I decided to write this post about Windows servicing based on many conversations I have with organisations of all kinds. Servicing of Microsoft Windows in many cases has been overlooked after that initial upgrade from earlier versions. Whilst many have engaged into the concept of servicing, many haven’t so I wanted to put an analogy across to help people figure out where this needs to sit in their often changing priority list. I’m not intending this to be a deep technical post, it’s not intended to patronise or lecture and it’s certainly not a sales pitch. It’s just here as a conversation, education and reference piece to help people get the concept or explain it to others.

The Car Analogy

I’m using a car as an analogy here as many people can relate – your Windows operating system (OS) is the vehicle. That’s true in various senses of the word as the OS can be seen as the vehicle to get you to where you need to go – applications, just as a car is the vehicle to take you where you need to go. Also, cars often have extras like advanced entertainment, electric windows, heated seats etc, I suppose we can align these as the features and tools in Windows. Stick with me, I’m sure you’ll start to get the picture.

Getting the car on the road – Provisioning Microsoft Windows

When we get a car, we have options on how we might obtain it. Maybe you hire, take a payment plan, take a loan or pay in full. However you do this may influence how you manage the running of it later in it’s life. I’ve heard of car sales where you ‘just pay for fuel’ and all the rest is covered as part of a contract, you just fill it up and drive it – this relates really well with something like Microsoft Managed Desktop where you need to worry less about the maintenance and just charge and use the device.

Maybe you consider yourself an enthusiast. You’re into modifying your car and hanging fluffy dice from the mirror – it’s more time and costs more money but you’ll get it exactly as you like it. To do this you’re likely going to buy the vehicle through loans or cash as the terms of a lease or payment plan usually state you can’t modify it. You can effectively do what you want with it as it’s yours. In turn you can also custom build Microsoft Windows if you like with ‘imaging’ or a detailed Configuration Manager or MDT task sequence, it’s more involved and will take more time and effort (probably – subjective) than other options but you’ll get it exactly as you like it.

There’s also somewhere in the middle, in the UK at least most new cars are purchased on a finance plan where you pay some cash up front choose your options and then you pay monthly. The terms of those agreements usually state you must service the vehicle to their requirements to keep it healthy before you give it back after a certain period where it will be re-sold. In Microsoft Windows terms I like to think of this as Windows Autopilot, you need to put some amount of effort up front choose your apps and settings and then just manage the thing each month. At the end of its life with you, the laptop is reset and someone else may take ownership of it or it’s recycled.

As you can see, depending on how we provision the device it can have some amount of influence on how we might maintain it throughout its life. You can manage every detail yourself if you want, you can set and forget or you can get someone else to deal with it.

Vehicle Maintenance – Updating Microsoft Windows

Now, if we drive a car it’s generally assumed and accepted that you need to service it every once in a while. I say that, you don’t have to service the vehicle but you generally understand and accept the risk or consequence if you don’t, you’re likely to end up by the side of the road awaiting recovery or stuck on your driveway on a cold winter morning. I don’t see your Windows PC as any different and I don’t believe you should either. You don’t have to patch it, but we all know you should else you’re a fairly likely to end up in a pretty bad place and your users won’t thank you for it, I can assure you of that.

So, back to the car. Some people service their car when the notification pops up on the dash, some people do it once a year, some people do it every 6 months. Your provisioning process may dictate this but if you own the car it’s all on you to decide when to service it and indeed what kind of service you do. You may also want to get a few other things done at the same time – A/C re-gas, top up the tyre pressure, oil check, change the brakes etc. You never know, the main dealer might even light up a few new features with a software update. You can take it to the main dealer as part of your service plan, you could take it to a local mechanic to service it, or you can do it yourself if you have the skills and tools – it’s up to you.

Put this in the context of the Windows OS – it’s up to you how often you maintain it, but this also might depend on how you provisioned it. You can do it every 6 months if you can manage or afford the effort of that frequency, once a year if you want to keep things fairly up to date, once in a while because Microsoft are hounding you with reminders that you’re dropping out of support OR simply never and you drop out of support. You can get a managed services provider to update it, you can get a consultant in to do it or you can do it yourself – it’s up to you.

Similarities?

Hopefully you’re starting to see the similarities. If I’m teaching you to suck eggs here – great you get it and feel free to leave :). If this is a penny drop moment – also great, you’re my audience for this post.
If you don’t service your car, in plain terms it’s highly likely to break. It’ll save you money for a while but it’ll cost you in the end. You’re confined to public transport or private taxi/cab, you might have to explain that to your family and you might have to explain it to your boss. So, on the whole people service their car and we just accept and do it.

