It’s been in preview for roughly a year, but Azure Active Directory Domain Services is now generally available. It definitely opens up some interesting integration between Azure IaaS and Azure AD, and is one of the considerations to take into account when planning out your Azure subscriptions and AAD namespace planning. It still currently is only exposed directly to classic virtual networks in Azure, but you can easily connect it to an ARM virtual network.
If you need more information on the virtual network requirements, take a look at Networking considerations for Azure AD Domain Services which covers Network Security Groups, subnets and port requirements, as well as having links to several other critical articles.
Now generally available, Azure Active Directory Domain Services general availability pricing will begin on December 1, 2016. The original pricing model, proposed during public preview, included three prices based on number of directory objects: 0–5,000, 5,000–25,000, and 25,000–100,000. Now we are combining the first two tiers into a single price point for all directories with under 25,000 objects and lowering the price by 25 percent. If your directory size is under 25,000 objects, you will continue to see usage listed against “S2 Domain Services Hours” on your invoice until December 1, 2016. After that, it will be renamed “S1 Domain Services Hours.” If your directory size is between 25,000 and 100,000 objects, you will see usage listed against “S3 Domain Services Hours” on your invoice until December 1, 2016, after which it will be renamed “S2 Domain Services Hours.” For more information, please visit the Azure Active Directory Domain Services Pricing webpage. To learn more about Azure Active Directory Domain Services, please visit the Azure Active Directory Domain Services webpage. Azure Active Directory Domain Services can provide scalable, high-performance, managed services such as domain-join, LDAP, Kerberos, Windows Integrated Authentication, and Group Policy support.^ Scroll to Top
Over the coming months I’ll be running several 4 day EMS training courses around the country for Microsoft. These have been updated to include information on Azure Active Directory Connect Health, EMS E3 and EMS E5 and more. There are still some seats available, so register now if you are interested.
Details below from https://blogs.msdn.microsoft.com/auspartners/2016/10/02/register-now-microsoft-enterprise-mobility-suite-technical-partner-training/
In this 4 day deep technical Boot camp consist of instructor-led technical content and hands-on labs covering Hybrid Identity and Access Management (Azure Active Directory Premium), Microsoft Device and Application Management (Intune), Information Protection (Azure Rights Management Service), identifying security threats to the datacentre (Advance Threat Analytics), and data protection in the cloud (Cloud App Security).
Cost: The registration fee for attending this training is $499 per person.
You are responsible for arranging your own travel and accommodations, including all travel-related costs.
Who Should Attend: Solution architects, pre-sales technical, and deployment roles who have existing competencies in devices and deployment, access and identity, management and virtualization, Office 365 and Azure related competencies.
Where & When:
Do you have a question? We would love to answer it please email firstname.lastname@example.org^ Scroll to Top
One of my favourite Windows 10 downloads has been refreshed again. I’ve been advised that there is ongoing work to further update some of the included components, so I’ve got my fingers crossed that another update will be available soon. These labs expire on November 23, 2016, and new ones should be available prior to that date, I’d love to speculate as to what will be included next time round, but it would just be that, speculation…
The Windows 10 Deployment and Management Lab Kit provides you with a hands-on lab environment for evaluating the latest Microsoft products and tools available for managing your Windows 10 deployment. The kit includes:
The lab includes the latest evaluation versions of:
Step-by-step lab guides
Illustrated lab guides take you through multiple deployment and management scenarios:
Windows 10 Deployment and Management Lab Kit system requirements
The lab supports the 64-bit editions of Windows 10 RTM and Windows Server 2012 R2. It must be imported to set up a lab once Hyper-V is installed.
The Hyper-V Host on which the Windows 10 PoC Lab needs to be imported must meet the following minimum specifications:
The required hardware will vary based on the scale of the provisioned lab and the physical resources assigned to each virtual machine.
Lab expires November 23, 2016. A new version will be published prior to expiration.
Things to Know
This lab kit contains evaluation software that is designed for IT professionals interested in evaluating Windows 10 deployment and management products and tools on behalf of their organization. We do not recommend that you install this evaluation if you are not an IT professional or are not professionally managing corporate networks or devices. Additionally, the lab environment is intended for evaluation purposes only. It is a standalone virtual environment and should not be used or connected to your production environment.^ Scroll to Top
In a recent post I mentioned the Innovation Days event that is happening in Sydney on September 17. If you haven’t registered yet, head on over to the registration site and reserve your place. Check out the session agenda here, and make sure you come along to my session at 4:10pm to hear more about the latest updates to Windows 10 and the Enterprise Mobility + Security suite.^ Scroll to Top
Please join us at the Windows Server 2016 Launch Breakfast Event.
