28 Apr.

Windows 10 Enterprise Data Protection Documentation Is Online

For those of you on Insider builds of Windows 10 or Windows 10 Mobile you can now start testing out the EDP capabilities. Note that you need one of the following management solutions in order to test it out – Intune, Config Manager 1511 (or later) or a 3rd party MDM solution.

Protect your enterprise data using enterprise data protection (EDP)

Create an enterprise data protection (EDP) policy

Create an enterprise data protection (EDP) policy using Intune

Create and deploy an enterprise data protection (EDP) policy using Configuration Manager


^ Scroll to Top
 28 Apr.

Azure Import/Export Service Now Live In Australia

While this hasn’t been a showstopper for most that need the service, having to ship to an overseas datacenter is something that can now be avoided when you want to use the Import/Export Service. The service allows you to ship up to 8TB 3.5 SATA II/III drives that have been prepared following the instructions that Microsoft provides.

If you need more information take a look at Use the Microsoft Azure Import/Export Service to Transfer Data to Blob Storage for more details.

This is live for Australia East and Australia Southeast, so nobody needs to start arguments over which football code is better, instead you can focus on getting large chunks of data into the cloud.



^ Scroll to Top
 22 Apr.

Microsoft Intune April 2016 Updates

Listed below are the details of the Intune updates for April 2016, and as per usual there are likely a few that are particularly applicable to your environment.


All of the April 2016 features are also supported for hybrid customers (Configuration Manager integrated with Intune).

App management

  • MAM user compliance.
    You can now view the status of your application management policies for any user in your Azure Active Directory (AAD) tenant. This includes:

    • Devices
    • Apps on the device

    Status values:
    Checked in: Indicates the policy was deployed to the user, and app was used in work context, and successfully received the policy.
    Not checked in: Indicates the policy was deployed to the user, but app has not been used in the work context since then.

  • MAM controls to prevent Outlook contacts sync (Android).
    A new setting is available for mobile application management without device enrollment. This setting allows you to prevent an application from syncing contacts to the native address book on Android devices. When this setting is enabled, targeted applications will no longer be able to save contacts to the native address book. When this setting is disabled, targeted applications will be able to save contacts to the native address book. When you remotely wipe a device or app, contacts that have already been saved to the native address book will be removed. This new setting is supported initially by the Outlook application on Android devices.

Device management

  • Phone number identification for corporate-owned devices. Phones that are categorized as “Corporate” are now identified with their full phone number when, for example, you run a mobile device inventory report. BYOD phone numbers continue to be masked with ****, with only the last 4 digits displayed.

Company portal updates

Android Company portal app
Users who have not enrolled their device in Intune and who do not have the correct certificate installed will not be able to sign in to the Android Company Portal app and will see the message, “You cannot sign in because your device is missing a required certificate.” The message includes a “How to resolve this” link that users can tap to see instructions for installing the certificate. To see the steps that end users follow to resolve the issue, see Your device is missing a required certificate.

Windows 10 Mobile and Windows Phone 8.1 Company Portal app
When end users are installing line-of-business apps, they will now see an improved app installation experience. If the app installation is taking a long time, users can manually sync their device to force the sync process to resume. To review the end-user instructions, see Sync your device manually to speed up app installations.

Company Portal website
When Windows 10 Mobile and Windows Phone 8.1 users are installing line-of-business apps, they will now see the following new statuses, which provide them with more detail about the status of their installation:

  • Waiting for device to sync – the user has tapped “Install” and the device now tries to sync with the Intune infrastructure. The sync is required before the installation can complete. The “Waiting for device to sync” message is also a link that users can tap to see instructions on how to manually sync their device with Intune if the sync process is taking a long time or gets stalled.
  • Downloading – the user’s download request is being processed and the device is downloading and installing the app.

Before these statuses were added, users got confused if an app installation took a long time, because they saw only an “Installing” status, which might remain on the screen for hours. Adding the new statuses means that, instead of calling support, users can now tap the “Waiting for device to sync” link and follow the instructions to force the sync process to resume.

What’s coming

Changes to Device Enrollment Managers accounts. To improve performance and scale, Intune will no longer show all Device Enrollment Managers (DEM) devices in the My Devices pane of the Company Portal app. Only the local device running the app is displayed, and only if it is enrolled via the Company Portal app. The DEM user may perform actions on the local device, but remote management of other enrolled devices can only be performed from the Intune admin console. Additionally, Intune will deprecate using DEM accounts with either the Apple Device Enrollment Program or the Apple Configurator tool. Both these enrollment methods already support user-less enrollment for shared iOS devices. Only use DEM accounts when user-less enrollment for shared devices is unavailable.

