In a recent post I mentioned the Innovation Days event that is happening in Sydney on September 17. If you haven’t registered yet, head on over to the registration site and reserve your place. Check out the session agenda here, and make sure you come along to my session at 4:10pm to hear more about the latest updates to Windows 10 and the Enterprise Mobility + Security suite.^ Scroll to Top
Please join us at the Windows Server 2016 Launch Breakfast Event.
As organisations move to the cloud at their own pace, Windows Server 2016 supports them through their transition. Whether running traditional workloads or the latest cloud-native apps and technology, users get added availability and new layers of security from the same OS that powers Azure. With the 2016 wave of hybrid datacentre solutions, new and enhanced features will help you make the most of your existing resources while delivering you the latest innovation. From enhanced security features, software-defined datacentre to the application platform, Windows Server 2016 offers new investments in cloud technology that will benefit your organisation today.
In addition, come learn how you can manage your on premise and cloud environments via a single pane of glass with Microsoft’s new System Center 2016 and Operations Management Suite
Mark O’Shea, Microsoft MVP will guide you through the hybrid discussion and how you can transform your datacentre today. Mark has been working with server technologies at Microsoft for over 20 years. His current focus is driving hybrid solutions with Windows Server and Azure. We look forward to you joining Mark and the Microsoft local team at this local event to discuss how next generation hybrid solutions can help your business.
It’s a session not to miss! Presentations and discussions will be illustrated through live demos, so make sure not to miss this opportunity!
Breakfast will be served on arrival. Please advise us in advance of any dietary requirements you may have. We look forward to seeing you there! Please RSVP early and forward to your colleagues:
Select your location:
Melbourne – 11th October Time: 7:45 AM – 11:00 AM Address: Vibe Savoy, 630 Little Collins St, Melbourne VIC
Perth – 18th October Time: 7:45 AM – 11:00 AM Address: Four Points, 707 Wellington St, Perth WA
Adelaide – 19th October Time: 7:45 AM – 11.00 AM Address: Sage Hotel, 208 South Terrace, Adelaide SA
Brisbane – 20th October Time: 7:45 AM – 11:00 AM Address: Hotel Urban, 345 Wickham Terrace, Spring Hill QLD^ Scroll to Top
Based on your feedback to have one grouping and targeting experience across Enterprise Mobility + Security, Microsoft is converting Intune Groups to Azure Active Directory (Azure AD)-based Security Groups. This new unified group management experience will keep you from having to duplicate groups between services, introduces dynamic grouping for Intune device properties, and provides extensibility using PowerShell and Microsoft Graph.
How does this affect you? A preliminary timeline and a high-level list of what to expect follows. While Microsoft knows many of you are looking forward to this new experience, the timelines shared below may shift. See the documentation page linked below for up-to-date information. Existing Intune customers will see no changes until they start group migrations in November.
|•||In September, some newly provisioned Intune service accounts will start seeing user-based group management and later device-based group management workflows from Azure AD integrated into their Intune console.|
|•||In November, they plan to start migrating existing customers to the new Azure AD based integrated grouping experience. They won’t start group migrations until they can minimize any impact to your day-to-day work and expect no end-user impact. They will also provide notice prior to your tenant’s migration. Once migrated, you’ll still be managing groups, just in Azure AD instead of Intune.|
|•||Documentation and updated migration timelines will be kept current on the grouping docs page. If you have questions or concerns please contact the migration team at email@example.com or support.|
New service functionality being introduced includes:
|•||Azure AD security groups will be supported in Intune for all types of deployments. Prior to this change, you may have used Intune groups for some and Azure AD groups for other types of deployments.|
|•||Azure AD security groups will support grouping of devices along with users, such as ‘all of IT’s test users and devices’ or ‘all of marketing iOS devices’.|
|•||Azure AD Security Groups will support dynamic groups with Intune device attributes, such as ‘put all iOS 8.0 devices into a group’ to get a specific policy.|
|•||‘Intune Service Administrator role’ added in Azure AD to allow Intune service admins to perform group management tasks in Azure AD.|
In addition to changes in group management, the following functionality will be deprecated:
|•||Excluding members or groups while creating a new group in Intune. Note that Azure AD dynamic groups will allow you to use attributes to create advanced rules to exclude members.|
|•||‘Ungrouped Users’ and ‘Ungrouped Devices’ groups|
|•||Service administrators’ ability to manage group access through Intune|
|•||Grouping of EAS devices. ‘All EAS Managed Devices’ group will be converted from a group to a report view.|
|•||Pivoting with groups in reports|
|•||Custom group targeting of notification rules|
What do you need to do to prepare for this change?
|•||Clean up any unwanted groups in your Intune environment.|
|•||By November or by the time you are migrated, discontinue use of the functionality being deprecated.|
|•||Familiarize yourself with how group management works in Azure AD by reviewing the more information link below.|
|•||If you have Intune admins who do not have permissions to create groups in Azure AD, request that your Azure AD administrator add them to a new Azure AD role called ‘Intune Service Administrator’.|
Link to more information, including up-to-date information: http://aka.ms/new_grouping_experience^ Scroll to Top
The latest build of the Windows 10 developer evaluation VMs are available for download, and contain the following.
These VMs run until 31/10/2016 and are available for VMWare, Hyper-V, VirtualBox and Parallels, and are approximately 20GB in size.^ Scroll to Top
Cloud and Datacenter Management Topics covered include Private, Hybrid and Public Cloud and the future of applications, integrating Cloud into your IT strategy/the challenges of the journey to the cloud, managing scalable applications to managing customer relationships through social platforms; Linux and Windows OS migration to public Cloud.
Data Analytics and Integration The world is moving faster than ever before, with more devices, more connections, more networks and new data. More than ever, to stay competitive, your business needs to move fast to process the large volumes of dynamically changing data. Learn how to be at the market frontier with enterprise analytics and unlock the power of your data in the cloud.
Identity Enterprise identity management has been primarily focused on access to employees and contractors. But as the industry has been perfecting how to serve employees, consumer identity has presented itself as a growth opportunity for businesses and identity professionals alike. Topics covered: Identity Management, Device Management and Identity as a Service.
I think it might be accurate to say that Windows 10 Enterprise has received more attention in the last month than it has received over the entire lifecycle so far for Windows 10, first of all with the E3 and E5 subscription options (which don’t replace the VL editions, just in case anyone is still confused), and with the removal of some group policy options from the Windows 10 Pro SKUs. If you don’t have an MSDN subscription to download the ISOs for testing, you can grab the now on the TechNet Evaluation Center.
Here are the details…
Windows 10 Enterprise is designed to address the needs of large and midsize organizations by providing IT professionals with:
Windows 10, Version 1607 (also referred to as the Windows 10 Anniversary Update) offers new security features for both enterprises and end users, simplified deployment options for smaller organizations, and improvements to Cortana and Microsoft Edge.
Looking for information on specific features? See what’s new in Windows 10.
English (United States), English (Great Britain), Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Korean, Spanish, Portuguese (Brazil)
Windows 10 Enterprise, Version 1607 | 64-bit ISO
Windows 10 Enterprise, Version 1607 | 32-bit ISO
Windows 10 Enterprise LTSB, Version 1507 | 64-bit ISO
Windows 10 Enterprise LTSB, Version 1507 | 32-bit ISO
Note: Carefully read the information below before you continue with the download.
Things to Know
This is evaluation software that is designed for IT professionals interested in trying Windows 10 Enterprise on behalf of their organization. We do not recommend that you install this evaluation if you are not an IT professional or are not professionally managing corporate networks or devices.
Windows 10 Enterprise should work with the same devices and programs that work with Windows 8.1. In some cases, a device or program might not work or may require an update, or you might need to uninstall some programs and then reinstall them after installing the evaluation.
Downloading Windows 10 Enterprise could take a few hours. The exact time will depend on your provider, bandwidth, and traffic (ISP fees may apply).
To install a 64-bit OS on a 64-bit PC, your processor needs to support CMPXCHG16b, PrefetchW, and LAHF/SAHF.
