This is a follow-up blog post to my session yesterday at TechDays Sweden: “Windows 10 in new smart ways – not like you’ve always done it”. Thank you all who attended my session – it was a pleasure! The slides can be found here (in Swedish).
The link I mentioned about all news coming to MDM, and in particular new MDM settings are published at docs.microsoft.com.
And finally some resources to get you started with the move to modern IT – as I demoed in my session. Remember that the transition to a modern environment for managing devices will take time. As you lay a puzzle, lay out your path to modern management and IT one piece at a time!
“Co-management”
This basically mean that you can manage clients with SCCM and MDM at the same time. It’s branded as SCCM+MDM but you can also leverage this if you are not using MDM. So you can basically use and on-premise AD domain joined machine which is configured using GPOs and MDM join that machine to get MDM configuration at the same time. The idea is to make the move to modern management in a smooth way!
Windows Update for Business + Update Compliance
Transition from using WSUS (+SCCM) to manage updates and move to Update Compliance to follow up the status of patches, not quality updates and feature updates.
Device Health
Verify crashes for your Windows clients and more to come very soon!
Many thanks to all of you who attended my session yesterday. So here is a summary of the key takeaways from my session “Preparing for Windows 10” at TechDays Sweden 2014 November 19th. Consider this an action list in what you can do todayto prepare yourself form Windows 10.
Cleaning up
Yeah, it is so boooooring, but still a golden opportunity to make your client environment more standardized and less complex. Make sure to remove GPOs and GPO settings that are not necessary, remove or replace scripts, applications or components that are not needed. Also, if you have a Premier support agreement with Microsoft, do use the RAP as a Service for Windows Desktop to let Microsoft do an analysis of your environment and suggesting remediation.
Application compatibility
App compat when moving from Windows 7 to Windows 8.1 or 10 is practically 99%+ success in terms of regular Win32 based applications. Still actual testing of applications needs to be done for business critical applications.
New way of doing inventory in Windows 10
There are new WMI classes in Windows 10 that can be used to collect software inventory. The information can be displayed using PowerShell. Also, there is a feature that inventories what framework or runtime an application is dependent on, for instance which version of .NET Framework or Visual C++ Runtime and it can even see if there are dependencies for OpenSSL. Imagine having these feature in place when the HeartBleed bug appeared earlier this year.
Display all installed applications on a Windows 10 machine:
Display all apps and dependent frameworks on a Windows 10 machine for a specific application (replace the ProgramID in the filter section with another one from the above example):
What I forgot to mention in yesterday’s session was that these feature are being back ported to previous Windows versions, as that is where you’d typically want to run the inventory, but much of the feature regarding this new way of doing inventory is still work in progress.
Applications in a mobile world
With Windows 8.1 and Windows 10 and the new types of devices that make users more mobile gives other challenges. It is one thing that the OS and devices are great at supporting a mobile work scenario, but without apps that also adhere to this environment you will have challenges. Make sure that the technology to deliver the user experience is evaluated, upgrade the user interfaces where necessary or port them (or parts of them) to modern apps.
Internet Explorer
In terms of moving to Windows 8.1 or Windows 10 you will face the most application compatibility challenges with IE11 and web apps. After the summer Microsoft announced that from January 2016 only the latest version of IE will be supported on the currently supported OS’s.
Are you running your intranet sites in IE7 mode?
Regardless if you run IE8, IE9, IE10 or IE11 you are very likely to (without knowing it) running all or many your internal web apps in IE7 mode, due to this nasty little settings still being default in Windows 10 and IE in Windows 10.
That is the setting that you will find by going go Tools menu and then Compatibility View settings. The setting which I strongly recommend to uncheck (set it via Group Policies) is called “Display intranet sites in Compatibility View”. I have seen this setting causing problems with web apps because modern web apps and systems stop supporting IE7 and thereby not working in IE11.
The Display intranet sites in Compatibility View should be turned off / unchecked!
Deploy Internet Explorer 11 today!
Well, deploy IE11 today and start working with compatibility testing your web apps!
IE11 Enterprise Mode
Enterprise Mode in IE11 is a compatibility mode that runs web apps in IE8 mode to make them work on IE11. With the November 2014 CU update for IE11 you will be able to not only set web apps to run in IE8 mode but also any document mode such as IE10, IE9, IE7 or even IE5.
For those of you already running IE11 – inventory tool!
Not long ago Microsoft released a little tool that will inventory all the web sites a user visits to provide means to get a grip on web app compatibility. The inventory is activated on specific clients (or all if that is OK in terms of integrity etc) and is collected via WMI to for instance System Center Configuration Manager. There are pre-made reports that can be used. More on Enterprise Site Discovery Toolkit for Internet Explorer 11.
You get detailed information on which IE document mode or compatibility mode is used on sites and specific pages. You will also see which pages are causing IE11 to hang or crash!
Taming the user interface for Windows 8.1 enterprise users
A good thing to prepare for Windows 10 is to deploy Windows 8.1. Some time ago I wrote a blog post on how to customize the user interface in Windows 8.1 to make it work as expected and make it easier for the end users. Read the blog post Taming the user interface for Windows 8.1 enterprise users.
Install Windows 10 Technical Preview
Of course you can and should install Windows 10 Technical Preview for a number of reasons. Test applications, test in-place upgrade and last but not least, provide Microsoft with feedback either using the built in Windows Feedback app or via UserVoice. This is a unique opportunity to still influence how and what Windows 10 will be!
UEFI
Windows 8.1 and Windows 10 have a security feature that is dependent on that a machine is installed in UEFI mode, that is Secure Boot. UEFI replaces the 30 year old BIOS that has “always” been around. Note that Microsoft talks very much about in-place-upgrades from previous versions to Windows 10. However, as switching to UEFI demands that you reinstall your OS you will not be able to get the full benefit of Windows 8.1 or Windows 10 if you are running your machines in legacy boot mode.
Figure out if your machines are running in UEFI and if not, make sure that you have an infrastructure that supports it and that you switch to UEFI mode in your client machines BIOSs’.
The easiest way to determine if you are running in UEFI mode is to run msinfo32.exe (only in Windows 8/8.1 and Windows 10). There is a new line that clearly displays that.
Using msinfo32 in Windows 8, 8.1 or 10 will give you straight info on if you are running in UEFI or Legacy (BIOS) mode.
If running Windows 7 (or later) you can determine if running in UEFI mode by starting diskmgmt.msc and note if you have an EFI system partition. If you do, you are running in UEFI mode.
In Disk Management you can determine if running in UEFI mode or Legacy (BIOS) mode. If you do NOT have an EFI System partition you are running in Legacy/BIOS mode.
If you have Configuration Manager you can look at the pre-made report Hardware – Disk > Disk information for a specific computer – Partitions to see if you have machines that either are running in Legacy/BIOS mode which will have partitions named “Installable File System” or UEFI machines that will have GPT partitions and in particular a GPT System partition.
In Configuration Manager reports you can determine if running UEFI machines by looking at the inventory of partitions. GPT System disk means that the machine is a UEFI machine.
Cloud connections
If you haven’t already done so look into Azure AD and what is has to offer. The cloud connections in Windows 10 will be significant!
Summary
There are quite a few things you can do to prepare yourself for Windows 10 so that you are ready when Windows 10 is released sometime next year. Happy Windows 10’ing!
TechDays Sweden takes place this week and as this year will be a very exiting one considering all the major releases with all from Windows 8, Windows Server 2012 to the System Center 2012 family products I can promise you a really interesting conference.
My session will be about three of the very most interesting features in Windows 8; taking on the future with UEFI, making use of virtualization with client hyper-v and least but not last creating new possibilities for your entire business with Windows To Go. @ Wednesday 14:45 Room 6. Be a part of the future!
Here are some friends from the MEET network, what they do and links to their blogs:
So it has been just a bit more than a week ago that TechDays Sweden closed its doors. To summarize it there were two looong days packed with interesting sessions but also not to mention meeting new people. I really hope to see TechDays Sweden grow even larger next year and I think there is plenty of room for even more sessions but also other related activities that I will work hard to get on next years conference. Now I am looking forward to TechEd North America, maybe I’ll see you there :)
I realize I have been very quite on blogging for a few weeks, mainly due to a visit to Microsoft in Redmond and the MVP Summit which was suceeded by a three week vacation with my family. Now I am at TechDays in Örebro, Sweden. Just got out from my session about AppLocker in Windows 7 which I think went quite smooth. The interest for TechDays is enormous and it has been a long day so far and it not over yet. I will attend a session on Windows 7 later today and will definetely not miss the party tonight. Still some jetlag though due to the vacation but I will struggle to get at least a couple of beers…
I also have a lot of catching up to do with my Inbox and other cool stuff that has been announced while I was on vacation, among many other things Microsoft has released some very interesting information on virtualization, read Mikael Nyströms blog post to get the summary,
TechDays is a two-day Swedish conference hosted yearly by Microsoft and partners. I will be there to speak about AppLocker in Windows 7. I will specifically talk about what makes it so great but I will focus on how to implement it and what to think about while doing so. There will be a bunch of other very interesting sessions on the latest Microsoft products so I hope I’ll see you at TechDays in March!
You must be logged in to post a comment.