Tuesday, January 21, 2014

Migrating Windows – Best practice tips and tricks


Background

For the past year I've been involved in a migration project at a company with +10’ employees, spread over +20 countries. During the project my role was initially to be responsible for the infrastructure and processes required to make it possible to migrate +15’ computers without local technicians. After the infrastructure role I got responsible for roll-out which is also the role that I've got at this moment. Today we’re migrating 100-250 computers a day rather effortlessly. Sure there is a computer or two every now and then with a hick-up but all in all I must say I’m proud being part of what we have accomplished.

Now the road to get to this point hasn't been bump-less all along. Many lessons have been learned and this post is an attempt to share these lessons.

Set your plan and structure

In a big migration project across an entire company splitting the organization in to pieces is necessary, otherwise planning migrations will be a mess. In this specific project we used departments as the key to decide where to migrate and when. One common phenomenon at many companies is to register computers to departments. This is – in my opinion – risky due to the fact that departments pops-up, get new names or are removed which could lead to computers hanging loose without a belonging. Instead register your assets to your employees which will make it much easier to identify and take actions when users with registered assets leave. Also when departments disappear or get new names, the employees will most likely get their new department information from day one.

Roles and information

Set up the roles you need like department CP (contact person), User (recipient of migrated computer)
Set up your information plan but don’t overdo it. Gather “good to know”-info in one place (use the same web-application?) and decide when to notify users and what to tell them.

Establish your project data source

In the beginning of this particular project the idea was to send a list with computers and their belonging (employee -> department) to each CP at every department, asking the CP to confirm that the computers are registered correctly. Now with X thousands of departments it was soon obvious that the work-load to handle those excel-documents was going to be overwhelming. Also in case of computer ownership changes, department changes or employees moving or quitting there would be absolute chaos. We figured the best way was to set up a web-application with the information needed that published each department with the employees and their computers. Syncing the organization information would also lead to automatic updates of what computers that belongs to what department. Additionally each computer was also made schedulable in order for CP  to choose the date at which a specific computer should migrate.

Identify and automate your migration processes

When the time comes and a computer is about to migrate a bunch of tasks have to be performed. Although the tasks vary from case to case the tasks are probably supposed to be done in the same manner every time. That’s a perfect set up to automate things so start by identifying the steps needed for a successful migration. I.e. send information mail T-x, move computer, add/remove computer to groups or collections, move user, add/remove user to groups or collections etc etc.

Implement your processes

Set up a scheduled job to perform the tasks needed at the time when a computer is scheduled. A reliable workflow engine is an advantage and from my experience I can recommend both Igaps iWorker (part of Igap Missito) and Microsofts Orchestrator where iWorker is highly flexible, has extensive logging possibilities and Orchestrator is a great engine even if it’s a little more slow rowing and may be a bigger investment if not already in place. Add your user information notifications to the scheduled job according to your information plan. 
In this specific project we moved both computers and groups, added and removed different groups and prepared SCCM (Microsoft System Center Configuration Manager) with both Windows installation and application prerequisites.

Monitoring and follow-up

Migrating many computers every day could generate an extensive back-log if problems aren’t dealt with right away. To be able to see what went well and what didn’t we used a lightweight web-application called Igap SDO to monitor the deployments in SCCM. With the web application we were able to see what migrations that went well, what migrations that were currently running and what migrations that had gone wrong. Additionally for the ones that went wrong the logs are available for the SCCM people to identify issues in the migration process, correct them and check that they were actually resolved.
Another important feature is to make sure that all the scheduled jobs that run logs exactly everything. This will be a great help during the migrations to be able to track down every single step in the process that can be improved. 
Igap SDO

Application mapping

Since we identified and implemented the processes needed, made some small corrections along the way the workload decreased dramatically after a while. The time released could then be used to improve things further. One thing that was much appreciated was the automatic application mapping addition to the migration process. Most of the applications were and are re-packaged for the new platform. Some of them easier others a little more difficult. The application mapping addition was included to make sure that the user got the applications for the new platform that corresponded to the applications he or she on the old platform. I think the addition made the questions a lot fewer and the employee satisfaction a lot higher. It was all set up in a database with the old and the new application mapped to each other and then used in a step in the scheduled migration job.

Extra extra

We’ve accomplished more great stuff in the automation of migration process but they would be more suitable for a book since this post is already too long. But feel free to contact me if you have any questions or want to now more!