Windows as a Service (WaaS) – Technical Solutions

There are many strategies, approaches and opinions about Windows as a Service. Today I would like to take a closer look at the possibilities. There is the classical and the modern approach, which one can go. But sometimes you still have to use parts of the classical methods.

Let’s take a look at how an operating system migration was carried out in the past. For us, the most important thing is the successful creation of the client build, not the subsequent deployment.

Advertisements

My blog posts in the German Dell EMC Blog are also suitable for the topic. Sorry, no English translation available.

Vorbereitungen für ein In Place-Upgrade mit Windows 10 – Teil 1

Vorbereitungen für ein In Place-Upgrade mit Windows 10 – Teil 2

Advertisements

The path of the past

In the past, the scope was set first, which means that the intended applications were selected. The next step was to check the information provided by the software manufacturer. Have there been any support statements about the target release of Windows? Or was the solution to buy a new version?

It was then more difficult with software that was made to order, or where the manufacturer no longer existed. Here the solution was often the same as with programs that were no longer supported. Here, only testing and trying with various methods such as Microsoft Application Compatibility Toolkit, local administrative rights or switching off the UAC helped. These were most difficult problems. I have often experienced in the past that self-developed applications were the most difficult candidates.

The classic way

The classical way today basically corresponds to the way of the past. It just gets easier. Due to the telemetry of private users and companies that do not limit telemetry, “Ready for Windows” is also an information portal for some programs. Although this page is not a guarantee that every function of the software will work, it is a very good indicator. Unfortunately not every software is listed, only some. What Microsoft is decisive for is unfortunately unknown to me.

Quelle: Screenshot Microsoft.com - Ready for Windows
Quelle: Screenshot Microsoft.com – Ready for Windows

Here you will not only find information about the software in general, but you can also find information about the different versions.

Quelle: Screenshot Microsoft.com - Ready for Windows
Quelle: Screenshot Microsoft.com – Ready for Windows

If you can’t find anything here, go to the manufacturers’ pages. A few links can be found in Part 1 of the above-mentioned article. If you only find a general statement like “Supports Windows 10” or similar, please ask. Sometimes this just means, with the no longer supported release 1511 it works…

Who would like to deal more with the topic data from the telemetry, which we find with the modern way?

Important when checking compatibility: Which version of the software works with which release of Microsoft Windows 10. Unfortunately, some manufacturers have switched to pairing their own software releases with those of Windows 10. This doesn’t sound bad at first sight, unless every new version is charged.

In such cases, a software maintenance contract is usually recommended, similar to the Software Assurance for Microsoft products with volume licensing.

The Modern Way

In order to speed up Windows as a Service a little, Modern Solutions provide an ideal solution. Here is an overview of the solutions.

Telemetry – The data that summoned

These always relied on working with telemetry data. In Germany, telemetry, in particular, is often a case for the works council, the data protection officer, the legal department and a number of other departments. In this case, it is important to question the exact concerns and to check whether these are relevant or whether the problem already exists? An example from practice: “Can IT see how often and for how long an employee plays solitaire? Anyone hoping for a general answer must be disappointed, everything depends on the settings. Of course, IT has a greater benefit if telemetry is set higher, but you can consider it. Also, there are often systems in the company that already collect similar data, but because it is a cloud service, there are concerns. If you have analyzed it so precisely, then you can usually dispel the worries with the appropriate documents.

Windows Analytics – Unfortunately already deprecated…

Windows Analytics or Azure Log Analytics is a service where data is analyzed in the Microsoft data centre. Partly purely via telemetry, some solutions also require a script or agent to run.

There are 3 parts that are of interest to the subject of WaaS:

  • Device Health: Helps you analyze application and driver crashes
  • Upgrade Readiness: Helps you determine which devices are already “ready” for your next target release
  • Update Compliance: Helps you keep track of Windows Updates for Business

Detailed articles on this topic can be found here. At the time of publication, however, they were not yet available in English. But have a look:

Unfortunately, Microsoft has announced that it will discontinue these services by January 31, 2020. The successor is Desktop Analytics.

Desktop Analytics

Desktop Analytics is currently only available in a preview version. Unfortunately, there are some limitations. Besides a current Microsoft SCCM infrastructure or Intune, the service is only available with certain licenses (e.g. Windows 10 Enterprise E3/A3/E5/A5 or Microsoft 365 F1/E3/A3/E5/A5).

More about this topic in my current post “News about Windows Analytics: Upgrade Readiness / Desktop Analytics“.

Autopilot and MDM reset

Of course, a lifecycle strategy that is WaaS also includes a solution for the end of the lifecycle. This means how can I reset a device to factory settings. This happens in a modern way via an MDM (e.g. Intune or Workspace One) in the cloud. Here a function called Autopilot comes into play. I have already written several articles about this. It should be noted that Autopilot does not yet offer the solution for all deployment scenarios.

