-bit Operating System
Edition – Enterprise Features
Direct AccessWindows To Go Creator
AppLocker BranchCache
Start Screen Control with Group Policy
Advanced Granuar UX
Control
Credential Guard
Device Guard
Long Term Servicing Branch
Disable Windows
Store
Are you going forProfessional or Enterprise
Image Strategy
LOB used by Some Employees
LOB used by All Employees
Common Productivity Apps
Common Frameworks
OS updates
OS
Application lifecycle
Speed
Imaging - tools
The usual suspects
SCCM Microsoft Deployment Toolkit
(CB preferred) (2013 Update 2)
Deployment Strategies
Let Windows do the work
1. Preserve data, settings, apps, drivers
2. Install (standard) OS image3. Restore everything
In-Place Upgrade
New capability for new devices
Transform into an enterprise device
Remove existing itemsAdd organizational appsAdd organizational configuration
Provisioning
Familiar enterprise process for all scenarios
1. Capture Data / Settings2. Deploy (custom) OS image3. Inject Drivers4. Install Apps5. Restore Data / Settings
Wipe & Load
Windows 7 Windows 8 Windows 8.1 Windows 8.1 Update
Complexity User Experience Helpdesk Setup IR
80% FTE 1 Year 95% FTE 8 Months 95% FTE 3 Months 95% FTE 5 Weeks
Microsoft Internal OS Client Migration Figures
Architecture (x86 x64) Base OS language Domain Local Administrators Configuration drift Moving from XP or Vista Custom base image
BIOS UEFI Disk partitioning WinPE Offline Operation 3rd party disk encryption*
Bulk app change
New Device
Existing Device
Deployment Strategies – In Place or Wipe & Reload?
In-Place Upgrade process - The Four Primary Phases
Down-level
Running Win7, 8, 8.1, 10
Check the system
Inventory Applications
Inventory Drivers
Assess compatibility
Prepare WinRE
Minimalist OS
Both new & old are offline
Backup down-level OS
Lay down new OS
Prepare new OS
Inject drivers
Some Migration
Windows PE
Binding the new yoke
Specialize to the machine
Install drivers
Migrate Apps
More Migration
1st boot to new OS
Finalize Upgrade
Welcome the user back
OOBE (skip if Win10 to another)
2nd boot to new OS1 2 3 4
Ready Set Go Welcome to Windows
Wipe & Load Overview
Capture data and settings
Remove existing
OS
Install new OS image
Install apps
Restore data and settings
Familiar to enterprises
Out of the box support with Windows 7, Windows 8, and Windows 8.1
Customized approach required to move from Windows XP/Vista to Windows 10
Use System Center Configuration Manager or MDT for managing the process – requires update
Administrator to configure preservation of existing apps, settings, and drivers
Minimal changes to existing process
Start Windows 7Windows 8
Windows 8.1
FinishWindows 10
Wipe & Load (Refresh) Process
Provisioning
Using media, USB tethering, or even e-mail for manual distribution
Automatically triggered through the cloud or connection to a corporate network
Leverage NFC or QR codes
Flexible Methods
Enable the Enterprise SKU
Install apps and enterprise configuration
Enroll the device to be managed via MDM
Transform a Device
Remove existing items
Add corporate
apps
Add corporate
configProvisioning
Process
Start Windows 10
FinishWindows
10
Enable Enterprise
SKU
Provisioning Package
Deploy
Architecture EditionImage
StrategyDeployment
Strategies
Have you synched your users to Azure AD?
Management Choices
Basic
Traditional
Mobile Device Management
Lightweight Full Control
Update Approach
System Center Configuration ManagerMicrosoft Desktop Optimization Pack (MDOP)
Server Software
Active DirectoryGroup PolicyWindows Server Update Services (WSUS)
Windows Server
Windows Management Instrumentation (WMI)Windows Remote Management (WinRM)Windows Update
Group Policy Client
Mobile Device Management (MDM) AgentPowerShellAppLocker
Windows Client
Azure Active DirectoryAzure RMSMicrosoft IntuneWindows StoreWindows Store for Business
Cloud Services
Supporting Technologies
Identity Choices
Computer joins AD to establish trust
User signs on using AD account
Group Policy + System Center
Computer registers with AD or Azure AD via Device Registration to establish trust for remote resource access
User signs in with a Microsoft account, associates an Azure AD account
Microsoft Intune / Mobile Device Management
Computer joins Azure AD to establish trust
User signs on using Azure AD account
Intune/MDM
Settings roaming
Single sign-on to enterprise + cloud-based services
Organization Owned Personally Owned (BYOD)
What kind of training do you want?
ClassroomE-
learnings
Train key users
No training
Adoption Training
Adoption
What can Xylos do for YOU?
Workshop Windows 10
Workplace design
Build ImageDistribute
image
Manage Windows & Applications
User adoption
Consultant Profiles• Workplace Architects• Deployment experts• Packagers• Project Leaders• Learning department• Communication professionals• …