You know and love our Must-Read IT Blogs lists, but now, say hello to the nonprofit side.
In times of shrinking budgets, businesses may have trouble affording an upgrade to the latest version of Windows in one fell swoop. Instead, some companies take a staged approach to such migrations. This is especially true with Windows XP, a relatively stable platform, and Vista, a product associated with under-the-hood changes. The problem with phased migrations is that there will be a period of time, often many months, when you may need to work to ensure the two platforms can coexist happily on the same network. Here are five best practices to help your staged migration from Windows XP to Windows Vista take place with a minimum of problems.
If you’ve developed custom applications for your business that run on Windows XP computers, you need to ensure that these apps will run properly on Vista before you migrate your computers to the new platform. There are several architectural changes in Vista that can cause problems for applications coded for earlier versions of Windows. For example, the user profile folder structure has been completely overhauled in Vista. My Documents is now named Documents and is now found under C:\Users instead of C:\Documents and Settings. The same goes for My Pictures, My Music and My Videos.
In addition, these profile folders are now peers of the Documents folder instead of subfolders. So if your applications have hard-coded profile folder paths, you may need to replace these with paths that use environment variables to make sure your custom apps can access profile locations properly. For more info on Vista profiles, see Chapter 14, “Managing Users and User Data,” in the Windows Vista Resource Kit, Second Edition.
Another change that can affect older custom applications is Session 0 Isolation, a new feature of Windows Vista that isolates all services in Session 0 while running applications in other sessions so services can be protected from attacks originating in application code. Gov Maharaj, a software design engineer on the Windows team at Microsoft, says any custom applications that depend on a service on the desktop will likely not work because of Session 0 isolation. “That means you need to make sure that any services that your application uses do not prompt any user interface notifications,” Maharaj says. “Also, during early testing, you will want to make sure services work in a real terminal server environment rather than the local console.” For more on Session 0 Isolation, see www.microsoft.com/whdc/system/vista/services.mspx.
The changed profile folder structure in Vista compared with XP also impacts how Folder Redirection (FR) and Roaming User Profiles (RUP) work on the two platforms. Storing settings and data for users on network file servers helps ensure this information can be backed up easily and lets users roam the network using different computers if needed. But getting FR and RUP to work properly in a mixed Vista/XP environment takes some planning. According to technology author Jerry Honeycutt, one big challenge is Folder Redirection (although Roaming User Profiles encounters similar issues). “Things can get confusing in a free-seating environment, where users roam from PCs that are running Windows XP to PCs running Windows Vista,” says Honeycutt.
Chapter 14 of the Windows Vista Resource Kit, Second Edition, is also a good source of information on how to make FR and RUP work together in mixed environments. Another useful guide is the Managing Roaming User Data Deployment Guide available at http://go.microsoft.com/fwlink/?LinkId=73760.
The implementation of a new least-privileged user account (LUA) security model in Vista can impact network connectivity and file/print sharing between XP and Vista computers. For example, mapped drives that work under XP may not be accessible from Vista and vice versa. The underlying issue here, according to Maharaj, is that when accessing the share of a remote machine, if you are in a split token account, you will by default use your lower level token to access the share. “That means even if you are part of the Administrators group and you access an admin-only share, you will be denied access unless you are also granted explicit access by name,” he says. For more on this issue, see http://support.microsoft.com/kb/947235.
Another networking issue is that Vista’s new Network Map won’t even display your XP computers unless you download and install the Link Layer Topology Discovery (LLTD) Responder on your XP computers. You can find out more about this issue and obtain the download from http://support.microsoft.com/kb/922120.
If possible, you may want to group XP and Vista computers into different organizational units (OUs) so you can apply separate Group Policy Objects (GPOs) to each platform. But if this arrangement isn’t feasible for your organization, don’t fret — you can use Windows Management Instrumentation (WMI) filtering to control which version of Windows a particular GPO applies to. Honeycutt says that some customers might stumble initially on the differences in Group Policy. “But there’s really no need for this,” he says. “Filtering policies based on which Windows version is made easy by using WMI filters, so it’s not hard to keep unique settings targeted specifically at PCs running Windows Vista.”
Finally, network backup and antivirus software that work on XP may have difficulty running on Vista. Maharaj says when it comes to backup apps, the agents they use to install on XP may not install at all on Vista, and may require either an agent update or a complete update to your backup solution. “Remember that NT backup has been completely removed from Vista,” Maharaj says. “Tape backup support has also largely been removed from Vista. Virus-scanning agents have similar issues and may require an update or a complete change.” For help, see www.microsoft.com/forefront/default.mspx for Microsoft solutions in these areas.