Of course, this is also a strategy if the software installation is defective, and only a new installation promises relief.

Looking to the near future

Some of these functions are already in place today, either as previews or in basic form. But they are not final yet, and even if they are still missing the distribution. Some of these technologies will have to grow for some time before they can be used.

About the Preview Phase

The function / the product is at the moment in a preview phase, up to the finished state can still change some things. For this reason, the function should only be used for productive purposes with caution.

Windows Updates for Business

Already today, Microsoft Telemetry uses information in Windows Updates for Business and suitable devices to identify and roll out updates. To do this, an evaluation is generated from the installed drivers and applications. This evaluation is already done with AI, i.e. a trained and learning machine. This will become better and better in the future. Microsoft is hoping to get the problems with the updates and the problems better under control.

Quelle: Screenshot aus Foliensatz BRK3020 - Using AI to automate Windows and Office update staging with Windows Updates for Business (Ignite 2018)
Machine Learning to predict device update readiness 
Drivers 
Firmware 
Apps 
Ha rdware 
Etc. 
Pattern Matching 
Identify what leads to 
good and bad rollouts 
E.g. Driver-A and App-G 
Device 
80931 
53289 
32549 
34912 
53948 
84352 
64856 
52465 
31248 
87985 
23749 
Pattern 1 
XlH4SUl 
J2S8LAUlL 
F3MOFUl 
Q8GWUl 
GWE31KL 
LJG9SDFK 
GWERE 
GWL2ET 
35LlHJQ 
GFW2EWT 
LUJ24YK 
Pattem 2 
QW413RO 
T29VNSW 
GTMJL245 
IHLK140S 
53NHKLQ 
HlWGT35 
GWE04N2 
24NFWEH 
GERG42 
DSA349M 
GNW432N 
Device Scoring 
Use ML to predict 
which devices are 
ready to update 
Device 
80931 
53289 
32549 
34912 
53948 
84352 
64856 
52465 
31248 
87985 
23749 
Score 
.9 
.86 
.83 
.79 
.75 
.74 
.68 
.64 
.61 
.56 
.43
Source: Screenshot from slides of BRK3020 – Using AI to automate Windows and Office update staging with Windows Updates for Business (Ignite 2018)

Based on the score determined, the updates are provided to the first systems.

Quelle: Screenshot aus Foliensatz BRK3020 - Using AI to automate Windows and Office update staging with Windows Updates for Business (Ignite 2018) Device readiness drives rollout 
Device 
80931 
53289 
32549 
Score 
.9 
.86 
.83 
Windows Update 
Update offering 
Bandwidth management 
80931 
53289 
32549 
Listening Systems 
CSS Call Volume 
Post-Upgrade Health 
• App crashes or hangs 
• Kernel mode crashes 
• Rollbacks or uninstalls 
• Dirty shutdowns
Source: Screenshot from slides of BRK3020 – Using AI to automate Windows and Office update staging with Windows Updates for Business (Ignite 2018)

By analyzing the health data from telemetry, the AI system can also evaluate if an application or driver in a specific version is compatible or not.

These settings can also be influenced by group policies or MDM policies. But only in a way that the updates can be delayed in order to map update rings in the company.

Reset from the Cloud

Windows 10: Reset from the cloud should be possible from spring 2020, and can already be tested in the current Insider Previews. This is especially useful if the local data is damaged or a newer version is available. Thus, a reset to the current Windows 10 version is also possible. This option is available for a complete reset and also for one where the personal data are preserved. It is important that larger amounts of data are transferred. Microsoft speaks here of up to 4GB.

Note on transparency

At the time of writing, I was working for Dell Technologies. However, this article reflects my own personal opinion, and was not sponsored, influenced or rewarded by my employer in any way. #Iwork4Dell

This article first appeared on Infrastrukturhelden.de in German.

This article is a translation of the Infrastrukturhelden.de article “Windows as a Service (WaaS) – Technische Lösungsansätze” (Published – 2019-10-22). Links may refer to other Infrastrukturhelden.de articles, these may also be available in English language.

Also it can be, that I still use screenshots of German systems. However, where it is possible for me with little effort, I insert screenshots of English systems.

Advertisements

Author: Fabian Niesen

Fabian Niesen has been working as an IT consultant for years. Here he writes privately and independently of his employer. Among others he is certified as MCSA Windows Server 2008 / 2012, MCSA Office 365, MCSA Windows 10, MCSE Messaging, MCT and Novell Certified Linux Administrator. Since 2016 he is also MCT Regional Lead for Germany. His hobbies are social media, blogging, medieval markets, historical songs and house building.

Leave a Reply

Your email address will not be published. Required fields are marked *