Keep informed about upcoming developments for Intune with the Cloud Platform roadmap.

^ Scroll to Top
 1 Apr.

Upcoming MVA Event – Deploying Windows 10: Automating Deployment by Using System Center Configuration Manager

Not something I’ll be joining live due to the time zone differences, this is definitely one I’ll watch when it is made available on demand.

Deploying Windows 10: Automating Deployment by Using System Center Configuration Manager

Looking to use System Center Configuration Manager (SCCM) to automate deployment of Windows 10? Join experts Aaron Czechowski and Wally Mead as they step you through it. Windows 10 represents a major paradigm shift for Microsoft and the Windows ecosystem in general as we modernize the platform by introducing “as a service” capabilities. Hundreds of millions of devices are already running Windows 10 today. Businesses are beginning to evaluate the new capabilities of Windows 10, including Windows as a service, as part of their deployment plans. With Windows 7 recently transitioning into extended support, businesses need to begin planning for the future of their Windows operating system environment.

Although there are many aspects to consider in managing a Windows device, one of the essential early stages of the lifecycle is deployment. More than 70 percent of businesses use System Center Configuration Manager for PC management, and that market share continues to grow every quarter. SCCM is an industry leader, and the Operating System Deployment (OSD) feature is one of the most popular and frequently used. The product supports many traditional operating system deployment methods, in addition to newer Windows 10 deployment scenarios, such as in-place upgrade. Join us, and get your questions answered.

Note: Want a head start? Take a look at the free e-book from Microsoft Press, Deploying Windows 10: Automating deployment by using System Center Configuration Manager.

Course Outline:
  • Preparing Your Environment for System Center Configuration Manager
  • Configuration Manager Operating System Deployment Concepts
  • Deploying and Supporting Windows 10
Instructor Team
Aaron Czechowski | Senior Program Manager, Microsoft Enterprise Client Management | @AaronCzechowski

Aaron Czechowski is a Senior Program Manager with Microsoft in the Enterprise Client Management product team working on Microsoft System Center Configuration Manager, System Center Endpoint Protection, and the Microsoft Deployment Toolkit. He specializes in Windows deployment, Windows as a service, and ConfigMgr as a service.

Wally Mead | Principal Program Manager, Cireson | @Wally_Mead

Wally Mead is a Principal Program Manager at Cireson. He works in the Partner and Community Enablement (PACE) team, which helps prepare Cireson partners to be successful with the Cireson products. He also focuses on the improvement and development of products, and he drives further innovation between Configuration Manager and Cireson apps. In addition, Wally continues to provide education for the community through presenting webinars and speaking at conferences, such as TechEd, System Center Universe, and Midwest Management Summit. He also conducts training courses and assists the community on the Microsoft TechNet forums.

^ Scroll to Top
 29 Mar.

March 2016 Updates For Intune

Below you will find the details of all of the updates for Intune for March 2016, but I’ll call out some of the ones that will have an immediate impact for me.

Manage the Microsoft Outlook app with MAM policies for devices not enrolled in Intune – any additional Office mobile app support with MAM without relying on MDM enrollment is a good thing as far as flexibility in deployment is concerned.

Find, manage, and distribute Windows Store for Business apps for Windows 10 devices from the Intune administrator console – this has the side benefit of blocking access to the consumer oriented Windows Store, while still allowing access to the business store.

Read on to see what else has changed this month.

App management

  • Take advantage of iOS “Open-in” management for devices that are enrolled in a third-party MDM solution
    You can use your third-party mobile device management (MDM) vendor to take advantage of iOS “Open-In” management. You can set the restrictions in the configuration profile settings and deploy the app using your MDM software. When the user installs the managed app, the restrictions are applied. Read the details: Microsoft Intune mobile app management policies and iOS Open In.

