Microsoft is going to great lengths to ensure Windows 10 is better received than its predecessor. Unlike the experiment with Windows 8, Windows 10 Developers have gone out and engaged large corporations to discern which features they needed. Product support was involved from the first on Windows 10 in order to maintain the vision for a common experience across device platforms.
Regular Maintenance Makes for a Reliable Enterprise Solution
Probably most important to enterprises, the start menu is back, so user confusion will be an absolute minimum. There are a LOT of features that make Windows 10 a compelling upgrade including much improved security, but here we will focus on how easy that upgrade will be to accomplish.
Automated updates used to NEVER be an in-place upgrade option, but now, Microsoft has enabled the ability to do an automated update that is un-attended from Windows7/8. This update can take as little as 7 minutes.
The update carefully inspects the machine and if there are ANY known issues it behaves as you have configured by either rolling-back or displaying the errors. In fact, the US Air Force, one of the fastest adopters of new Microsoft technologies, will be using the in-place upgrade.
Microsoft’s recommended upgrade path for Enterprises is to go direct via unintended upgrade 7-10, 8->10, 8.1->10. There is not a Vista or an XP direct upgrade path.
There are some scenarios where an upgrade won’t work, for instance with X86 to X64 systems. Also, the base language needs to be the same. As an example, you can’t have a base language of German and try and upgrade with Base language of English.
In-place upgrades can also happen other ways, included SCCM, or even a batch file sent via email that points to your customized source media.
Changes were made to SCCM/WSUS for compatibility, so make sure you get the updates to these tools for preparing and deploying your new images!
Simplified Deployment and Provisioning
The preview for the new Microsoft Deployment Toolkit (MDT) is available now, with all the tools to do image creation for windows 10. The final version is scheduled for the launch on July 29th.
There were some early issues with 3rd party encryption products because the Windows pre-execution environment did not have drivers for some of the vendors. Microsoft and these vendors are working hard to have these issues resolved by the release date. A couple of security companies are going to create a management engine for Microsoft Bitlocker and drop their own encryption. This is HUGE: it will be the least expensive way to use Microsoft Bitlocker in an enterprise environment. Previously you had to purchase Windows Enterprise plus the MDOP product to get the Microsoft Bitlocker Management Studio.
What happens when an employee leaves with a Windows Enterprise enabled device?
To help corporate IT better manage devices, Windows 10 can re-provision a machine from Pro to Enterprise and connect to a domain in the process. You will also be able to roll-back a machine from Enterprise to Professional if the machine isn’t domain joined. For now, Microsoft recommends joining the machine to an Azure domain (a new feature of Windows 10), which can be rolled back. Microsoft is working on the ability to roll-back Enterprise to Professional on domain joined machines, however, this will likely not be a feature in the released product.
Lastly, if an employee leaves the company and has Windows Enterprise installed on their BYOD, the Windows Enterprise version won’t be able to see the company’s KMS server, so after 180 days, the end user will get a watermark, and some reduced functionality on updates. Microsoft is recommending AADJOIN (Azure Active Directory Join) for BYOD devices so that they can easily have company specific information removed and rolled back to Windows Pro.