The new Office Garage Series: Client Configuration Management 101

In this blog post, our animated hosts Jeremy Chapman and Yoni Kirsh begin to tackle the frequently asked question, "Do I get more control if I use the traditional Office installation?" They look at automation support and install-time controls, configuration management via Group Policy and new Office Telemetry tools with a special visit from the lead Office Telemetry engineer, Chris Yu.

Add a reminder to your calendar to tune in each Wednesday 9am PST. Also mark April 3rd, 9am PST on your calendars when we come to you with the Garage Series Live! We'll have Paul Thurrott, early adopters and Office engineers to discuss lessons learned, deployment secrets and much more.  

Jeremy: Last week we went deep on package types for Office and explained the feature differences and similarities between Click-to-Run and MSI-based installations of Office. In the blog post, we also explained that network traffic is about the same whether we use Office Professional Plus 2013 or Office 365 ProPlus - around 700 MB at install time and similar monthly update sizes. In fact, if you installed our last update for Click-to-Run (15.0.4454.1513 atop .1511), the package size was around 43 MB (thanks for the measurement, Curtis). Yoni showed how to get the Click-to-Run bits using the Office Deployment Tool. I wrote about where pre-upgrade tenants get Office for Mac bits. Finally we explained the three core instances where subscription activation won't work: RDS, Windows To Go and closed networks.

Yoni: This week we focus on configuration management and cover all of the main areas for Office - pre-installation prep, install time settings, Group Policy and post-installation monitoring. Like any good donut plot, it turns out our tools for pre-installation prep and post-installation monitoring are now the same tool set with the new Office Telemetry capabilities. And we brought in Chris Yu from the Office engineering team to explain his creation. One of the most exciting parts of this release is that you now have context for your troubleshooting and compatibility/migration efforts. Instead of just blindly finding all Office files and solutions, we can see how frequently files are used and whether they are in the critical path for a migration, who uses what and who will be impacted by any issues.

Jeremy: For example, it doesn’t really matter whether or not a spreadsheet is compatible if it hasn't been opened in 5 years and only one person has it. Imagine finding 100,000 docs across a 1000-seat company. Office Telemetry will help you identify what matters based on what is used and who is using it. So it helps reduce the amount of time you spend testing for a new Office rollout.

Yoni: But it doesn't stop there. Whereas in the past we would have used compat tools just to prepare for a migration, we can use Office Telemetry to maintain performance and continually track issues. We'll know the extent of the impact of any problems and can even use the new solution management capabilities to block unwanted add-ins from running.

Imagine your help desk phone rings and a user complains about a bad Office add-in. Once you confirm it's bad, you can find the other 100 people with that add-in loaded and blacklist it from running - before the help desk line rings a second time.

Jeremy: This week we presented an overview, but next week we'll go much deeper into the Office Telemetry tools: Telemetry Dashboard and Telemetry Log. When we're rolling out Office, after we do our compatibility testing, the next step is usually to figure out which configuration settings we want to enforce with Group Policy.

The process is the same one that you would normally use, download the Office Administrative Templates, load the ADMX files into %windir%\PolicyDefinitions\, open gpedit and open the office2013grouppolicyandoctsettings.xlsx you just downloaded to poke around a bit.

Yoni: Those with trained eyes will see things like \general!skydrivesigninoption,  \licensing!hidemanageaccountlink, \firstrun!disablemovie, \osm!enablelogging for the first time. These are the same for the traditional and Click-to-Run installation and correspond to a handful of new features from signing into Office to managing telemetry components. In total, Office has 2163 configurable ADMX settings.

Jeremy: I had a chance to interview Skji Conklin the program manager looking over Office Group Policy and Roaming Settings. I think a lot of people who grew up with Roaming User Profiles in Windows might get confused about how the roaming feature works in Office. On the Windows side, we roam the actual file on each log in or log out event, which could amount to several MB of data while causing performance issues among other things when logging in and out.

In Office, we roam a tiny amount of information tied to the user account - links to the most recently used docs (MRU), custom dictionary, last page or last slide, and theme settings. Since we only roam links to files instead of the files themselves, the settings package is tiny and file access management policies remain intact.

Yoni: With Office Telemetry running, Group Policy configurations in place and our new understanding for roaming settings in Office, the final core area to look at was install time configuration. If you are using the traditional MSI installation package the Office Customization Tool is basically identical to the Office 2010 version and can be used in the same way. Likewise, you can use the configuration.xml file format we've had since Office 2007 as well.

Jeremy: When you start looking at Click-to-Run, you need the Office Deployment Tool (ODT). Click-to-Run doesn't use the Office Customization Tool and the configuration.xml file is different. Last week, we saw the ODT used to download a Click-to-Run package and this week we explained the new configuration XML file and how that can control software update behavior with a Click-to-Run install. There is a great article on ODT options on TechNet.

Yoni: Next week we'll talk about the implications of a user-based Office model, demonstrate the user-based activation experience with Online Services IDs or Single Sign On with ADFS and we'll bring in special guest, Mark Russinovich, to talk about how Azure Active Directory is secured.

Jeremy: Be sure to tune in at 9am PST on April 3rd for the Garage Series Live! show where we'll bring in Paul Thurrott from along with early adopters and engineers to discuss their experiences with the new Office with live Q&A.

See you next week!


More Resources:

Garage Series for IT Pros Archive for previous episodes

Office 365 ProPlus Trial

Office TechCenter on TechNet

Office 365 TechCenter on TechNet

Follow @OfficeGarage on Twitter



About the Garage Series hosts:

By day, Jeremy Chapman works at Microsoft, responsible for optimizing the future of Office client and service delivery as the senior deployment lead. Jeremy’s background in application compatibility, building deployment automation tools and infrastructure reference architectures has been fundamental to the prioritization of new Office enterprise features such as the latest Click-to-Run install. By night, he is a car modding fanatic and serial linguist. He first met Yoni Kirsh, founder of the Australian-based deployment services company Fastrack Technology, back in 2007 at a Microsoft customer desktop advisory council. Yoni's real-world experience managing some of the largest Client deployments for the Asia Pacific region has helped steer the direction of the new Office. Additionally, Yoni is an aviation enthusiast and pilot. Both Jeremy and Yoni are respected technical speakers and between them have over 20 years of experience in the deployment and management of Microsoft Office and Windows clients. They are also leading experts in the transition to Office as a service.