    This approach has two main benefits:

    1. Users are required to log in with their work account before they get access to any corporate data from Cloud Services or other apps. This ensures that mobile app management (MAM) policies are in place when the data is accessed.
    2. Managed email profiles and other managed apps deployed through a third-parter MDM solution can share files and data with the apps that have Intune MAM policies.
  • Manage the Microsoft Outlook app with MAM policies for devices not enrolled in Intune
    You can now manage the Microsoft Outlook app on devices that are not enrolled in Intune with the Intune mobile application management policy. The updated Microsoft Outlook app with the MAM capabilities is available for both iOS and Android devices. Use the instructions in the Create and deploy mobile app management policies topic to create a MAM policy.
  • Mobile app configuration policies give you more flexibility to specify user details for iOS apps
    You can supply user settings that an iOS app might need when it is opened. For example, you can supply a network port, or a user name. For details, see enter link description here.
  • Deploy Adobe Reader for Microsoft Intune to Intune-managed iOS devices in your enterprise
    The Adobe Reader app for iOS can now be managed on enrolled devices with the Intune mobile application management policy.
  • Microsoft apps that support MAM
    The list of Microsoft apps you can use with Intune mobile application management policies has been updated to include the latest apps (for devices that are enrolled with Intune only).
  • Ensure deployed web clips are opened in the managed browser
    You can deploy targeted web clips that can only be opened using the managed browser on iOS and Android devices. For example, you deploy links to corporate resources through the Company Portal, and when users navigate to the links, they open directly into the managed browser where they can be protected by MAM policy. For details, see Deploy apps to mobile devices.
  • Find, manage, and distribute Windows Store for Business apps for Windows 10 devices from the Intune administrator console
    Support for Windows Store for Business is available in Intune to help you find, manage, and distribute apps to the Windows 10 devices you’re managing. Windows Store for Business lets you manage the process of deploying and monitoring these apps from the Intune administrator console—the same console you use to manage your other apps. Specifically, Windows Store for Business manages the content and licensing of “online licensed apps”. For details, see Manage apps you purchased from the Windows Store for Business.

Device management

  • PFX certificates distribution for iOS devices
    Intune administrators can create and deploy iOS PFX certificates for Wi-Fi, email, and VPN authentication on iOS devices. This feature is already available for Android and Windows 10 devices. For details, see Enable access to company resources using certificate profiles .
  • Apply apps and policies to different device groups based on user category selection
    Intune administrators can now define custom device categories for users to select from during enrollment. For example, administrators might want their users to specify if they’re enrolling a device used for the “Cash Register” or “Delivery Truck” or “Inventory Room.” The category selected will cause the device to become a member of an Intune device group, which can be used for deploying different apps and policies to the enrolled device. For details, see Categorize devices with device group mapping.

Changes and updates to Microsoft Company Portal

The following changes have been made to the Company Portal in this release.

Android Company Portal app

  • When your users launch an app that is managed by mobile application management (MAM), they will see a message notifying them that the app is managed by their company. Users can now tap a “Learn More” link to get more information here about what “managed apps” means. They can also tap “Don’t Show Again” so that the message no longer appears when they launch the app.
  • New screens have been added to guide users through the enrollment process and provide more information about why users should enroll and what IT administrators can and can’t see on their enrolled devices. See the enrollment instructions for details.
  • Enrollment error messages are now displayed in the Company Portal app. Previously, these messages appeared in the Company Portal website. Making this change means that all error messages now appear in just one place instead of two different places.

iOS Company Portal app

  • When your users launch an app that is managed by mobile application management (MAM), they will see a message notifying them that the app is managed by their company. Users can now tap a “Learn More” link to get more information here about what “managed apps” means. They can also tap “Don’t Show Again” so that the message no longer appears when they launch the app.
  • New screens have been added to guide users through the enrollment process and provide more information about why users should enroll and what IT administrators can and can’t see on their enrolled devices. See the enrollment instructions for details.
  • Enrollment error messages are now displayed in the Company Portal app. Previously, these messages appeared in the Company Portal website. Making this change means that all error messages now appear in just one place instead of two different places.
^ Scroll to Top
 27 Mar.

My Build 2016 Watchlist

Build 2016 is coming up this week, so I thought I’d review the session list to bring you the list of the sessions I’ll be watching as they become available on MSDNs Channel 9 video site. I’ve picked sessions that are related to things I’m personally interested in, but I’m sure once you look at the full list you will probably find a few more sessions that you will want to take a look at. I’ve included some sessions that cover Windows on the desktop, Windows Server 2016, Azure solutions, IoT as well as some that are entertainment focused for those of you on the gaming and media playback side of things, as well as the one and only HoloLens.

