GUI · OSD · Windows 10

Windows 10 Upgrade GUI – For ConfigMgr\SCCM

Introduction

Three little words can change your life forever.  Whoever said that originally clearly had a time machine because they’d experienced Windows 10 Upgrades.  Microsoft have completely changed the game with Windows 10, providing regular releases that we all need to stay on top of.

This for a home user is simple!  A quick scan to Windows Updates, and we get a whole chunk of information and pretty imagery inviting us in.

But, what about for the Enterprise?

Well, the ConfigMgr\SCCM team have done a superb job of giving us the ability to upgrade machines on mass, fully in our control with both Servicing Plans, and my preferred choice, Upgrade Task Sequences, and these work great!

But, for the end-user, they are left a little in the dark.  They either get a windows update that takes an hour to install, numerous restarts and everything has suddenly changed.  Or they get a task sequence dialog pop-up which to the uninitiated, can be a little daunting and uninformative.

What if instead, we empowered the user?

Make it Shiny

2017-12-07_21-21-09

The idea

  • Make a GUI informative for users, to run whenever they please.
  • Pack it with information and customisation options.
  • Ability to run pre-upgrade Hardware Checks.
  • Ability to attempt remediation steps should Hardware checks fail.
  • Run outside and individual to the Task Sequence.
  • Increase upgrade success rate.

The Process

User Runs GUI > GUI Run Checks > GUI Restarts Machine > Task Sequence Is Run

 

What can it do?

Hardware Checks

The GUI currently has two checks built-in;

  • Hard Disk Space Check (default 20gb)
  • RAM Check (default 2gb)

These checks automatically run, giving the user dialog and information the whole way through.  Should the Hard Disk Space Check fail, then it will move onto remediation.  If the RAM check fails, then it informs the user why and they are left to exit.

These checks are completely pre-tasksequence.  Halting and hopefully averting unnecessary failures before it even gets there.

2017-12-07_21-23-59
Disk Space Check Failed
2017-12-07_21-39-05
RAM Check Failed

Remediation

When the GUI comes here because it’s detected the hard disk is too full, it attempts to remediate the problem by clearing & running;

  • C:\users\*\AppData\Local\Temp\*
  • C:\Windows\Temp\*
  • Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase

For the majority of machines, this will free up a good chunk of space, gb’s at least, and hopefully enough to allow the machine to pass the checks and continue with the upgrade.  If not, they are redirected to a screen to inform them, and to exit the upgrade GUI.

Final-Script \ Reboot

The last stage of the GUI does a few things..

  • Sets a ‘Windows 10 is Upgrading’ lock screen wallpaper (optional)
  • Configures legal text to inform anyone who attempts to logon (optional)
  • Blocks logins for any current users of the machine (optional)
  • Configures the Upgrade to take place at next startup (scheduled task)
  • Restarts the machine after a 60 second countdown

This is all about 2 things, user experience, and success rate.  Up till this point, we’ve given the user full control over their upgrade with this GUI, they’ve chosen to run it and have been informed of whats it’s going to do and how long its going to take.  Now, we’re going to restart the machine to make sure we’re at a fresh boot with no one logged on, no dodgy programs running, completing any pending windows updates, and, we’re going to keep it that way while we run our upgrade.

2017-12-07_21-50-30

Customisations

You can, of course, change the majority of settings and content in this GUI via the main Settings.config file.

Title Bar, Company name & URL, Banner, Title, Main content, Learn More Button URL, Icon are all configurable.

mspaint_2017-12-06_21-47-02

Settings.Config

Two Settings.Config files exist.  These are where you can make your changes.

The first is at the main root which holds all customisation as per above example, and as seen below;

notepad_2017-12-06_21-54-07
True/False – Visible/Hidden – Quotes not required on any except Legal

The second is where you need to specify some details about the task sequence you are using for your upgrade.

This Task Sequence needs to be deployed to the machines (available or required).

You can add up to 10 different ‘AdvertisementID’s’ to the GUI for a single Task Sequence.

vmrc_2017-12-06_22-06-20

Configuring

SCCM Applications

Two applications are provided for you to import; 

 1.  Windows 10 Upgrade GUI

This is the application you need to deploy to users as Available.  This runs the GUI.  It has no content so does not need distributing.  It purely runs the GUI from the local machine.  Its detection is based on a file which will get installed during the Task Sequence (included in the sample).

2.  Windows 10 Upgrade GUI Source Files

This app installs the source files for the GUI onto the target machine, and is a requirement for app 1.  This needs to be distributed, but not individually deployed*.

vmrc_2017-12-07_21-52-29

Task Sequence Steps

We need to run some cleanup actions in the Task Sequence Post Upgrade.  I’ve included a sample Task Sequence which includes these steps.  You will need to add these into your Upgrade Task Sequence.

vmrc_2017-12-07_21-53-19

Final Touches

Desktop Shortcut

Lets really make this easy, and obvious to our users shall we?

