3 Aug.
0

Updated Windows 10 Deployment and Management Lab Kit available

One of my favourite download recommendations for those looking into Windows 10 deployment and management scenarios is the Windows 10 Deployment and Management Lab Kit. This set of downloadable virtual machines comes in at just under 32GB, and this update includes some major updates to the included components and scenarios for testing.

The Windows 10 Deployment and Management Lab Kit provides you with a hands-on lab environment for evaluating the latest Microsoft products and tools available for managing your Windows 10 deployment. The kit includes:

Lab environment

The lab includes the latest evaluation versions of:

  • Windows 10 Enterprise, Version 1703 (Creators Update)
  • System Center Configuration Manager, version 1702
  • Windows Assessment and Deployment Kit for Windows 10, version 1703
  • Microsoft Deployment Toolkit (8443)
  • Microsoft Application Virtualization 5.1
  • Microsoft BitLocker Administration and Monitoring 2.5 SP1
  • Windows Server 2016
  • Microsoft SQL Server 2014

Step-by-step lab guides

Illustrated lab guides take you through multiple deployment and management scenarios:

Deployment and Management

  • In-Place Upgrade
  • Image Creation
  • Lite-Touch Deployment
  • Zero-Touch Deployment
  • BIOS to UEFI Conversion
  • Enterprise State Roaming
  • Enterprise Client Management
  • User Experience Virtualization
  • Managing Windows 10 with Configuration Manager
  • Windows 10 Provisioning
  • Microsoft Store for Business
  • Device Onboarding

Compatibility

  • Windows App Certification Kit
  • Windows Analytics – Upgrade Readiness
  • Browser Compatibility
  • Application Virtualization
  • Desktop Bridges

Security

  • Microsoft BitLocker Administration and Monitoring
  • Secure Host
  • Credential Guard
  • Device Guard: User Mode Code Integrity
  • Windows Information Protection
  • Windows Defender Advanced Threat Protection
  • Remote Access (VPN)

Languages

English (United States)

File

The lab kit consists of two self-extracting zip files: the lab environment and the lab guides.

Carefully read the information below before you continue with the download.

Windows 10 Deployment and Management Lab Kit system requirements

The lab supports the 64-bit editions of Windows 10 and Windows Server 2016. It must be imported to set up a lab once Hyper-V is installed.

The Hyper-V Host on which the Windows 10 PoC Lab needs to be imported must meet the following minimum specifications:

  • Hyper-V role installed
  • Administrative rights on the device
  • 300 gigabytes of free disk space
  • High-throughput disk subsystem
  • 32 gigabytes of available memory
  • High-end processor for faster processing
  • An External virtual switch in Hyper-V connecting to the external adapter of the host machine for internet connectivity named External 2
  • A Private virtual switch in Hyper-V for private connectivity between the virtual machines named HYD-Corpnet

The required hardware will vary based on the scale of the provisioned lab and the physical resources assigned to each virtual machine.

Lab expires September 14, 2017. A new version will be published prior to expiration.

Things to Know

This lab kit contains evaluation software that is designed for IT professionals interested in evaluating Windows 10 deployment and management products and tools on behalf of their organization. We do not recommend that you install this evaluation if you are not an IT professional or are not professionally managing corporate networks or devices. Additionally, the lab environment is intended for evaluation purposes only. It is a standalone virtual environment and should not be used or connected to your production environment.

^ Scroll to Top
 20 Jul.
0

Inspire 2017 Windows 10 And Devices Session Recordings

Following up from the last post on Inspire’s EMS session recordings, this post includes the links to the recorded sessions for Windows 10 as well as some of the devices sessions.

ODR07p-R Reduce customer TCO and stay profitable with Windows

With pressure to reduce costs, customers are increasingly looking to optimize and reduce spend in hardware and line items around deployment, management, and support. Join us to hear how Windows 10 enables customers to cut costs without putting your profitability at risk.

