The updated ADK for 1607 is available here. I always recommend to download it locally for installation just in case you need to install it on multiple PCs, especially if you have a slow internet connection.
For those of you just getting started with Windows 10, here are some of the changes that the ADK introduced since Windows 8.1 was released.
The Windows ADK now includes Windows Imaging and Configuration Designer, the Windows Assessment Toolkit, the Windows Performance Toolkit, and several new and improved deployment tools that can help you automate a large-scale deployment of Windows 10.
See Getting started with Windows ICD for more information.
Users can now refresh or restore their PCs to the updated version of the system files, instead of having to reinstall each update individually.
Want to add more languages for users when they turn on their device? Instead of adding full language packs, save space by adding just the base user interface files for a language. Later, if your user needs handwriting or voice recognition capabilities, Windows can download them as needed.
For more information, see Language Packs (lp.cab).
This new Windows package type lets you request services like Microsoft .NET or languages without specifying the version. Use the DISM tool to search multiple sources like Windows Update or your corporate servers to find and install the latest version.
You can now run Windows directly from compressed files. This is similar to WIMBoot, introduced in Windows 8.1 Update 1. This new process uses individual files instead of a static WIM file. When updating system files, Windows now replaces the old files instead of keeping both copies.
Developers can package and share their trace in a zip file along with their trace session, annotations, and (optionally) loaded symbols with Windows Performance Analyzer.
See What’s New in the Windows Performance Toolkit for more information.
Windows Performance Recorder now supports querying providers. ProcessExeFilter is an optional attribute, allows providers to filter specific processes by their corresponding executable name.
See What’s New in the Windows Performance Toolkit for more information.
ailable for Windows 10 build 1607, perhaps the most important one for SBC/OEM is the new ADK…^ Scroll to Top
As we are now on the final days before the Anniversary Update rolls out to non-Windows Insiders, it’s worth visiting, or even revisiting, some of the resources that cover what’s new and what’s changed. I’m going to start with one of the topics that has received a bit of attention, which are the changes to Group Policy and MDM settings for Pro versus Enterprise/Education, which started appearing with 1511, but are continuing to change.
Telemetry levels (the applicability to Enterprise and Education is mentioned about half way through the post, this link should take you straight there.
Changes to Group Policy settings for Windows 10 Start – again, there is a note in here about settings that do not apply to Pro
With the future introduction of the Windows 10 E3 and E5 SKUs in the CSP program, there is going to be a more flexibility for smaller customers to get an Enterprise subscription, versus only being able to currently get it via some type of volume licensing agreement. We will need to see how this pans out, but from a technology perspective the demonstrations of this technology at Microsoft’s recent Worldwide Partner Conference was something that caught my attention.^ Scroll to Top
This week at WPC Microsoft have been discussing some of the most recent changes to EMS, which has now been rebranded from Enterprise Mobility Suite to Enterprise Mobility + Security to take into account some of the recent additions that focus heavily on security. Over the coming weeks I’ll have time to dig into these in more detail, but for now here are the related blog posts for the announcements.
Learn about the rebranding and the EMS E3 and EMS E5 SKU options.
This initial preview comprises two components:
With the latest Intune service update, there is a further expansion of the conditional access capabilities, which allows you to manage access to corporate email, files and other resources based on customisable conditions that ensure security and compliance, including location, risk, user, device, and app compliance. As conditions shift, access policies which are defined by IT are triggered to ensure that your corporate data is protected. And all this is done without on-premises gateways or appliances.
^ Scroll to Top
One of the downloads I regularly recommend from the TechNet Evaluation Center is the Windows 10 deployment and management lab kit. It’s a self contained virtual machine environment that lets you run through several different Windows 10 deployment and management technologies and scenarios so you can get hands on in a live environment. Following are the full details, and you can download the rest here.
The kit includes a pre-configured virtual lab environment with evaluation versions of:
*Lab environment requires 32 GB of available memory and 300 GB of free disk space. Lab expires August 30, 2016. A new version will be published prior to expiration.
Illustrated lab guides take you through multiple deployment and management scenarios, including:
^ Scroll to Top
I’ll do a more detailed post on this in an upcoming series of tutorial focused posts, but for now it’s worth mentioning one of the things I haven’t had a chance to post about yet – Enterprise State Roaming is now GA. This continues the trend of Windows 10 and Azure Active Directory based capabilities that are really helping to eliminate the need for a consumer Microsoft Account. This is something that has been problematic for many organisations in the past, and this new capability, combined with Windows Store for Business (more posts on this to come) were very well received at a national series of roadshow events I just wrapped up with the Microsoft Education team on Windows 10 Anniversary Update (yes, I know, I need to post more about that too). This doesn’t mean that the Microsoft Account requirement for organisational related purposes completely disappear for everyone, but it’s definitely getting closer.