Keynote Presentation

Microsoft continues to focus on enabling developers to do amazing work as businesses and industries transform in support of the shift to a cloud-first, mobile-first world. At Build 2016 we will present the latest tools and technologies and how they can help today’s developers be their most creative and productive.

Windows in the Enterprise

Windows 10 is seeing great momentum in the enterprise. What does it mean for you as either an IT Professional or Enterprise Developer? Rob Lefferts will look at the things you should know about Windows today and how you should think about it in your organization going forward.

Windows Advance Threat Protection Service

Windows Defender Advanced Threat Protection (ATP) is a new service built into Windows 10 enabling enterprises to detect, investigate, and respond to advanced attacks on their networks. Windows Defender ATP adds a new “post-breach” layer of protection to the Windows 10 security stack. Combining client technology with cloud-based analytics, Windows Defender ATP is able to detect attackers and threats that have evaded other defenses, and enables enterprises to investigate the potential scope of breach across endpoints, and providing relevant Threat Intelligence and response recommendations. In this session we will show you an end-to-end demo, starting with an attack and investigating the attack using the Windows Defender ATP portal.

Microsoft Edge: What’s Next for Microsoft’s New Browser and Web Platform

In 2015, Microsoft launched its first new browser in 20 years: Microsoft Edge. After 8 months, it’s on a great trajectory but we’re just getting started. Join us to learn about the progress we’ve made, feedback we’ve heard, and a whirlwind tour of improvements coming soon. This will include extensions and other new end-user features, plus many new developer features across the HTML/CSS/JavaScript and web app platform, and new Enterprise-focused features for IT Pros.

Designing for Larger Screens

No description yet for this one, but as someone who runs two thirty inch 4K displays off my main PC, this is one I’m keen to see.

Windows Command Line Improvements

There’s no description for this one yet, but anyone who has to spend time in the command line usually welcomes any changes, so fingers crossed this one brings something that helps make your life easier.

Windows Store for Business and TeamViewer

The Windows Store is more than just a consumer app store. Join the Store team and TeamViewer as we discuss how the Windows Store for Business can help you reach new users in the SMB and prosumer space.

Enterprise Apps and the Windows Store for Business

Windows 10 offers new solutions for building, selling and deploying apps to organizations. The Windows Store for Business enables apps to be acquired in bulk and the ability to publish LOB apps to your own organization or another organization. The Windows Store for Business also offers multiple licensing and deployment options to enable organizations of any size to use your app. In this session, learn how to maximize the capabilities of the store whether you develop in-house apps or are targeting your app to be sold to organizations. We will show the app lifecycle, including publishing, acquisition, deployment, and the best practices when building enterprise apps.

Setting the Stage: The Application Platform in Windows Server 2016

Windows Server 2016 is a radical transformation of the server application platform and developer experience. The Windows Server 2016 SDK targets a super lightweight platform enabling applications to scale better and utilize just enough OS for their needs, while containers enable rapid development and deployment making for a very developer focused Windows Server release. This session will take you through the new development pipeline: developing apps targeting Nano Server, packaging apps as Windows Server App‘s (WSA), configuring apps using Desired State Configuration (DSC), deploying apps and their dependencies using Package Management, testing apps using Pester, securing apps using Just in Time (JIT) and Just Enough Admin (JEA) and running apps in Containers, VMs, or on the host. Come hear how this transformation is going to provide you with the platform and components you require for building modern server apps both on-premises and in the cloud.

Spatial Audio in UWP Apps and Games

During this session you will learn what spatial audio is, how to best author sounds for spatial audio , and how to add spatial audio to your app, game, or experience. We will go through a number of demos and code which demonstrate the different spatial audio experiences you can enable on a wide variety of devices.

Windows Store: Publishing Apps and Games to Desktop, Mobile, and Xbox

Learn about how Dev Center helps you reach customers on all Windows devices including Xbox. Discover new ways to engage your customers with bundles, add-ons, and pre-orders. Simplify your development lifecycle with APIs to automate the publishing process and new capabilities to test your app or game in production . Dev Center’s easy-to-use, powerful tools will set your apps and games up for success in the Windows store.

Building Great Universal Windows Platform (UWP) Apps for Xbox

Learn more about building great Universal Windows Platform (UWP) apps for Xbox.