Watch Video

ODR04p-R How to accelerate your device sales with intelligent investments

Come hear partner success stories for maximizing investments, and learn how to utilize key levers to help grow your business, such as the new ProWins incentives, Device Deployment, Device Days, benefits of shifting to Electronic Software Distribution (ESD), digital marketing resources, and more!

Watch Video

WIND03 Building better business opportunities with Microsoft Devices Partner Programs

In working with partners to land the premium position and value of Microsoft devices, we have captured the key learnings that are working in market to build into new and existing devices partner programs and resources to enable partners to capitalize on customer opportunities in the year ahead.

Watch Video

WIN04p Windows 10 S for commercial customers: Start focused and expand in the future

We just announced Windows 10 S and even though its initial focus is for the education sector there are scenarios in commercial customers where it provides great value, and these scenarios will only increase in the future.

Watch Video

WIN08 Detect and respond to advanced and targeted attacks with Windows Defender ATP

Windows Defender Advanced Threat Protection (WD ATP) enables enterprises to detect, investigate and respond to attacks on their networks. Organizations can address post-breach situations to determine the scope of breach and bring the organization back to a pre-breach state using threat intelligence.

Watch Video

WIN09 Windows in CSP: What’s new, what’s coming, and why you should include Windows in your managed service offerings

An overview of the current and upcoming Windows in CSP offerings plus best practices for delivering Windows as a partner managed service.

Watch Video

WIN11p Selling the value of Windows Enterprise 10 to commercial customers

Windows 10 Enterprise will continue to be an important part of how we go to market with Secure Productive Enterprise. There are several new and updated tools available to partners to support the sales of Windows 10 and Secure Productive Enterprise. These are presented during the session.

Watch Video

WIN13 Accelerate Windows Pro devices sales

In this session, hear the latest program information, along with changes to the ProWins Program starting in FY18.

Watch Video

WIN14p What’s new in Windows 10 security: Raising the bar of security once again with the Creators Update

Disrupting the current generation of cyber-threats requires a platform with revolutionary security capabilities and the Windows 10 Creators Update rises to the occasion. We also cover how Windows 10 security capabilities join those in Office 365, our Server & Tools products, and Microsoft Azure.

Watch Video

WIN08 Detect and respond to advanced and targeted attacks with Windows Defender ATP

Windows Defender Advanced Threat Protection (WD ATP) enables enterprises to detect, investigate and respond to attacks on their networks. Organizations can address post-breach situations to determine the scope of breach and bring the organization back to a pre-breach state using threat intelligence.

Watch Video

WIN09 Windows in CSP: What’s new, what’s coming, and why you should include Windows in your managed service offerings

An overview of the current and upcoming Windows in CSP offerings plus best practices for delivering Windows as a partner managed service.

Watch Video

WIN15 Reinventing services around the modern desktop with Windows Analytics

GSI and partners are looking for potential opportunities to collaborate with Microsoft and Windows 10 as part of the big deployment process happening worldwide. Learn about the AppCompat readiness process to create transformational consulting services and business applications for Windows 10.

Watch video

^ Scroll to Top
 19 Jul.
0

Inspire 2017 Enterprise Mobility + Security Session Recordings

Following up from the last post on Inspire’s Microsoft 365 session recordings, this post includes the links to the recorded sessions for Enterprise Mobility + Security as well as some of the standalone components.  I had a chance to see a couple of these in person, including the sessions by @vladpetrosyan and @markmorow and had a chance to catch up with some of the other presenters in the expo hall between sessions.

CE400 How to take your security practice to the next level: Partner programs and resources

Join our Mobility + Security team to hear best practices adopted for using the Microsoft Secure message to get buy-in from senior decision makers, options for landing the value propositions for EMS, accelerate security sales and generating revenue during each stage of this process.

Watch Video

CE411p Identity-driven security through conditional access

Conditional access provides the control and protection needed to keep corporate data secure, while giving teams an experience that allows them to do their best work from any device. Allow or block access or challenge users with multi-factor authentication, device enrollment, or password change.