Copy the shortcut link from Software Center for the deployed Windows 10 Upgrade GUI, or, as its seen in the catalogue, “Upgrade Windows 10”.

vmrc_2017-12-06_22-20-10

Take this url over to your group policy, and create a desktop shortcut..

This slideshow requires JavaScript.

*You’ll have noticed above I’ve based this targeting on the main executable.  For this to preexist, you must predeploy the SourceFiles application to the machines.

And there we are.. much better;

2017-12-06_23-12-54

Disable Logins

You have the option to specify in the Settings.Config file;

BlockUserLogon=True

If this is True, then the GUI will add all current users of the machine, to a new local group called “Windows10UpgradeDisableLogon”.

Add this group (no domain prefix), to a logical group policy under ‘Deny Log On Locally”.

vmrc_2017-12-07_22-02-06

The outcome of this is as you’d expect, after the machine restarts, any current users of that machine will be unable to log in.

Why?

Back to the whole idea of this.. Improve User Experience and Increase Success Rate.

Is it a good idea to have the upgrade task sequence running whilst the user is logged in doing xyz working around it, moving the progress bar out the way (assuming its open) and then Bang! A completely unexpected reboot.

We can do better can’t we?  Set this.  Make everything better.

You can specify an account with wildcard to not add them to the blocked group.  For instance if all your IT accounts are “EverythingSCCMITLogin1” “EverythingSCCMITLogin2” etc, (bit weird if they do), then you could specify;

ExcludeUser=EverythingSCCMITLogin*

This way, should IT need to login to the computer, they certainly can do.

 

Requirements

  • This has been solely tested on Windows 10 1511 and above.
  • This has 100% been designed for Windows 10 > Windows 10 upgrades.
  • Application must run from C:\Windows\EverythingSCCM\Win10UpgradeGUI

 

Download

Technet Gallery

Changelog

v1.0.5 | 13/12/2017 | Bug fixed with LegalText still applying despite config set to False

v1.0.4 | 11/12/2017 | TS Sample Updated, wrong path in step.

v1.0.3 | 10/12/2017 | Bug fixed with final Upgrade button duplicate clicks.

v1.0.2 | 08/12/2017 | Removed dev variables from Settings.Config

v1.0.1 | 08/12/2017 | Base

 

Thanks

I could not have made this GUI if it wasn’t for Stephen (FoxDeploy) Owen’s superb series on exactly that.  If you’ve not seen his page, or even if you just want to learn how to make these things, go have a read; https://foxdeploy.com

100% of the shininess comes from the b-e-a-utiful Mahapps.Metro theme!

Cleanup scripts borrowed directly from Garytowns great post.

And, as ever, the many members of the WinAdminsSlack forum, who even if they didn’t directly realise, have helped with this! :D.

Especially Colin Wilkins for helping me at numerous stumbling points!

(If you would like an invite to this forum, please do let me know).

 

Feedback \ Bugs \ Future Features

There will undoubtedly be all three.

Should you have any feedback, good or bad, happen to find any bugs (I have no doubt there will be some), or can even just think of some great features to pack into v2, let me know!

 

Rich Mawdsley

 

 

 

 

 

20 thoughts on “Windows 10 Upgrade GUI – For ConfigMgr\SCCM

  1. Thanks for sharing. I’ve been testing, and I noticed a couple of things:
    1. Install.ps1 — what do you think of some way to tell the user if they’re already on the Windows version the script checks for? It’s an edge case, but one that can be confusing to troubleshoot.
    2. The countdown button — this is wonky on my VM. I have plenty of resources, but the countdown number will go up and down, trending downward, until the minute is up.
    Thanks again. Nice work.

    Like

    1. Hi Ronald, would be quite easy to expand the scope of the install so include some extra touches. I’ll have a think around this.

      Regarding the countdown, I believe you’ve found a ‘feature’. Seems to happen if you click the button more than once, must be rerunning the code each time. I’ll get it patched and release an updated version.

      Rich

      Like

  2. Also picked something up small.
    Was busy testing and on first login background was still showing the same under construction image.
    Had a look at the SMSTS.log and the commands from the sample TS points to a different folder so my TS failed to do the cleanup.
    The commandline in the TS points to C:\windows\everythingsccm\win10upgradegui where it should be
    C:\windows\everythingsccm\windows10upgradegui.
    The rest worked very nicely. Great job!

    Like

    1. Well that serves me right for being indecisive with the naming convention!

      TS sample updated in v1.0.4.

      Thanks for letting me know!

      Rich Mawdsley

      Like

      1. O yes another thing if possible. If you run it via shortcut and Software Center the focus does not go to the Windows 10 GUI Application window. On my test machine it stays behind Software Center. We are running SCCM 1706 if that helps in anyway :).

