Three little words can change your life forever. Whoever said that originally clearly had a time machine because they’d experienced Windows 10 Upgrades. Microsoft have completely changed the game with Windows 10, providing regular releases that we all need to stay on top of.
This for a home user is simple! A quick scan to Windows Updates, and we get a whole chunk of information and pretty imagery inviting us in.
But, what about for the Enterprise?
Well, the ConfigMgr\SCCM team have done a superb job of giving us the ability to upgrade machines on mass, fully in our control with both Servicing Plans, and my preferred choice, Upgrade Task Sequences, and these work great!
But, for the end-user, they are left a little in the dark. They either get a windows update that takes an hour to install, numerous restarts and everything has suddenly changed. Or they get a task sequence dialog pop-up which to the uninitiated, can be a little daunting and uninformative.
What if instead, we empowered the user?
Make it Shiny
- Make a GUI informative for users, to run whenever they please.
- Pack it with information and customisation options.
- Ability to run pre-upgrade Hardware Checks.
- Ability to attempt remediation steps should Hardware checks fail.
- Run outside and individual to the Task Sequence.
- Increase upgrade success rate.
User Runs GUI > GUI Run Checks > GUI Restarts Machine > Task Sequence Is Run
What can it do?
The GUI currently has two checks built-in;
- Hard Disk Space Check (default 20gb)
- RAM Check (default 2gb)
These checks automatically run, giving the user dialog and information the whole way through. Should the Hard Disk Space Check fail, then it will move onto remediation. If the RAM check fails, then it informs the user why and they are left to exit.
These checks are completely pre-tasksequence. Halting and hopefully averting unnecessary failures before it even gets there.
When the GUI comes here because it’s detected the hard disk is too full, it attempts to remediate the problem by clearing & running;
- Dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase
For the majority of machines, this will free up a good chunk of space, gb’s at least, and hopefully enough to allow the machine to pass the checks and continue with the upgrade. If not, they are redirected to a screen to inform them, and to exit the upgrade GUI.
Final-Script \ Reboot
The last stage of the GUI does a few things..
- Sets a ‘Windows 10 is Upgrading’ lock screen wallpaper (optional)
- Configures legal text to inform anyone who attempts to logon (optional)
- Blocks logins for any current users of the machine (optional)
- Configures the Upgrade to take place at next startup (scheduled task)
- Restarts the machine after a 60 second countdown
This is all about 2 things, user experience, and success rate. Up till this point, we’ve given the user full control over their upgrade with this GUI, they’ve chosen to run it and have been informed of whats it’s going to do and how long its going to take. Now, we’re going to restart the machine to make sure we’re at a fresh boot with no one logged on, no dodgy programs running, completing any pending windows updates, and, we’re going to keep it that way while we run our upgrade.
You can, of course, change the majority of settings and content in this GUI via the main Settings.config file.
Title Bar, Company name & URL, Banner, Title, Main content, Learn More Button URL, Icon are all configurable.
Two Settings.Config files exist. These are where you can make your changes.
The first is at the main root which holds all customisation as per above example, and as seen below;
The second is where you need to specify some details about the task sequence you are using for your upgrade.
This Task Sequence needs to be deployed to the machines (available or required).
You can add up to 10 different ‘AdvertisementID’s’ to the GUI for a single Task Sequence.
Two applications are provided for you to import;
1. Windows 10 Upgrade GUI
This is the application you need to deploy to users as Available. This runs the GUI. It has no content so does not need distributing. It purely runs the GUI from the local machine. Its detection is based on a file which will get installed during the Task Sequence (included in the sample).
2. Windows 10 Upgrade GUI Source Files
This app installs the source files for the GUI onto the target machine, and is a requirement for app 1. This needs to be distributed, but not individually deployed*.
Task Sequence Steps
We need to run some cleanup actions in the Task Sequence Post Upgrade. I’ve included a sample Task Sequence which includes these steps. You will need to add these into your Upgrade Task Sequence.
Lets really make this easy, and obvious to our users shall we?
Copy the shortcut link from Software Center for the deployed Windows 10 Upgrade GUI, or, as its seen in the catalogue, “Upgrade Windows 10”.
Take this url over to your group policy, and create a desktop shortcut..
*You’ll have noticed above I’ve based this targeting on the main executable. For this to preexist, you must predeploy the SourceFiles application to the machines.
And there we are.. much better;
You have the option to specify in the Settings.Config file;
If this is True, then the GUI will add all current users of the machine, to a new local group called “Windows10UpgradeDisableLogon”.
Add this group (no domain prefix), to a logical group policy under ‘Deny Log On Locally”.
The outcome of this is as you’d expect, after the machine restarts, any current users of that machine will be unable to log in.
Back to the whole idea of this.. Improve User Experience and Increase Success Rate.
Is it a good idea to have the upgrade task sequence running whilst the user is logged in doing xyz working around it, moving the progress bar out the way (assuming its open) and then Bang! A completely unexpected reboot.
We can do better can’t we? Set this. Make everything better.
You can specify an account with wildcard to not add them to the blocked group. For instance if all your IT accounts are “EverythingSCCMITLogin1” “EverythingSCCMITLogin2” etc, (bit weird if they do), then you could specify;
This way, should IT need to login to the computer, they certainly can do.
- This has been solely tested on Windows 10 1511 and above.
- This has 100% been designed for Windows 10 > Windows 10 upgrades.
- Application must run from C:\Windows\EverythingSCCM\Win10UpgradeGUI
v1.0.5 | 13/12/2017 | Bug fixed with LegalText still applying despite config set to False
v1.0.4 | 11/12/2017 | TS Sample Updated, wrong path in step.
v1.0.3 | 10/12/2017 | Bug fixed with final Upgrade button duplicate clicks.
v1.0.2 | 08/12/2017 | Removed dev variables from Settings.Config
v1.0.1 | 08/12/2017 | Base
I could not have made this GUI if it wasn’t for Stephen (FoxDeploy) Owen’s superb series on exactly that. If you’ve not seen his page, or even if you just want to learn how to make these things, go have a read; https://foxdeploy.com
100% of the shininess comes from the b-e-a-utiful Mahapps.Metro theme!
Cleanup scripts borrowed directly from Garytowns great post.
And, as ever, the many members of the WinAdminsSlack forum, who even if they didn’t directly realise, have helped with this! :D.
Especially Colin Wilkins for helping me at numerous stumbling points!
(If you would like an invite to this forum, please do let me know).
Feedback \ Bugs \ Future Features
There will undoubtedly be all three.
Should you have any feedback, good or bad, happen to find any bugs (I have no doubt there will be some), or can even just think of some great features to pack into v2, let me know!