Watch Video

CE412p Secure your complete data lifecycle using Azure Information Protection

Data is traveling to more locations than ever. It’s hard to identify sensitive data and protect it against accidental or malicious breaches. Learn how classifying, labeling and protecting data using Azure Information Protection can help you secure data throughout its complete lifecycle.

Watch Video

CE413p Protect your network from malicious attacks with Microsoft Advanced Threat Analytics

Inside-out security is necessary with our current mobile and connected workforce, and having eyes and ears on your network will help your customers be prepared. Microsoft Advanced Threat Analytics uses behavioural analytics, machine learning, and deterministic detections to detect advanced threats.

Watch Video

CE414 Identity-driven security

As organizations adopt cloud and mobile technology, identity is more critical to cybersecurity than ever before. In this session, we look at how Microsoft identity-based security solutions work together for a holistic approach to protection.

Watch Video

CE415 Managed mobile productivity

Protecting corporate data is one of IT’s biggest challenges. Enterprise Mobility + Security (EMS) helps to overcome your data protection challenge, access resources on any device, anywhere and simplify management of your enterprise mobility management needs.

Watch Video

^ Scroll to Top
 19 Jul.
0

Inspire 2017 Microsoft 365 Session Recordings Available Now

Last week at Inspire 2017 Microsoft announced the Microsoft 365 suite offerings. For those of you who weren’t at the event, or were at the event but missed some of the sessions, many of the session recordings are available for watching now.

WIN01 Grow your business with Modern IT

As businesses seek to transform their products, tools, and operations, they need a world class platform built for the digital economy. Windows 10, Office 365, and Microsoft Enterprise Mobility + Security enable IT to deliver cloud-powered modern IT, advanced security, and more productive experiences

Watch Video

WIN05p New, integrated Office 365 and Windows solution for small and midsize businesses delivers more value, and streamlines CSP managed service offerings

Microsoft innovation delivers new value for your small and midsize business customers and fresh opportunities to expand your CSP practice. Learn about the new, comprehensive offering that enables you to help organizations be more productive and less vulnerable to security threats.

Watch Video

WIN16 New, integrated Office 365 and Windows solution for small and midsize businesses delivers more value, and streamlines CSP managed service offerings

Microsoft innovation delivers new value for your small and midsize business customers and fresh opportunities to expand your CSP practice. Learn about the new, comprehensive offering that enables you to help organizations be more productive and less vulnerable to security threats.

Watch Video

OFC01 Extend your portfolio and profit potential with Microsoft 365 Business: a new, integrated solution for small and midsize businesses

Get ready to deliver Microsoft 365 Business for your small and midsize business customers. This offering harnesses the leading capabilities of flagship products in a single solution that enables customers to be more productive while protecting their data on virtually any device.

Watch Video

OFC02 Microsoft 365 Enterprise: a single, trusted solution to grow your managed services practice

Enterprise Mobility + Security—you can deliver one solution that empowers staff productivity while enabling organizations to meet security and compliance mandates. Understand the value and opportunities for your valued-added services.

Watch Video

OFC03 Microsoft 365 Business for small and midsize businesses delivers more value, streamlines CSP managed service offerings

Microsoft innovation delivers new value for your small and midsize business customers and fresh opportunities to expand your CSP practice. Learn about the new, comprehensive offering that enables you to help organizations be more productive and less vulnerable to security threats.

Watch Video

OFC06 Microsoft Workplace Analytics: Deepen engagement, improve productivity, win deals

Office 365 Workplace Analytics transforms digital exhaust into actionable insights that enable managers to maximize their organizations’ time and resources. Discover how Workplace Analytics enhances businesses and helps partners win deals by enhancing their existing solution sets.

Watch Video

^ Scroll to Top
 17 Jul.
2

New Office 365 Desktop Application Deployment Capabilities In Microsoft Intune

Over the last couple of months we’ve seen different ways of deploying Microsoft Office 365 Pro Plus to Windows 10 PCs, first up we saw the option inside of Intune for Education, and then last week at Inspire we saw how this works from the Office 365 portal in Microsoft 365 Business. For those who aren’t using either of those options, but still want an incredibly easy way to deploy Office 365 Pro Plus and Office 365 Business.