As organisations move to the cloud at their own pace, Windows Server 2016 supports them through their transition. Whether running traditional workloads or the latest cloud-native apps and technology, users get added availability and new layers of security from the same OS that powers Azure. With the 2016 wave of hybrid datacentre solutions, new and enhanced features will help you make the most of your existing resources while delivering you the latest innovation. From enhanced security features, software-defined datacentre to the application platform, Windows Server 2016 offers new investments in cloud technology that will benefit your organisation today.
In addition, come learn how you can manage your on premise and cloud environments via a single pane of glass with Microsoft’s new System Center 2016 and Operations Management Suite
Mark O’Shea, Microsoft MVP will guide you through the hybrid discussion and how you can transform your datacentre today. Mark has been working with server technologies at Microsoft for over 20 years. His current focus is driving hybrid solutions with Windows Server and Azure. We look forward to you joining Mark and the Microsoft local team at this local event to discuss how next generation hybrid solutions can help your business.
It’s a session not to miss! Presentations and discussions will be illustrated through live demos, so make sure not to miss this opportunity!
Breakfast will be served on arrival. Please advise us in advance of any dietary requirements you may have. We look forward to seeing you there! Please RSVP early and forward to your colleagues:
Select your location:
Melbourne – 11th October Time: 7:45 AM – 11:00 AM Address: Vibe Savoy, 630 Little Collins St, Melbourne VIC
Perth – 18th October Time: 7:45 AM – 11:00 AM Address: Four Points, 707 Wellington St, Perth WA
Adelaide – 19th October Time: 7:45 AM – 11.00 AM Address: Sage Hotel, 208 South Terrace, Adelaide SA
Brisbane – 20th October Time: 7:45 AM – 11:00 AM Address: Hotel Urban, 345 Wickham Terrace, Spring Hill QLD^ Scroll to Top
Based on your feedback to have one grouping and targeting experience across Enterprise Mobility + Security, Microsoft is converting Intune Groups to Azure Active Directory (Azure AD)-based Security Groups. This new unified group management experience will keep you from having to duplicate groups between services, introduces dynamic grouping for Intune device properties, and provides extensibility using PowerShell and Microsoft Graph.
How does this affect you? A preliminary timeline and a high-level list of what to expect follows. While Microsoft knows many of you are looking forward to this new experience, the timelines shared below may shift. See the documentation page linked below for up-to-date information. Existing Intune customers will see no changes until they start group migrations in November.
|•||In September, some newly provisioned Intune service accounts will start seeing user-based group management and later device-based group management workflows from Azure AD integrated into their Intune console.|
|•||In November, they plan to start migrating existing customers to the new Azure AD based integrated grouping experience. They won’t start group migrations until they can minimize any impact to your day-to-day work and expect no end-user impact. They will also provide notice prior to your tenant’s migration. Once migrated, you’ll still be managing groups, just in Azure AD instead of Intune.|
|•||Documentation and updated migration timelines will be kept current on the grouping docs page. If you have questions or concerns please contact the migration team at email@example.com or support.|
New service functionality being introduced includes:
|•||Azure AD security groups will be supported in Intune for all types of deployments. Prior to this change, you may have used Intune groups for some and Azure AD groups for other types of deployments.|
|•||Azure AD security groups will support grouping of devices along with users, such as ‘all of IT’s test users and devices’ or ‘all of marketing iOS devices’.|
|•||Azure AD Security Groups will support dynamic groups with Intune device attributes, such as ‘put all iOS 8.0 devices into a group’ to get a specific policy.|
|•||‘Intune Service Administrator role’ added in Azure AD to allow Intune service admins to perform group management tasks in Azure AD.|
In addition to changes in group management, the following functionality will be deprecated:
|•||Excluding members or groups while creating a new group in Intune. Note that Azure AD dynamic groups will allow you to use attributes to create advanced rules to exclude members.|
|•||‘Ungrouped Users’ and ‘Ungrouped Devices’ groups|
|•||Service administrators’ ability to manage group access through Intune|
|•||Grouping of EAS devices. ‘All EAS Managed Devices’ group will be converted from a group to a report view.|
|•||Pivoting with groups in reports|
|•||Custom group targeting of notification rules|
What do you need to do to prepare for this change?
|•||Clean up any unwanted groups in your Intune environment.|
|•||By November or by the time you are migrated, discontinue use of the functionality being deprecated.|
|•||Familiarize yourself with how group management works in Azure AD by reviewing the more information link below.|
|•||If you have Intune admins who do not have permissions to create groups in Azure AD, request that your Azure AD administrator add them to a new Azure AD role called ‘Intune Service Administrator’.|
Link to more information, including up-to-date information: http://aka.ms/new_grouping_experience^ Scroll to Top
The latest build of the Windows 10 developer evaluation VMs are available for download, and contain the following.