If you don’t service your Windows computer, in plain terms it’s likely to give someone a headache sooner or later. It might be you, it might be the end user but if you ignore it it’s going to bite back at some point. You’re then faced with rebuilding machines, buying new machines, using personal devices and you might have to explain that your end user, you might have to explain that your boss, you might have to explain that to your customers. See the theme here? I don’t want to scaremonger anyone, this is based on repetitive experience. So, PLEASE service your operating system.

Windows 10 servicing – BAU process

As with the car analogy – we have options on how we service it, we also have options on how we service Windows. At the end of the day it just needs doing. I’m not intending to lecture, just educate as I frequently see people not priortising this or handling it well. The reasons can be complex and I’ll be the first to admit the experience (at the time of writing) is not as slick as we’d like it to be but there are means and ways of making this happen.

If you’re using Microsoft Endpoint Manager with your Windows operating systems you’ve got options.

Microsoft Intune updates/Windows Update for Business

If you want straight forward servicing of your devices, this offers a reasonably simple option. Set yourself an update ring, assign it, test it, assign it more widely, repeat.

Go here to explore this one – http://aka.ms/memac
Configuration Manager Servicing Plans

Again, if you want some simplicity but you’re using Configuration Manager as your go to tool then servicing plans are an option for you. It’s much like an automatic deployment rule. Configure it, deploy it, test, deploy wider, repeat. You’re also treated to some nice dashboarding too.

Configuration Manager In-place Upgrades

If you need to get more involved with the detail of the upgrades, stopping apps/services/security etc then this option gives us the functions of a task sequence to implement customisation. This one takes more effort and requires thorough testing, but you can make it whatever you want. It can also be kept simple if required though. Also note that if you’re using Desktop Analytics or thinking about doing, at the time of writing this ties into a task sequence only and does not link up to a servicing plan. Food for thought.

If you don’t have Endpoint Manager at all then you’ve either got another non-Microsoft tool or you have to go find a way to do this with what you have. Firstly, I’d encourage you to go check out the Microsoft tools and indeed your licensing. There’s lots of licensing permutations and you may find you have access to one of them. If not then you do have WSUS to provide you with a level of control and monitoring, failing that you can of course just enable automatic updates on your devices.

Windows Server Update Services (WSUS)

WSUS has been around for what feels like an age, but it’s still very widely used and can be considered the de facto standard for updates used by most organisations. If you’re using WSUS you simply need to ensure you have Upgrades selected as a classification and also Windows 10 as a product. Note however that 1903 has it’s own classification and must also be selected for 1909.

If you’re doing this, it’s another simple option which is fairly hands off. You take the feature updates just like a standard quality (monthly) update.

More info on this one here – https://docs.microsoft.com/en-us/mem/configmgr/sum/get-started/configure-classifications-and-products#configuring-products-for-versions-of-windows-10

Process

If you’re managing a fleet of cars, of course you need a process to keep them serviced and that may well include relying on notifications from the vehicle itself or a series of reminders to the drivers. Some will need to take it into a garage, some will need a collect and drop off service, some will require additional nudging or deadlines to get it done. This kind of concept also transfers well into Windows 10. Whichever way you’re going to do this you need to try and develop a good process that works for your organisation. One schedule or one upgrade method doesn’t suit all scenarios. You might even find more than one works best for you in different parts of your organisation. I highly recommend phasing your updates out there for many reasons.

• Phase for distribution of content, if you’re using peer to peer technology you’ll benefit from one machine having taken the payload into their cache early
• Phase for testing, you don’t want to hit 1000’s of machine with an update that takes out a critical application
• Phase for time zones, you may need to align data transfer with other ime zones
• Phase for lower failure rates, if you get an issue you can stop the cycle before hitting the rest of the environment

Work out a process that fits your organisation and layer that in with communication and notifications to users. Communication might come in the way of emails, teams messages, intranet banners or a good old fashioned phone call. Notifications are similar, there’s also a good few free community tools out there that can give you toast notifications to devices too. Whichever way you do it, do not underestimate this step. If you can provide a nice or even just tolerable experience then end users may well engage the next time around. If you find a good garage to service your car, you’re likely to go back right? Maybe you liked the collection service or you trust the quality, make that transfer into your deployments.

Once you have that process defined and refined, run with it and keep going. Remember the whole concept of Windows as a Service is that you integrate into regular business as usual process to the point that it becomes normal. That’s the ideal and it’s certainly obtainable with some effort and maybe the odd change or compromise to make the process work for the greater good.

——–

That’s it. Coming back to the first paragraph “I’m not intending this to be a deep technical post, it’s not intended to patronise or lecture and it’s certainly not a sales pitch. It’s just here as a conversation, education and reference piece to help people get the concept or explain it to others.”
Hopefully that’s helpful to someone either for your own education or to show to someone else whether it be your boss, your customer or your users. As always, if you have any feedback let me know.

/Peter