First of all, in the Azure Portal, open the Intune blade and click on Mobile apps.

Once in Mobile apps, you can see more options for app management, and we start by clicking on the Apps link.

I’ve already synchronised this account with Windows Store for Business, so you can see some of the default apps that it adds to the app list. From here we click Add.

 

From the drop down we choose Office 365 Pro Plus Suite (Windows 10), which as you will see also works for those of you with Office 365 Business or Office 365 Business Plans.

Starting with Configure App Suite, it’s not very likely that you will need to select all of the options, but in this case I’ve just done it to make sure I get all of the application icons exposed.

Next up is App Suite Information, all we really need to do here is populate the Suite Name and Suite Description fields, the others are either pre-populated or not required.

App Suite Settings gives the chance to select 32 or 64 bit, Update Channel, EULA and shared computer activation, along with additional languages.

Once configured we Add the app.

The blue notification bar advises that we need to Assign application to at least one user group, ‘Click Assignments’.

I’ve already got a group set up for deployment, so I can Select that group.

Next I will make the app Required to kick start the installation process on the client.

 

Switching over the Intune MDM enrolled Windows 10 client, you can see that the Click-To-Run installer pieces are running, as displayed in Task Manager.

As this is going to be over 1GB in size, it might take a while to download, depending on your connection speed.

Once the installation is complete you we can see the Office Pro Plus applications on the Start menu.

Here’s where the Pro Plus versus Business conversation starts. As you can see, the expected version of Office is installed. However, it hasn’t automatically activated because this user doesn’t have  Pro Plus/E3/E5 license assigned, they only have Office 365 Business.

If I close Word and then reopen it, you can see that the edition has changed from Pro Plus to Business, no additional configuration required.

And finally, once Office has been reconfigured itself as office 365 Business, everything is ready to go.

^ Scroll to Top
 10 Jul.
0

Microsoft 365 Suites Announced Today

Today at Inspire 2017, the Microsoft 365 Business suites were announced, with Microsoft 365 Business offering a combination of Windows 10 Pro management enhancements, a subset of Enterprise Mobility + Security (EMS) and Office 365 Business Premium subscriptions. Also introduced was Microsoft 365 Enterprise offerings, which are also known the Secure Productive Enterprise (SPE). These include the E3 and E5 versions of Office 365, EMS and Windows 10 Enterprise, think of this is a version for smaller, more price sensitive customers delivered via an integrated Admin Console. For this post I’ll focus on Microsoft 365 Business as it is the new kid on the block.

As the announcements above  are still fresh and it will take a while to address all of the details, I’ll be watching this carefully at Inspire this week and paying attention to the questions that are asked of the presenters, and catching up with some of the members of the Windows 10 team to get further details of what they have done. With what we know already the easiest, and best known component is Office 365 Business Premium. This is available today, and like the other Office 365 Business plans allows a maximum of 300 licenses to be assigned to users. It’s usually priced somewhere around half the price off Office 365 Enterprise E3, so it’s a great option for those who don’t need some of the more advanced options of the E3 SKU.

What are some of the major differences? Instead of focusing on all of the differences between Office 365 Business Premium and E3 SKUs, instead let’s focus on the differences that are important from the BCS versus SPE conversation. One of the big ones here is that the version of the desktop Office suite included in Business doesn’t provide all of the functionality that is included in Office 365 Pro Plus, which is part of the Office 365 E3 offering. Why is this important? With SPE E5, you get the traditional rights management capabilities of Office 365, alongside the advanced labelling and data classification capabilities of Azure Information Protection. Office 365 Pro Plus includes the RMS capabilities natively, whereas the version included with Office 365 Business and Business Premium doesn’t include those capabilities. This has been an issue I’ve had to raised in the past with some customers looking to leverage the full functionality of Office 365 Business Premium alongside an EMS subscription.

