Windows Servicing Model

Copper Contributor

In a large corporate environment, do you believe it is advisable to update the workstations drivers and bios before updating to new version of Windows 10?  ie 1803 to 1909

5 Replies
There are a bunch of drivers from different vendors which can't be updated prior to the new version of Windows going onto the machine.. one option is a Task Sequence to pre-cache the drivers, then use the oobe.ini to run the installers for them after the update applies. Downside is it makes the update stay on 100% complete while this happens, so bit of a UX disconnect for users. You could also deploy the drivers individually / a task sequence to machines which have got the update - or use a baseline to enforce them.

In terms of security stance, it's a good idea to keep things like BIOS and drivers up to date - but from a continuous delivery / modern desktop management perspective it's a really good idea to split them out from the OS upgrades, and manage them more frequently. 

 

@John_Dahl how are you rolling out feature updates? If you really need to install a driver during the feature update, you can use setup's /InstallDrivers command line option. Point it to a local path or UNC, and setup will go through the folders, look for the INF, and install the driver(s). It also works with setupconfig.ini.

 

That said, consider a general workflow to keep drivers current separate, before running setup. For the source OS, this will increase the likelihood that you don’t hit a setup block due to a driver. You can use the same workflow on the new OS, perhaps very soon after setup completes. 

@John_Dahl 

Hey John, I'm in the camp where you'd want to update your Firmware before an upgrade. (But on average, keeping your environment constantly updated.  Ideally not coupled with the upgrade itself, but sometime before the upgrade.

You'd slip in the vendor tested driver pack during IPU

We're planning to leverage Setup Based Drivers during the upgrade as well, but it would be a "Sub Task Sequence" that we'd also be able to update and level set drivers whenever we need (Security Vulnerabilities, Stability issues, etc).  We'd use this same "Module" to apply these setup based driver installers in OSD, IPU and Live Production machines.  Goal is to have entire environment always consistent, patched, and stable.

Of course, this all goes with extensive testing on each platform before deployment.

It depends sometimes you will need to install new driver because for out of date drivers they might cause issue after upgrade.
In general, if it is possible, it is advisable to test this with few devices and then do massive upgrade.
However, when you deploy driver updates first, don't do upgrade and wait and test and monitor devices for few weeks before performing upgrade so you don't get confuse whether driver is causing error or is it an error with new upgrade.