HoloLens: Building UWP 2D Apps for Microsoft HoloLens

All apps built for Microsoft HoloLens run on the Universal Windows Platform (UWP). That also means that all UWP apps built for phone and desktop can work on HoloLens too. We call these 2D apps since on HoloLens they are rendered and projected on 2D surfaces. In this talk we’ll cover everything you need to know about making a 2D UWP app that works great on HoloLens. This includes how the gaze-gesture-voice interaction model works with 2D apps, design considerations for HoloLens’ interactions and display, adapting as needed for the HoloLens platform, and how to publish 2D apps in Store so they are available on HoloLens.

Microsoft Vision for IoT: From Windows Devices to Azure

Microsoft is all in on IoT. Come and learn the latest on both Azure and Windows offerings for IoT and where they are going. Microsoft has great offerings for both operating systems and cloud solutions in the incredibly exciting Internet of Things space.

Building Resilient Services: Learning Lessons from Azure with Mark Russinovich

Mark will cover best practices, tips and lessons learned in Azure to help developers avoid making the same mistakes with their cloud-scale deployments using IaaS and PaaS. This will include a look behind the scenes at some of Azure’s internals, too.

Building and Maintaining Resilient Customer Applications on Azure

The AzureCAT team works with the largest projects across the world being built on the Azure platform. This session will share the learnings and provide guidance based on those experiences.

Developer’s Guide to Connecting Devices to Azure IoT

All you ever wanted to know about how to connect IoT devices to Azure and make the most out of all the data coming from sensors leveraging smart data analytics, machine learning and other Azure goodness. We’ll introduce our open source SDKs and show you how to use our open source SDKs use them to connect devices running various OS or platforms to Azure IoT. At the end of the session you should have a good understanding of what Azure IoT Hub and Azure IoT Suite are, and how developers can use our SDKs to build tomorrow’s killer IoT solution on Azure.

VM Scale Sets & Open Source PaaS on Azure: Deep Dive

Develop scalable and open source PaaS solutions on Azure. In this session we go through some of the latest innovations for open PaaS on Azure. Build an open PaaS infrastructure with VM Scale Sets, deploy Cloud Foundry based OSS PaaS apps.

Continuum for Phone

With Windows 10, your phone can work like your PC.  Continuum for phone enables you to connect a Windows mobile device to any external display with the new Microsoft Display Dock, USB-C, or Miracast.   Users can leverage a keyboard and mouse and other peripherals to get the productivity and entertainment value of a PC with the portability, cost, and convenience of a single device. Come see Continuum in action!

Continuum for Phone: Optimizing Windows Apps Across Screens

With Windows 10, your phone can work like your PC. Continuum for phone enables you to connect a Windows mobile device to any external display with the new Microsoft Display Dock, USB-C, or Miracast. Users can leverage a keyboard and mouse to get the productivity and entertainment value of a PC with the portability, cost, and convenience of a single device. To support Continuum, developers need only develop an adaptive Windows 10 app on the Universal Windows Platform (UWP). Beyond building a UWP app, the combined screens will enable you to create unique experiences to reach new users. Learn about best practices for building UWP apps which adapt and transition seamlessly from phone to a connected display. Understand the key scenarios and interactions enabled by Continuum.

So, that’s a few different topics to get your teeth into.


^ Scroll to Top
 22 Mar.

Azure Team Guidance On Transitioning From ASM to ARM

Over the last few months since the Azure team have announced that the new portal is out of preview, and that the new portal and ARM should really be the focus for future Azure projects, it has led to many questions about migration paths, and why some services are still only in the old portal, such as Azure Active Directory and the backup and site recovery services. Venkat Gattamneni has just posted on the Azure virtual machine blog which covers the approach you should be taking for Azure virtual machine migrations from ASM to ARM, including the efforts that are underway to help simplify the process.

Here’s some of the information that is shared in this post, I strongly recommend you head on over and take a look at what else he covers, as well as keep an eye on the comments section to see what else is raised and addressed.

Solution Customer Experience Expected availability in 2016
Script migration VM is rebooted as it is recreated in the Resource Manager model. While the Virtual Machines for the environment are recreated, the network is disconnected.


Virtual Machines, no VNET As all Virtual Machines deployed in the Resource Manager model must be in a VNet, Virtual Machines will be migrated and placed in a new VNET. This will result in a change in network configuration, requiring a reboot to reconnect.