The enhanced Windows 10 Pro management experience will be delivered by a subset of Intune capabilities, and we’ve already seen how Intune functionality can be exposed and simplified in different ways like they have done with Intune for Education. This customised management experience provides simplified management, including a simplified approach to deploying the Office 365 desktop apps. Based on some of the features that have been discussed, it seems that like Intune for Education it also includes at least some of the capabilities of Azure Active Directory Premium P1, so for now I’ll assume the feature set is similar until I get clarification. Some of the Intune for Education AAD capabilities include MDM auto-enrol, password write-back, dynamic group membership, Enterprise State Roaming and more than ten SaaS apps per user, so I’m hoping the list is similar for Microsoft 365 Business. So while some elements of this I’m still unsure of, I think we have a good starting point.

Obviously there are plenty of missing details from this post, but I’ll tackle them as I get more answers over the week while in Washington D.C. at Inspire.

Update

Below are some of the resources that have just gone live, I’ll be adjusting this post as I review all of the available material.:

Partner resources

Understand the value of Microsoft 365 Business to your customers and your practice.

Sales readiness

Get your team ready to sell Microsoft 365 Business.

Technical readiness

Ensure your IT and adoption experts have what they need to deploy Microsoft 365 Business and onboard customers.

^ Scroll to Top
 1 Jul.
0

Windows Autopilot Resources

Last week saw public announcements for the Windows Autopilot technologies, as well as some of the additional capabilities coming up in the Windows 10 Fall Creators Update which will be released later this year. Windows Autopilot allows OEMs, distributors and resellers to link a device to an organisation, which means that even before the user signs in for the first time the device can start receiving customisations based on group membership.

At it’s core, Windows Autopilot allows a brand new PC to be issued to users who can then use their internet connection to sign in with their Azure Active Directory credentials, which can easily be synchronised with their on-premises Active Directory with Azure Active Directory Connect. The device is automatically enrolled in the company’s MDM solution e.g. Microsoft Intune, and then the device will start receiving applications and policies based on the user and device group memberships.

 

For more information check out the following posts and articles

Modernizing Windows deployment with Windows AutoPilot

Overview of Windows AutoPilot

Delivering the Modern IT promise with Windows 10

^ Scroll to Top
 5 May.
0

Intune for Education Resources

I’m in the final stages of content preparation for the upcoming Microsoft Australia Education Partner national roadshow, and one of the key technologies I’ll be covering is Intune for Education. I covered this briefly back when it was first announced, but now it’s live and it’s time to highlight some of the resources that are available now.

Overview

Get Started Guide

What is Intune for Education?

What is Express Configuration?

After the events kick off I’ll record a few of the demonstrations and post them so that you can see what we are showing around the country.

^ Scroll to Top
 22 Apr.
0

Communication from the Microsoft Intune Team – Welcome to the new Intune on Azure Experience

One of the Intune tenants I managed received the following via email today, a huge step to encourage people to start using the new Intune on Azure experience. Of course the first thing I checked was whether the blades still said “Preview”, because I didn’t read the full text of the message, so I had to go back and check it again, where it explains “We will remove the “Preview” tag once we meet our engineering bar for the new Intune experience” – yes, it does pay to read the full text instead of just skimming over it… but on a positive note… good night Silverlight, don’t let the bed bugs bite.

 

 

Having trouble viewing this email? View as a webpage.
Microsoft Intune
Welcome to the new Intune on Azure admin experience! Now that your groups and users are migrated to Azure AD grouping and targeting, you can use the new Intune admin experience at portal.azure.com. Login with your Intune admin credentials on any
supported modern browser for the Azure console, add Intune as a favorite in the Azure service menu, and enjoy streamlined management of core Enterprise Mobility + Security (EMS) workflows across Azure AD and Intune.

Getting Started

The new portal is a big, but welcome change for many of you accustomed to the classic Intune Silverlight-based experience. Watch a new Microsoft Mechanics video that highlights the new Intune on Azure admin experience. Below, you’ll find links to new documentation to help you get acquainted with the new look and feel.