These VMs run until 31/10/2016 and are available for VMWare, Hyper-V, VirtualBox and Parallels, and are approximately 20GB in size.^ Scroll to Top
Cloud and Datacenter Management Topics covered include Private, Hybrid and Public Cloud and the future of applications, integrating Cloud into your IT strategy/the challenges of the journey to the cloud, managing scalable applications to managing customer relationships through social platforms; Linux and Windows OS migration to public Cloud.
Data Analytics and Integration The world is moving faster than ever before, with more devices, more connections, more networks and new data. More than ever, to stay competitive, your business needs to move fast to process the large volumes of dynamically changing data. Learn how to be at the market frontier with enterprise analytics and unlock the power of your data in the cloud.
Identity Enterprise identity management has been primarily focused on access to employees and contractors. But as the industry has been perfecting how to serve employees, consumer identity has presented itself as a growth opportunity for businesses and identity professionals alike. Topics covered: Identity Management, Device Management and Identity as a Service.
I think it might be accurate to say that Windows 10 Enterprise has received more attention in the last month than it has received over the entire lifecycle so far for Windows 10, first of all with the E3 and E5 subscription options (which don’t replace the VL editions, just in case anyone is still confused), and with the removal of some group policy options from the Windows 10 Pro SKUs. If you don’t have an MSDN subscription to download the ISOs for testing, you can grab the now on the TechNet Evaluation Center.
Here are the details…
Windows 10 Enterprise is designed to address the needs of large and midsize organizations by providing IT professionals with:
Windows 10, Version 1607 (also referred to as the Windows 10 Anniversary Update) offers new security features for both enterprises and end users, simplified deployment options for smaller organizations, and improvements to Cortana and Microsoft Edge.
Looking for information on specific features? See what’s new in Windows 10.
English (United States), English (Great Britain), Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Korean, Spanish, Portuguese (Brazil)
Windows 10 Enterprise, Version 1607 | 64-bit ISO
Windows 10 Enterprise, Version 1607 | 32-bit ISO
Windows 10 Enterprise LTSB, Version 1507 | 64-bit ISO
Windows 10 Enterprise LTSB, Version 1507 | 32-bit ISO
Note: Carefully read the information below before you continue with the download.
Things to Know
This is evaluation software that is designed for IT professionals interested in trying Windows 10 Enterprise on behalf of their organization. We do not recommend that you install this evaluation if you are not an IT professional or are not professionally managing corporate networks or devices.
Windows 10 Enterprise should work with the same devices and programs that work with Windows 8.1. In some cases, a device or program might not work or may require an update, or you might need to uninstall some programs and then reinstall them after installing the evaluation.
Downloading Windows 10 Enterprise could take a few hours. The exact time will depend on your provider, bandwidth, and traffic (ISP fees may apply).
To install a 64-bit OS on a 64-bit PC, your processor needs to support CMPXCHG16b, PrefetchW, and LAHF/SAHF.
BitLocker requires either Trusted Platform Module (TPM) 1.2, TPM 2.0 or a USB flash drive. Client Hyper-V requires a 64-bit system with second level address translation (SLAT) capabilities and additional 2 GB of RAM. Windows Hello requires specialized illuminated infrared camera for facial recognition or iris detection or a finger print reader which supports the Window Biometric Framework. Two factor authentication requires the use of a PIN, Biometric (finger print reader or illuminated infrared camera), or a phone with Wi-Fi or Bluetooth capabilities. Windows To Go requires advanced hardware. To learn more about USB drives certified for Windows To Go, please visit www.microsoft.com/WindowsToGo.
For the latest information on deprecated features and additional requirements to use certain features, please see Windows 10 Specifications. For technical questions, please visit the Windows 10 TechNet forums.
For those of you with the appropriate MSDN subscriptions you can now grab the 1607 builds for Home, Pro, Enterprise and Education from subscriber downloads. Take a look at the image below to get an idea of what’s available.
^ Scroll to Top