Virtual Machines with VNET Starting in Q2, the platform will offer Virtual Machine migration from ASM to Resource Manager model without disrupting the running Virtual Machine. This will require disconnecting any VNets connected on-premises, whether via ExpressRoute or VPN, before doing the migration.


Virtual Machines with basic hybrid (one connection) Starting in Q3, the platform will offer Virtual Machine migration from ASM to Resource Manager model without disrupting the running Virtual Machine and with minimal disruption to a basic hybrid connection, limited to just one connection back on-premises. More complex connections will require disconnecting before doing the migration.



^ Scroll to Top
 21 Mar.

APAC MVP Windows 10 Webinar Series – Week 2


This Thursday, at 1pm Sydney time, I’ll be presenting the second webinar in the MVP series that kicked last week. You can register here, but for more information keep reading.

Preparing your environment and deploying Windows 10

Webinar link will be provided in the registration confirmation email.

This webinar is a part of the Windows 10 webinar series, find out more about the series and related webinars here.

Webinar description
Windows 10 is designed to give you the smoothest Operating System (OS) upgrade in history. And it delivers. IT teams can rapidly deploy Windows 10 to thousands of machines remotely with the help of System Center Configuration Manager (SCCM), and manage line-of-business apps in devices through Intune.
In this webinar we will show you several deployment scenarios, including how to upgrade virtual machines from Windows 7 using task sequences.
We will demonstrate provisioning packages using the Windows Image Configuration Designer, and show you how to upgrade a virtual machine from Windows 7 to Windows 10, and from Windows 10 Professional edition to Enterprise edition.

Webinar details

Thursday, March 24, 2016
This webinar is a one hour live broadcasted session to take place at the below timing:
08:00 – 09:00 (Bangladesh Time Zone)
08:30 – 09:30 (Sri Lanka Time Zone)
09:00 – 10:00 (Cambodia, Indonesia, Thailand, Vietnam Time Zone)
10:00 – 11:00 (Malaysia, Philippines, Singapore Time Zone)
11:00 – 12:00 (Korea Time Zone)
13:00 – 14:00 (Australia Time Zone)
15:00 – 16:00 (New Zealand Time Zone)
Ask the expert opportunity available for a total of 90 minutes (during the one-hour webinar and also 30 minutes after the broadcast)
Speaker’s profile
Australia’s Mark O’Shea is a Windows veteran. After 20 years with Microsoft, he became a Windows IT Pro Most Valuable Professional (MVP) in 2012. Mark has been certified on every version of Windows since 3.1, and specialises in integrating on-premises technologies with Microsoft cloud technologies.


^ Scroll to Top
 16 Mar.

Microsoft Specialist – 70-398 Planning For And Managing Devices In The Enterprise – Exam Now Live

Overnight I received notification that the results were in for those who sat the beta version of the 70-398 Planning For And Managing Devices In The Enterprise, and thankfully I’d managed to get through. One of the hardest parts of preparing for beta exams is that you don’t have much to go by in terms of specific preparation content. More often than not in my case it turns into a somewhat chaotic effort to pull together a diverse range of resources that hopefully match what the exam needs, which can end up being something of a never ending series of rabbit holes to try to cover all of the exam objectives.



Here are the objectives for the exam as they currently stand.

Much like the 70-697 Windows 10 exam, it’s important to note that this is not a pure Windows client exam. There are many server and cloud technologies that Windows 10 integrates with that you will be tested on, so don’t underestimate the importance of these.

Design for cloud/hybrid identity (15–20%)

  • Plan for Azure Active Directory (AD) identities
    • Design Azure AD identities; Active Directory integration; Azure Multi-Factor Authentication; user self-service from the Azure Access Panel; Azure AD reporting; company branding; design Azure AD Premium features, such as Cloud App discovery, group-based application access, self-service group management, advanced security reporting, and password reset with write-back
  • Design for Active Directory synchronization with Azure AD Connect
    • Design single sign-on, Active Directory Integration scenarios, and Active Directory synchronization tools; plan for Azure AD Synchronization Services; design for Connect Health

Design for device access and protection (15–20%)