        Like

  3. I noticed today that if I set the legal notice to FALSE, the registry keys are still populated with what text is in the config file for those keys. I confirmed that on two machines.
    Also, the icon..if I change the path in the config file, it still seems to use the original RM.ico file. I have to name my ico file the same. That is confirmed only on one machine…
    Thank you!

    Like

    1. Thanks Ronald. I’ll take a look into this and will update soon.

      You’re correct about the RM.ico. I’ll look into making this a changeable setting. For the moment, if you want to chance the file name, you will need to update the reference to it in MyXaml.xml.

      Rich Mawdsley

      Like

  4. Hi,
    Nice GUI and idea. In addition to the AC/Batterycheck suggested by Ronald Montgomery, would it be possible to add a hardware check for Ethernet/WIFI. (We prefer in our environment that the upgrade should only be started if the device is wired)
    Kind Regards,

    Jakob

    Like

    1. Hi Jakob, Certainly sounds do-able, although perhaps not the Wifi.

      I’m thinking a check for Ethernet and confirm if can ping the domain. That should cover off connectivity.

      Rich Mawdsley

      Like

      1. Wifi is pretty easy to detect. I have used the below vb-code with good effect. Perhaps something you could incorporate in your Frontend?
        ‘On Error Resume Next
        Dim strComputer
        Dim objWMIService
        Dim colWiFi
        Dim colLAN
        Dim objWifi
        Dim objLAN
        Dim state
        Dim wireStatus
        Dim wifiStatus
        Dim strOut
        Dim intOutput
        ‘===================================================================================
        ‘ Initialize Variables
        ‘===================================================================================
        intOutput = 4
        state = “”
        strComputer = “.”
        Set objWMIService = GetObject(“winmgmts:\\” & strComputer & “\root\CIMV2”)
        Set colLAN = objWMIService.ExecQuery(“Select * From Win32_NetworkAdapter Where NetConnectionStatus = 2 and PhysicalAdapter = ‘True’”)
        ‘==================================================================
        ‘ Enumerate the wired adapters in WMI. Add 1 to output if wired adapter is in use.
        ‘==================================================================
        ‘Wscript.Echo(“Output starting at ” & intOutput)
        For Each objLAN in colLAN
        strOut = objLAN.NetConnectionID & ” ” & objLAN.Name & ” ” & objLAN.PhysicalAdapter
        if instr(lcase(objLAN.Name),”virtual”) = 0 and instr(lcase(objLAN.Name),”multiplex”) = 0 and instr(lcase(objLAN.Name),”bridge”) = 0 then
        ‘==================================================================
        ‘ Above line (if statement) is there to eliminate other extraneous adapters that
        ‘ still show up even though we are eliminating all but “physical” adapters. Some
        ‘ virtual adapters are still there, Microsoft being the biggest offender.
        ‘ Add to the line if necessary to remove other non-physical adapters.
        ‘==================================================================
        if instr(lcase(objLAN.NetConnectionID),”wireless”) > 0 or instr(lcase(objLAN.NetConnectionID),”wi-fi”) > 0 then
        intOutput = intOutput – 2
        ‘Wscript.Echo(strOut & ” connected. Output is now ” & intOutput)
        end if
        if instr(lcase(objLAN.NetConnectionID),”wireless”) = 0 and instr(lcase(objLAN.NetConnectionID),”wi-fi”) = 0 Then
        intOutput = intOutput – 1
        ‘Wscript.Echo(strOut & ” connected. Output is now ” & intOutput)
        end if
        end if
        next

        Like

      2. Thanks Paul.

        Open question.. are people actually upgrading machines on wifi? My initial feelings are whilst the upgrade itself can of course be pre-cached and all.. actually once the TS is finished with the upgrade part its going to be unable to contact a Management Point due to lack of connectivity.

        If this is really how people are doing it, and its a check that’s wanted, I’m all for adding it.

        Stick a vote down; https://twitter.com/RichMawdsley1/status/940986090457927680

        Rich

        Like

      3. No, they don’t. But based on my experience from a large Customer where we are doing Windows 10 rollout right now is that 5-10% of the users THINK they are on Ethernet when they are in fact not. Most users doesn’t even know there’s a difference.
        So, we do a osd preflight check Before starting the upgrade, checking wifi, USB sticks in the computer, certified hardware etc before proceeding to notify the user of a potential upgrade problem.

        Like

  5. I can see one problem though with this, which is monitoring. Since the actual deployment to the clients is an Application and not the Tasksequence, I cannot really find a good way to monitor the progress or failure of the OSD, or am I missing something?
    I can see that it has failed yes, but I cannot see any details from the console as I can when monitoring a deployed tasksequence. Nor does the users screen leave any clue of that it has failed, it just sits there with a locked screen indefinetly.

    Like

    1. You will still be able to monitor the task sequence in the same way via the console, as you’re still deploying it.

      Regarding the lock screen.. Stay tuned..

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s