The way I was able to easily demonstrate this feature was using a new Windows 10 Education virtual machine that I would perform an OOBE AAD Join, and within a short timeframe we would see the background image change, a very easy visual way to highlight activity, as well as showing Internet Explorer home page changes. Obviously there are more, but this was just to give a quick idea of the change. The other important thing to note that is the device that does the initial settings synchronisation needs to be activated, but non-activated devices can receive the changes, even though you can’t make some of the same customisations locally.
To get you going, here are some of the Azure team’s links for Enterprise State Roaming and closely related topics.
Enterprise State Roaming
Azure Active Domain Join^ Scroll to Top
Recently I’ve been involved in a series of events that have included content on Windows Store For Business, and there are some useful resources that I point people back to which are worth sharing here.
If you are using Intune standalone or as part of the Enterprise Mobility Suite, take a look at these two blog posts to begin with.
Other pages you should take a look at are the following.
For App Developers looking to submit apps
For those looking to deploy apps from the Windows Store For Business
Distribute offline apps – this one explains the different files that need to be downloaded and the different license options
Project Centennial aka Windows Bridge For Desktop
These cover what’s involved in moving traditional Win32 apps to the Windows Store.
^ Scroll to Top
This month the Intune documentation got quite a bit of exposure by moving over the docs.microsoft.com platform, so they were getting splashed all over tech blogs around the world. The changes that are most relevant for my focus are the MAM without enrollment for policies for Skype for Business on iOS and Android, Teamviewer support for Remote Assistance on Intune agent based PCs, and notice around upcoming changes in the support of versions of iOS earlier than 8.0
Welcome to the preview version of docs.microsoft.com! This is a completely new, modern content platform designed to make it easier for you, our customers to understand and use Intune. To read about all of the new features, see Introducing docs.microsoft.com+
Service health information for Intune has been moved to a central location with other Microsoft services. You’ll now find this information in the Office 365 management portal under Service Health. For more information, see this blog post.+
End user toast notifications: End users will now see toast notifications from the Android Company Portal app when they are enrolling their devices or removing their devices from the Company Portal.+
Company Portal website: Device identification banner will provide more information to end users. End users can now more easily identify the device they’ve selected when they are using the Company Portal website. If the wrong device is selected, they will be able to select the correct device by tapping the Tap here link in the home page banner.+
Today, to target a notification rule to a group you created from the Microsoft Intune administration console, you would take the following steps:
In the Admin workspace, click Notification Rules > Create New Rule
In step two of the Create Notification Rule Wizard, select the device groups which the rule will target. This step, “select device groups”, is being removed from the Intune Console.
The preliminary timeline for this change is as follows:
A new guide for schools looking to deploy Windows 10 alongside Office 365 and Azure Active Directory Premium can be found at https://technet.microsoft.com/itpro/windows/plan/deploy-windows-10-in-a-school and it includes the following topics.
For anyone looking to set up a small test environment the instructions here will work equally well outside of a school as inside of a school environment.^ Scroll to Top
Since the AADDS preview started I’ve been questioned several times during demonstrations of AAD/AADS/EMS scenarios why my tenants are always in US West, not in AustraliaEast or AustraliaSouthEast, and the primary reason was because the AADDS preview wasn’t available in the local datacenters. In a post on the Active Directory Team Blog they mention Australian DC availability, as well as other enhancements that have rolled into the preview, including…
Check the links above for more details, but the Aus DC availability is something I’m extremely happy to see.^ Scroll to Top
Azure Site Recovery, a component of Microsoft Operations Management Suite, is now generally available in the Azure portal. Those familiar with Site Recovery from the Azure classic portal will be pleased with the new look, feel, and enhancements. Azure Site Recovery now includes support for Azure Resource Manager–based and classic deployments, as well as support for simultaneously protecting multiple virtual machines (VMs), in System Center Virtual Machine Manager to Azure, Hyper-V Site to Azure, and System Center VMM to System Center VMM using Hyper-V Replica. Additional changes included in this release:
|•||Azure Resource Manager support for all scenarios|
|•||First-class support for Cloud Solution Provider (CSP) subscriptions|
|•||Enhanced VMware to Azure
|•||Streamlined Getting Started experience for all Site Recovery scenarios|
|•||New Policy construct for flexible association and management|
|•||Functionality of Backup and Azure Site Recovery in a single vault construct|
If you try Operations Management Suite, you can get 31 days of free workload protection with Site Recovery.^ Scroll to Top