  • Plan for device enrollment
    • Design device inventory, mobile device management authority, device management prerequisites, and device enrollment profiles
  • Plan for the Company Portal
    • Customize the Company Portal and company terms and conditions; design configuration policies, compliance policies, conditional access policies, Exchange ActiveSync policies, and policy conflicts
  • Plan protection for data on devices
    • Design for protection of data in email and SharePoint when accessing them from mobile devices, design for protection of data of applications by using encryption, design for full and selective wipes

Design for data access and protection (15–20%)

  • Plan shared resources
    • Design for file and disk encryption and BitLocker encryption; design for the Network Unlock feature; configure BitLocker policies; design for the Encrypting File System (EFS) recovery agent; manage EFS and BitLocker certificates, including backup and restore
  • Plan advanced audit policies
    • Design for auditing using Group Policy and AuditPol.exe, create expression-based audit policies, design for removable device audit policies
  • Plan for file and folder access
    • Design for Windows Server Dynamic Access Control, Web Application Proxy, and Azure Rights Management service (RMS)

Design for remote access (15–20%)

  • Plan for remote connectivity
    • Design remote authentication, configure Remote Desktop settings, design VPN connections and authentication, enable VPN reconnect, configure broadband tethering
  • Plan for mobility options
    • Design for offline file policies, power policies, Windows to Go, sync options, and Wi-Fi direct

Plan for apps (15–20%)

  • Manage RemoteApp
    • Design RemoteApp and Desktop Connections settings, configure Group Policy Objects (GPOs) for signed packages, subscribe to the Azure RemoteApp and Desktop Connections feeds, export and import Azure RemoteApp configurations, support iOS and Android, configure Remote Desktop Web Access for Azure RemoteApp distribution
  • Plan app support and compatibility
    • Design for desktop app compatibility using Application Compatibility Toolkit (ACT), including shims and compatibility database; design desktop application co-existence using Hyper-V, Azure RemoteApp, and App-V; install and configure User Experience Virtualization (UE-V); plan for desktop apps using Microsoft Intune

Plan updates and recovery (15–20%)

  • Plan for system recovery
    • Design for the recovery drive, system restore, refresh or recycle, driver rollback, and restore points
  • Plan file recovery
    • Design for previous versions of files and folders, design File History, recover files from OneDrive
  • Plan device updates
    • Design update settings and Windows Update policies, manage update history, roll back updates, design for Windows Store apps updates




^ Scroll to Top
 4 Mar.

Invitation to Windows 10 webinars

Windows 10.
The game-changer
for IT teams.

Windows 10. Discover why IT teams are upgrading.

Windows 10 is our best upgrade ever. In one go, IT professionals can power continuous innovation, reduce management overheads, provide secure access and protect data, as never before. To learn more, join us for our Windows 10 webinar series.

Invitation to Windows 10 webinars

To lead the IT teams through this upgrade journey, Microsoft has specially designed a series of 4 webinars running on four consecutive Thursdays from March 17 to April 7.

Experts from Singapore, Australia, Malaysia and New Zealand will demonstrate multiple aspects of Windows 10 and walk through the key features that make it easier for IT teams to deploy, manage, and secure their environments.

Ask the experts

We are here to help. During each one-hour webinar, and for 30 minutes after, a panel of experts will be on standby to answer your questions and provide technical help via online chat.

   Learn more about the webinars   

Webinar schedule
#1. Windows 10 for businesses of any size.
Thursday, March 17, 2016

First, we will give you an overview of Windows 10 and how it enhances worker performance. This introductory webinar will show how familiar UI features take productivity to new levels, and how we have created a converged experience for multiple screen sizes.

#2. Preparing your environment and deploying Windows 10.
Thursday, March 24, 2016

Our expert will introduce the concept of
Windows-as-a-Service and help IT teams prepare for a Windows 10 upgrade. He will show you how to manage deployment and updates.

#3. Windows 10 for device management.
Thursday, March 31, 2016

We will demonstrate how Windows 10 helps businesses of any size deliver the full mobility experience for employees and simplifies device management. Our expert will demonstrate how to use different Active Directory setups to seamlessly manage identities.

#4. Windows 10 security.
Thursday, April 7, 2016

Windows 10 includes new tools to protect information workers against modern threats. Our expert will show you how to lower the risks of data being stolen or misused and how to prevent unauthorised downloads.

Windows 10 will be a game-changer for businesses of all sizes. So please join us and hear directly from the people who know Windows 10 well.
Learn more about the webinars
^ Scroll to Top

%d bloggers like this: