Some Windows 10 Management Tools Are Tardy
Businesses that plan on immediate adoption may want to wait a bit.
The Windows 10 rollout is in full swing, but for businesses, key elements of managing the new operating system have yet to be released.
Microsoft released updates to its latest System Center Configuration Manager products that will enable Windows 10 operating system deployments, but a few Windows 10 tools are still lagging.
For instance, still to come is a final version of the Microsoft Deployment Toolkit (MDT) 2013 Update 1 solution that can work with Windows 10 deployments. MDT is an optional tool for use with System Center Configuration Manager, but it includes Microsoft's best practices guidance for OS deployments. Microsoft has promised that MDT 2013 Update 1 will get released sometime this month.
The Windows Assessment and Deployment Kit (ADK) for Windows 10 is currently available (see link at bottom of this page). Windows ADK represents the motherlode of Microsoft's free tools for IT pros managing large environments. It contains things like the Deployment Image Servicing and Management (DISM) solution and the Windows Preinstallation Environment for booting devices, as well as the Application Compatibility Toolkit, among others.
Microsoft recommends uninstalling ADK for Windows 8.1 first before installing ADK for Windows 10. However, adding the new ADK tool comes with caveats, such as this one, along with advice disclaimers from Microsoft.
Microsoft's line of free Windows 10 deployment tools are more fully described at this page.
Configuration Manager Update
Cumulative Update 1 (CU1) was released today for System Center 2012 R2 Configuration Service Pack 1 and System Center 2012 Configuration Manager Service Pack 2, which are Microsoft's current flagship desktop deployment and management solutions. Among the benefits of CU1 is the ability to deploy drivers for Windows 10 deployments without getting errors, Microsoft announced today. IT pros can use the updated Configuration Manager solutions to create Windows PE boot images or do "in-place upgrades."
Microsoft officials have generally touted in-place upgrades from Windows 7 and Windows 8/8.1 as the preferred route to go. This point was elucidated by Aziz El Ouaqid of the Windows deployment engineering team during a May Ignite talk. He explained that wipe and load is still an option for IT pros, but Microsoft has tested and recommends in-place upgrades for Windows 10. For the first time, these in-place upgrades will permit rollbacks to the previous OS, he said, and they will preserve the client settings and apps (see slide).
Microsoft also fixed some specific Configuration Manager scenarios with CU1. It fixed problems with reinstalled clients, problems associated with software distributions, operating system deployment issues, a Reporting Services role problem associated with SQL Server upgrades, a problem with Site Servers showing excessive disk use, a Microsoft Intune subscription failure problem, and a failure associated with non-compliant apps and devices reports, among many other details, which are listed here.
CU1 also adds support for the Debian 8 Linux operating system and it includes an antimalware update to System Center Endpoint Protection.
Perhaps, most importantly, CU1 provides a means for automatically updating the Configuration Manager client. Once enabled through an option screen, this automatic update feature will put the most recent client patch "on the site server." It will update the content on "the distribution points for this site and any child sites" and it will update "the client package on the Management Point of the local site," according to a blog post by Brian Huneycutt, a software engineer for Enterprise Client and Mobility at Microsoft. He described automatic updates as a "top requested" feature for Configuration Manager.
Some other tools aren't quite ready for Windows 10 yet, Microsoft announced today. The Enhanced Mitigation Experience Toolkit (EMET) 5.2 solution doesn't yet support Windows 10. EMET is a security tool designed to ward off common exploit techniques and it has protections for Internet Explorer. However, right now EMET causes IE on Windows 10 to not start. Microsoft is promising that the next release of EMET will support Windows 10, but didn't indicate when it would be available.
At least one tool in the current Microsoft Desktop Optimization Pack doesn't support Windows 10 yet. The current User Experience Virtualization (UE-V) 2.1 tool doesn't support Windows 10, but Microsoft is promising that the next release will have it. UE-V is a tool for enabling the same user experiences and application settings to roam across devices.
Update 8/5: A Microsoft spokesperson today clarified that "updated versions of the MDOP products, adding support for Windows 10, will be available later this month."
While Windows 10 was released on July 29, IT pros might just spend the time right now testing the new OS rather than rolling it out, according to expert advice. Stephen Kleynhans, vice president for the Mobile and Client Computing Group at Gartner Inc., recently made that suggestion. He said that the Windows 10 ecosystem will start coming together more toward the early part of next year.
A Redmondmag.com reader has asked about Windows Update for Business, which Gartner has described as a management tool associated with the current branch for business Windows 10 update model. I've reached out to Microsoft to clarify its availability or not and will update if I get a response.
Update 8/5: It's not clear if Windows Update for Business was commercially released. It was described by Microsoft in May as a free management "service" for Windows 10 Pro and Enterprise edition users only, and it was said then to be available for testing by Windows Insider users. A statement today from the Microsoft spokesperson indicated only that Windows Update for Business will be available this "summer" when Windows 10 is released.
Windows Update for Business will have the following capabilities, according to the spokesperson:
- Distribution rings, where the IT pro can specify which machines go first in an update wave, and which ones will come later (to ensure any quality kinks are worked out).
- Maintenance windows, where the IT pro can specify the critical timeframes when updates should and should not occur.
- Peer to peer delivery, which IT can enable to make delivery of patches to branch offices and remote sites with limited bandwidth very efficient.
- Integration with your existing tools like System Center and the Enterprise Mobility Suite -- so that these tools can continue to be that "single pane of glass" for all of your systems management.
Additionally, Microsoft clarified today that Windows Server Update Services (WSUS), a Microsoft patching tool typically used for large deployments, is being updated this month along with System Center to "to ensure compatibility with Windows 10." It will be possible to use WSUS to manage Windows 10 devices "on Current Branch, Current Branch for Business and Long Term Servicing branches," the spokesperson added.
Media Creation Tool
Microsoft has a free media creation tool to more easily make Windows 10 ISOs. However, it doesn't support the Enterprise edition of Windows 10. Here's Microsoft’s explanation:
The media creation tool only supports Windows 10 Home and Windows 10 Pro editions. Both the Windows 10 Enterprise and Windows 10 Education edition have access to create media tools via the Volume Licensing Service Center (VLSC), where an IT administrator can download the needed ISOs themselves and manually create media. The media creation tool is primarily for end users who may not know how to create media themselves.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.