Blog Post

Windows IT Pro Blog
2 MIN READ

Simplifying Windows 10 deployment with Configuration Manager

Mike_Bailey's avatar
Mike_Bailey
Former Employee
Mar 06, 2020

For the past 15 years, organizations have been using Configuration Manager, now part of Microsoft Endpoint Manager, to perform upgrades to new operating systems, and we have seen many organizations use Configuration Manager task sequences to migrate to Windows 10. Configuring a task sequence for operating system deployments requires prior knowledge, research, and several steps to ensure that the correct conditions are met for an upgrade. Configuring and verifying prerequisites, compatibility, and logging can be time consuming—and has a high risk for human error.

Our Microsoft FastTrack team has been doing a lot of work to make this whole process easier. Today, I want to share with you how they have simplified the steps needed to deploy Windows 10 upgrades with Configuration Manager, using the in-place upgrade wizard while making sure devices continue to receive the latest patches and security updates. By removing many of the manual steps within Configuration Manager, this new wizard enables admins to confidently upgrade Windows 7 and Windows 8.1 devices to Windows 10.

The wizard walks you through:

  • Entering specific information about your environment, including the location of the operating system installation files and the location of a file share to store log files.

  • Setting the operating system parameters, such as the Windows edition and architecture and, optionally enabling checks that determine if a device is ready to upgrade, such as an application compatibility assessment, a power source check, a network connection check, or a disk space check.



  • Generating a script that runs on a Configuration Manager server. This script will check for prerequisites, configure logging, and then create the task sequence and operating system upgrade package that contains the settings that were defined in the wizard.
  • Guidance to deploy the task sequence to the devices and begin the upgrade.

To experience this new wizard click here to get started. (Note: you must be a tenant administrator to access the wizard.) If you have any thoughts or comments about the wizard, please let us know below!

 

Updated Mar 06, 2020
Version 2.0
deployment

7 Comments

Sort By
  • Ohan_Nanen's avatar
    Ohan_Nanen
    Former Employee
    Oct 10, 2020

    Roger_Truss The share security check can now be bypassed without aborting the remainder of the script. Great idea about allowing it to be used in remote management scenarios. We'll look into adding this to this and our other Configuration Manager scripts in the future.

  • Roger_Truss's avatar
    Roger_Truss
    Brass Contributor
    Aug 24, 2020

    I also noticed that it won't run from a console other than on the primary site server.  We do not normally log on to any of the servers to manage the environment so maybe a prompt for a site code and server would be better.

  • Ohan_Nanen's avatar
    Ohan_Nanen
    Former Employee
    Aug 20, 2020

    Roger_Truss Thank you for the valuable feedback! We will be removing this check from the script in an upcoming update. Please let us know if you have any other feedback or suggestions for improving this wizard. 

  • Roger_Truss's avatar
    Roger_Truss
    Brass Contributor
    Aug 20, 2020

    The script is also making assumptions about shares and server security that it should not be.  The script just is not able to see the security of the selected share path even though everyone has read/write in perms and on the share.  Even though with the way sccm works it should NOT need that as tasks are run with either the computer system account (our env.) or a named specific user.  I cannot get it to go past this message (

    The share for log folder '\\serverFQDN\deploymentlogs\OSUpgrades' does not allow read/write permission for the Everyone group. Press 'Y' to grant read/write permission to the Everyone group or press 'N' to abort.

    ) and as a result it could be breaking other parts of the script within the start-deployment function .  

     

    #### Error starts here ####

    Start-Deployment : Exception thrown
    At D:\Scripts\Win10Deployment.ps1:437 char:1
    + Start-Deployment
    + ~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Start-Deployment
     
    Start-Deployment : System.Management.Automation.MethodInvocationException: Exception calling "ReadKey" with "0"
    argument(s): "Cannot read keys when either application does not have a console or when console input has been
    redirected from a file. Try Console.Read." ---> System.InvalidOperationException: Cannot read keys when either
    application does not have a console or when console input has been redirected from a file. Try Console.Read.
    at System.Console.ReadKey(Boolean intercept)
    at CallSite.Target(Closure , CallSite , Type )
    --- End of inner exception stack trace ---
    at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception
    exception)
    at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
    at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
    at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
    At D:\Scripts\Win10Deployment.ps1:437 char:1
    + Start-Deployment
    + ~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Start-Deployment
     
    Removing objects created by script
  • gmihailo's avatar
    gmihailo
    Copper Contributor
    Jun 10, 2020

    This is good. But it would be appreciated if more work is done on making Windows 10 servicing more feasible in an on prem environment. Right now I basically create a task sequence to deploy a new version of windows to users because it seems each version of windows comes with unnecessary apps and bloatware that are not suitable for our environments. There needs to be an easy way to control this behaviour via sccm to allow windows 10 servicing to work better.