BitLocker requires either Trusted Platform Module (TPM) 1.2, TPM 2.0 or a USB flash drive. Client Hyper-V requires a 64-bit system with second level address translation (SLAT) capabilities and additional 2 GB of RAM. Windows Hello requires specialized illuminated infrared camera for facial recognition or iris detection or a finger print reader which supports the Window Biometric Framework. Two factor authentication requires the use of a PIN, Biometric (finger print reader or illuminated infrared camera), or a phone with Wi-Fi or Bluetooth capabilities. Windows To Go requires advanced hardware. To learn more about USB drives certified for Windows To Go, please visit www.microsoft.com/WindowsToGo.
For the latest information on deprecated features and additional requirements to use certain features, please see Windows 10 Specifications. For technical questions, please visit the Windows 10 TechNet forums.
For those of you with the appropriate MSDN subscriptions you can now grab the 1607 builds for Home, Pro, Enterprise and Education from subscriber downloads. Take a look at the image below to get an idea of what’s available.
^ Scroll to Top
The updated ADK for 1607 is available here. I always recommend to download it locally for installation just in case you need to install it on multiple PCs, especially if you have a slow internet connection.
For those of you just getting started with Windows 10, here are some of the changes that the ADK introduced since Windows 8.1 was released.
The Windows ADK now includes Windows Imaging and Configuration Designer, the Windows Assessment Toolkit, the Windows Performance Toolkit, and several new and improved deployment tools that can help you automate a large-scale deployment of Windows 10.
See Getting started with Windows ICD for more information.
Users can now refresh or restore their PCs to the updated version of the system files, instead of having to reinstall each update individually.
Want to add more languages for users when they turn on their device? Instead of adding full language packs, save space by adding just the base user interface files for a language. Later, if your user needs handwriting or voice recognition capabilities, Windows can download them as needed.
For more information, see Language Packs (lp.cab).
This new Windows package type lets you request services like Microsoft .NET or languages without specifying the version. Use the DISM tool to search multiple sources like Windows Update or your corporate servers to find and install the latest version.
You can now run Windows directly from compressed files. This is similar to WIMBoot, introduced in Windows 8.1 Update 1. This new process uses individual files instead of a static WIM file. When updating system files, Windows now replaces the old files instead of keeping both copies.
Developers can package and share their trace in a zip file along with their trace session, annotations, and (optionally) loaded symbols with Windows Performance Analyzer.
See What’s New in the Windows Performance Toolkit for more information.
Windows Performance Recorder now supports querying providers. ProcessExeFilter is an optional attribute, allows providers to filter specific processes by their corresponding executable name.
See What’s New in the Windows Performance Toolkit for more information.
ailable for Windows 10 build 1607, perhaps the most important one for SBC/OEM is the new ADK…^ Scroll to Top
As we are now on the final days before the Anniversary Update rolls out to non-Windows Insiders, it’s worth visiting, or even revisiting, some of the resources that cover what’s new and what’s changed. I’m going to start with one of the topics that has received a bit of attention, which are the changes to Group Policy and MDM settings for Pro versus Enterprise/Education, which started appearing with 1511, but are continuing to change.
Telemetry levels (the applicability to Enterprise and Education is mentioned about half way through the post, this link should take you straight there.
Changes to Group Policy settings for Windows 10 Start – again, there is a note in here about settings that do not apply to Pro
With the future introduction of the Windows 10 E3 and E5 SKUs in the CSP program, there is going to be a more flexibility for smaller customers to get an Enterprise subscription, versus only being able to currently get it via some type of volume licensing agreement. We will need to see how this pans out, but from a technology perspective the demonstrations of this technology at Microsoft’s recent Worldwide Partner Conference was something that caught my attention.^ Scroll to Top
This week at WPC Microsoft have been discussing some of the most recent changes to EMS, which has now been rebranded from Enterprise Mobility Suite to Enterprise Mobility + Security to take into account some of the recent additions that focus heavily on security. Over the coming weeks I’ll have time to dig into these in more detail, but for now here are the related blog posts for the announcements.
Learn about the rebranding and the EMS E3 and EMS E5 SKU options.
This initial preview comprises two components:
With the latest Intune service update, there is a further expansion of the conditional access capabilities, which allows you to manage access to corporate email, files and other resources based on customisable conditions that ensure security and compliance, including location, risk, user, device, and app compliance. As conditions shift, access policies which are defined by IT are triggered to ensure that your corporate data is protected. And all this is done without on-premises gateways or appliances.
^ Scroll to Top