The real problem of Evergreen IT Management isn’t figuring out how to efficiently (and, let’s face it — fast enough) migrate your entire estate from one version of Windows 10 to a newer version. It also isn’t the volume of change if you are managing your Windows 10 OS lifecycle in conjunction with Microsoft 365 Apps for Enterprise in addition to a continuous hardware refresh. That all can be managed very well with the right tooling and automation. The real dilemma goes much deeper.
In my opinion, the dilemma that most enterprises and large organizations struggle with emanates from the very intricate dependencies you simply cannot get around when managing Evergreen IT. In other words, you have to upgrade a whole other slew of infrastructure dependencies — each managed by a different, siloed-off IT department.
Today, using the example of Windows 10 and Microsoft Endpoint Configuration Manager (a.k.a. ConfigMgr or SCCM), I want to first explain the problem and then show how this creates a complicated chicken-and-egg situation between the engineering, operations, and Business-as-Usual/support teams.
Once you’ve gotten the hang of managing your different Evergreen IT upgrade streams, continuing isn’t hard to do with adequate project management tooling and some smart automation. However, as usual, the devil is in the details. The real problem is that the Windows 10 OS upgrade is always the last piece of the puzzle. The Operating System deployment updates are depending on the relevant SCCM infrastructure and database updates.
Let’s say your environment is currently on Windows 10 1809 (which a lot of enterprises are still on which is another problem) and you want to upgrade it to Windows 10 version 1909 which expires in May 2022. In order to upgrade, you will have to also upgrade your Microsoft Endpoint Configuration Manager to the Current Branch of Version 1906 at a minimum to supply that particular Windows version. But that went end-of-life on January 26th, 2021.
Since Windows Version 1910 loses support on May 29th, 2021 and Windows 10 Version 2004 expires for enterprises on December 14th, 2021 (less than eight months from now!), it makes sense to upgrade to the latest version of Windows 10 available right now, version 20H2. If you have not upgraded your SCCM all the way, you might have to upgrade to SCCM 2006 or 2010 (essentially jumping three or four versions).
Is your head spinning yet? Well, now add the .NET Framework, Office 365, Windows Server, and other interdependencies into the mix and you have a really big mess of upgrade cycles that you have to manage.
To even further complicate things, all of those technologies are owned by different teams within IT: SCCM upgrades are controlled by the Operations team, while Windows 10 builds are owned by the engineering function.
Now you have a real chicken-and-the-egg situation with engineering asking the Operations team to upgrade possibly well ahead of their internal timeline. Considering that an SCCM upgrade in a very large organization is by no means an easy feat or quickly done as there are lots of services to patch and update, this could mean a significant hold-up.
In addition, Business-as-Usual / support, who is managing the actual rollout of Windows 10 to the business, might not be ready when the engineering team throws the new OS build over the fence. Or the opposite could be true: they could be the ones desperate for an upgrade to the latest version because their end users are complaining!
Because the three teams are so siloed from each other, run on independent timelines, and have different motivations driving them, you constantly have a chicken-and-egg situation between them and things will get complicated very quickly.
There is no getting around it. This is a complex problem and it will remain so for a while. Therefore, it is important that you:
Finally, in order to keep everything moving along as efficiently as possible, be sure to utilize appropriate Evergreen IT Management tooling and IT automation wherever possible to accelerate and streamline the process. It is imperative to be able to connect all the dots using the tooling, so you know exactly what needs to be upgraded when, and if there is a delay, what is causing it.