Updates to Microsoft Intune on Microsoft Azure
Where did my Intune feature go in Azure? The service is rebuilt from the ground up and integrated with Azure AD. The doc here has many useful tips on where to find your favorite feature.
What is the Azure portal preview? Read more here.
Download the Intune on Azure infographic posted here and share with your team.
What’s New?

While migrations are underway for all Intune customers, you’re welcome to use both the Intune on Azure and the classic Intune experience. New features/functionality will be added to the Intune on Azure experience. We will remove the “Preview” tag once we meet our engineering bar for the new Intune experience, but rest assured the new console is already fully supported by our support team. You can always find information on new features at our
What’s New in Intune on Azure page. If you don’t see a feature you want, let us know (or vote up) the item in the Intune User Voice.

And our Favorite…

Finally, we’re very excited for the addition of Microsoft Graph API and have been building out documentation and references for your use. Graph API provides a unified endpoint (REST API) across EMS, Office 365 and Azure. With Graph API, you will be able to automate common tasks from a command line and make it easier to integrate Intune with your existing systems and workflows. Graph API functionality will give you more flexibility than ever before to manage and secure your enterprise. Please read more about Graph API and Intune
here.

Thank you for being an Intune customer, and we hope that you will enjoy the new Intune on Azure experience!

The Intune team

Microsoft
Microsoft Corporation | One Microsoft Way Redmond, WA 98052-6399

This message was sent from an unmonitored email address. Please do not reply to this message.

Legal | Privacy

^ Scroll to Top
 20 Apr.
0

Intune April 2017 Updates

Earlier today I posted about the new features for Intune in the Azure Portal, and below are the general updates for the month. There are updates across MyApps, Managed Browser, Company Portal and Windows 10 Bulk Enrollment amongst others.

 

New capabilities

MyApps available for Managed Browser

Microsoft MyApps now have better support within the Managed Browser. Managed Browser users who are not targeted for management will be brought directly to the MyApps service, where they can access their admin-provisioned SaaS apps. Users who are targeted for Intune management will continue to be able to access MyApps from the built-in Managed Browser bookmark.+

New icons for the Managed Browser and the Company Portal

The Managed Browser is receiving updated icons for both the Android and iOS versions of the app. The new icon will contain the updated Intune badge to make it more consistent with other apps in Enterprise Mobility + Security (EM+S). You can see the new icon for the Managed Browser on the what’s new in Intune app UI page.+

The Company Portal is also receiving updated icons for the Android, iOS, and Windows versions of the app to improve consistency with other apps in EM+S. These icons will be gradually released across platforms from April to late May.+

Sign-in progress indicator in Android Company Portal

An update to the Android Company Portal app shows a sign-in progress indicator when the user launches or resumes the app. The indicator progresses through new statuses, beginning with “Connecting…”, then “Signing in…”, then “Checking for security requirements…” before allowing the user to access the app. You can see the new screens for the Company Portal app for Android on the what’s new in Intune app UI page.+

Block apps from accessing SharePoint Online

You can now create an app-based conditional access policy to block apps, which don’t have app protection policies applied to them, from accessing SharePoint Online. In the apps-based conditional access scenario, you can specify the apps that you want to have access to SharePoint Online using the Azure portal.+

Bulk Enroll Windows 10 devices

You can now join large numbers of devices that run the Windows 10 Creators update to Azure Active Directory and Intune with Windows Configuration Designer (WCD). To enable bulk MDM enrollment for your Azure AD tenant, create a provisioning package that joins devices to your Azure AD tenant using Windows Configuration Designer, and apply the package to corporate-owned devices you’d like to bulk enroll and manage. Once the package is applied to your devices, they will Azure AD join, enroll in Intune, and be ready for your Azure AD users to log on. Azure AD users are standard users on these devices and receive assigned policies and required apps. Self-service and Company Portal scenarios are not supported at this time.

^ Scroll to Top

%d bloggers like this: