tag:blogger.com,1999:blog-39864977574630060662024-03-05T05:49:35.321+01:00MS-Labrats (Updates via Twitter @MSLabrats)MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comBlogger109125tag:blogger.com,1999:blog-3986497757463006066.post-91217861030701196262024-02-19T16:58:00.003+01:002024-02-19T17:07:08.372+01:00Win11 cumulative update February 2024 (KB5034765) - cant be installed<p><span style="font-family: verdana;">In February 2024 MS released a very important cumulative update (which is also fixing 2 major Zero-Day-exploits in the OS with the cumulative update KB5034765 as reported by various sources in the internet)<br /></span></p><ul style="text-align: left;"><li><span style="font-family: verdana;">CVE-2024-21412 Internet Shortcut Files Security Feature Bypass Vulnerability</span></li><li><span style="font-family: verdana;">CVE-2024-21351 Windows SmartScreen Security Feature Bypass Vulnerability</span></li></ul><div><span style="font-family: verdana;">Officially MS is only reporting on their page publicly this update "solves security issues"<br /><br /></span></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0QBZnK_vmDF9HNHTjaqtbLBcpZQMiy1-CP9QId234-pZlBkQT0gS91qdHHJ9JGjZCOEmV7FhYwLDVXJLA334Jjk0trSNdR3eTe1CztT9hNM8Q5YEbty1lQ4Ta3kqiM5fdX1bBUqKOc7ABJ3JUYma7bVMesh0L8Iqo_cqki1t2vqKfgLmjD7KGYSOjYuY/s1024/ManPreventingWindowsUpdates.jpeg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1024" data-original-width="1024" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0QBZnK_vmDF9HNHTjaqtbLBcpZQMiy1-CP9QId234-pZlBkQT0gS91qdHHJ9JGjZCOEmV7FhYwLDVXJLA334Jjk0trSNdR3eTe1CztT9hNM8Q5YEbty1lQ4Ta3kqiM5fdX1bBUqKOc7ABJ3JUYma7bVMesh0L8Iqo_cqki1t2vqKfgLmjD7KGYSOjYuY/w400-h400/ManPreventingWindowsUpdates.jpeg" width="400" /></a></div><br /><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">While installing theses updates:<br /></span></div><p></p><div><ul style="text-align: left;"><li><span style="font-family: verdana;">2024-02 Cumulative Update for Windows 11 Version 23H2 for x64-based Systems (KB5034765)</span></li></ul></div><div><div><span style="font-family: verdana;">and/or </span></div><div><ul style="text-align: left;"><li><span style="font-family: verdana;">2024-02 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 23H2 for x64 (KB5034467)</span></li></ul></div></div><div><br /><span style="font-family: verdana;">I failed as many others already trying to install this update.</span><br /><br /><span style="font-family: verdana;"><br />During the offline mode installing the update I got this message:<br /></span><br /><span style="font-family: courier;">Something didn't go as planned. No need to worry-undoing changes.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;"><br />After the rollback you will see that the update is still waiting for you to be installed.</span></div><div><span style="font-family: verdana;"><br /><br /></span></div><div><span style="font-family: verdana;">Resolution is really simple in this case:</span><span style="font-family: verdana;"><br /><ul style="text-align: left;"><li><span style="font-family: verdana;">Check for the hidden folder: C:\$WinREAgent</span></li><li><span style="font-family: verdana;">As admin rename it into something else like "C:\DONOTUSE THIS DOLLARWinREAgentFOLDER" or any other name.</span></li></ul></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">And then let the update run again.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">When you re-run the update after renaming the folder its very likely that it works.<br />So far for me and obviously many others they reported the same issue.<br /></span><br /><span style="font-family: verdana;">After this action my system reported now no new updates and the Windows version was "Build 22631.3155" as expected (winver.exe).<br /></span><br /><span style="font-family: verdana; font-size: x-small;">Image Credits: Image created with Dalle2 prompt: man with black suit and black sunglasses is leaning against a large Windows logo. He is leaning from the right side to the left. On the left side a Windows logo is rushing in to the picture and stopped by the man.</span><br /><br /></div><div><br /></div>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-55622673899345399412023-09-25T10:00:00.014+02:002023-09-25T11:25:54.446+02:00MSIX - all-in-one-page<p><span style="font-family: verdana;">The new Microsoft Packaging format MSIX is now out for quite a while. And it improves over time even. It had its heritage in the old AppV format originally coming from Softgrid which was an Microsoft acquisition of Softricity back in 2006. </span></p><p><span style="font-family: verdana;">The principle is to sandbox an application from the system. So each application had its own virtual registry and filesystem. Everything there will "overwrite" which is already present in the OS or append when it is not part of the OS. <br /><br />The OS registry and filesystem is not changed. The virtual registry and filesystem lives in a layer between the app and the OS and is "wrapped" with the app. So the OS is not aware of all the content of the virtual registry and filesystem.</span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTAM4mVJHvEroHAP_5NIHh7NDfQSszJOXWzkoyJRVeZU0-T0a15mYuSMAjBzo-CrFiTxnRYkbzNhHbJutS3pd0kTRcrgq_-z6shNYEwHsNTww9c6UTEvihJZt05h8ItHHyOB-wV4QjleAZ33sfE_smYbwQL7fFuIUOO_q1ikKaK1ZMT-qNseLtwD-Vr2w/s2291/blog-msix-artJWU.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="2289" data-original-width="2291" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTAM4mVJHvEroHAP_5NIHh7NDfQSszJOXWzkoyJRVeZU0-T0a15mYuSMAjBzo-CrFiTxnRYkbzNhHbJutS3pd0kTRcrgq_-z6shNYEwHsNTww9c6UTEvihJZt05h8ItHHyOB-wV4QjleAZ33sfE_smYbwQL7fFuIUOO_q1ikKaK1ZMT-qNseLtwD-Vr2w/s320/blog-msix-artJWU.png" width="320" /></a></div><p style="text-align: center;"><span style="font-family: verdana; font-size: xx-small;">Credits: DALL-E 2 and myself :-)</span></p><p><span style="font-family: verdana;"> </span></p><div class="heading-wrapper" data-heading-level="h2" style="background-color: white; box-sizing: inherit; color: #161616; outline-color: inherit; position: relative;"><h4 style="box-sizing: inherit; line-height: 1.3; margin-inline-start: -1.875rem; margin: 32px 0px 12px; outline-color: inherit; padding-inline-start: 1.875rem; padding: 0px; text-align: left;"><span style="font-family: verdana;">Key features</span></h4></div><p style="text-align: left;"></p><ul style="background-color: white; box-sizing: inherit; color: #161616; list-style: none; margin: 16px 0px 16px 38px; outline-color: inherit; padding: 0px;"><li style="box-sizing: inherit; list-style: disc; margin: 0px; outline-color: inherit; outline-style: initial; outline-width: 0px; padding: 0px;"><span style="font-family: verdana;"><span style="box-sizing: inherit; font-weight: 600; outline-color: inherit;">Reliability.</span> MSIX provides a reliable install boasting a 99.96% success rate over millions of installs with a guaranteed uninstall.</span></li></ul><ul style="background-color: white; box-sizing: inherit; color: #161616; list-style: none; margin: 16px 0px 16px 38px; outline-color: inherit; padding: 0px;"><li style="box-sizing: inherit; list-style: disc; margin: 0px; outline-color: inherit; outline-style: initial; outline-width: 0px; padding: 0px;"><span style="font-family: verdana;"><span style="box-sizing: inherit; font-weight: 600; outline-color: inherit;">Network bandwidth optimization.</span> MSIX decreases the impact to network bandwidth through downloading only the 64k block. This is done by leveraging the AppxBlockMap.xml file contained in the MSIX app package (see below for more details). MSIX is designed for modern systems and the cloud.</span></li></ul><ul style="background-color: white; box-sizing: inherit; color: #161616; list-style: none; margin: 16px 0px 16px 38px; outline-color: inherit; padding: 0px;"><li style="box-sizing: inherit; list-style: disc; margin: 0px; outline-color: inherit; outline-style: initial; outline-width: 0px; padding: 0px;"><span style="font-family: verdana;"><span style="box-sizing: inherit; font-weight: 600; outline-color: inherit;">Disk space optimizations.</span> With MSIX there is no duplication of files across apps and Windows manages the shared files across apps. The apps are still independent of each other so updates will not impact other apps that share the file. A clean uninstall is guaranteed even if the platform manages shared files across apps.</span></li></ul><p></p><div class="heading-wrapper" data-heading-level="h2" style="background-color: white; box-sizing: inherit; color: #161616; outline-color: inherit; position: relative;"><a aria-label="Section titled: Highlights" class="anchor-link docon docon-link" href="https://learn.microsoft.com/en-us/windows/msix/overview#highlights" style="-webkit-font-smoothing: antialiased; background-color: rgba(0, 0, 0, 0); border: 0px; box-sizing: inherit; clip-path: inset(50%); clip: rect(1px, 1px, 1px, 1px); cursor: pointer; direction: ltr; display: inline-block; font-family: docons; font-variant-alternates: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-variant-position: normal; height: 1px; inset-block-start: 1.38125rem; inset-inline-start: -1.875rem; line-height: 16px; margin: -1px; opacity: 0; outline-color: inherit; outline-style: initial; outline-width: 0px; overflow-wrap: normal; overflow: hidden; padding: 0px; position: absolute; speak: none; text-align: center; text-decoration-line: none; transform: translateY(-50%) scale(1); transition: opacity 0.1s linear 0s; width: 1px;"></a><h4 style="box-sizing: inherit; line-height: 1.3; margin-inline-start: -1.875rem; margin: 32px 0px 12px; outline-color: inherit; padding-inline-start: 1.875rem; padding: 0px; text-align: left;"><span style="font-family: verdana;">Highlights</span></h4></div><ul style="background-color: white; box-sizing: inherit; color: #161616; list-style: none; margin: 16px 0px 16px 38px; outline-color: inherit; padding: 0px;"><li style="box-sizing: inherit; list-style: disc; margin: 0px; outline-color: inherit; outline-style: initial; outline-width: 0px; padding: 0px;"><span style="font-family: verdana;"><span style="box-sizing: inherit; font-weight: 600; outline-color: inherit;">Package existing Windows apps.</span> Use the <a data-linktype="relative-path" href="https://learn.microsoft.com/en-us/windows/msix/packaging-tool/tool-overview" style="background-color: rgba(0, 0, 0, 0); box-sizing: inherit; cursor: pointer; outline-color: inherit; outline-style: initial; outline-width: 0px; overflow-wrap: break-word; text-decoration-line: none;">MSIX Packaging Tool</a> to create an MSIX package for any Windows app, old or new. The MSIX packaging tool streamlines the packaging experience, offering an interactive user interface or command line to convert and package Windows apps.</span></li><li style="box-sizing: inherit; list-style: disc; margin: 0px; outline-color: inherit; outline-style: initial; outline-width: 0px; padding: 0px;"><span style="font-family: verdana;"><span style="box-sizing: inherit; font-weight: 600; outline-color: inherit;">Install MSIX app packages.</span> Use <a data-linktype="relative-path" href="https://learn.microsoft.com/en-us/windows/msix/app-installer/app-installer-root" style="background-color: rgba(0, 0, 0, 0); box-sizing: inherit; cursor: pointer; outline-color: inherit; outline-style: initial; outline-width: 0px; overflow-wrap: break-word; text-decoration-line: none;">App Installer</a> to install or update any MSIX app package that is locally available or on any content distribution network.</span></li><li style="box-sizing: inherit; list-style: disc; margin: 0px; outline-color: inherit; outline-style: initial; outline-width: 0px; padding: 0px;"><span style="font-family: verdana;"><span style="box-sizing: inherit; font-weight: 600; outline-color: inherit;">Apply run time fixes to packaged apps.</span> The <a data-linktype="relative-path" href="https://learn.microsoft.com/en-us/windows/msix/psf/package-support-framework-overview" style="background-color: rgba(0, 0, 0, 0); box-sizing: inherit; cursor: pointer; outline-color: inherit; outline-style: initial; outline-width: 0px; overflow-wrap: break-word; text-decoration-line: none;">Package Support Framework</a> is an open source kit that helps you apply fixes to your existing desktop app when you don't have access to the source code, so that it can run in an MSIX container.</span></li><li style="box-sizing: inherit; list-style: disc; margin: 0px; outline-color: inherit; outline-style: initial; outline-width: 0px; padding: 0px;"><span style="font-family: verdana;"><span style="box-sizing: inherit; font-weight: 600; outline-color: inherit;">Use MSIX anywhere.</span> With the open source <a data-linktype="relative-path" href="https://learn.microsoft.com/en-us/windows/msix/msix-sdk/sdk-overview" style="background-color: rgba(0, 0, 0, 0); box-sizing: inherit; cursor: pointer; outline-color: inherit; outline-style: initial; outline-width: 0px; overflow-wrap: break-word; text-decoration-line: none;">MSIX SDK</a>, MSIX packages are more versatile, and platform independent. The SDK provides all of the APIs needed to verify, validate, and unpack an app package on any platform, including Windows 10 and non-Windows 10 platforms.</span></li></ul><p><span style="font-family: verdana;">Source and to learn more about the format checkout this page:<br /></span><a href="https://learn.microsoft.com/en-us/windows/msix/overview"><span style="font-family: verdana;">What is MSIX? - MSIX | Microsoft Learn</span></a>´</p><p></p><h4 style="text-align: left;"><span style="font-family: verdana;"><u>Great tools to do the packaging are:</u></span></h4><p></p><p><span style="font-family: verdana;">1. Microsoft Packaging Tool:<br /><a href="https://learn.microsoft.com/en-us/windows/msix/packaging-tool/tool-overview">MSIX Packaging Tool Overview - MSIX | Microsoft Learn</a></span></p><p><span style="font-family: verdana;">2. Another great 3rd party tools is coming from Advanced Installer.<br /><a href="https://www.advancedinstaller.com">https://www.advancedinstaller.com</a><br />There checkout especially the new free express edition:<br /><a href="https://www.advancedinstaller.com/express-edition.html">Advanced Installer Express Edition</a><br /><br />It complement's the MSIX packaging tool from MS with:<br /></span></p><p></p><ul style="text-align: left;"><li><span style="font-family: verdana;">Shortcut arguments</span></li><li><span style="font-family: verdana;">One-click digital signature support</span></li><li><span style="font-family: verdana;">Detection of high-level constructs, like file type associations or firewall rules and mapping those entries accordingly in the AppXManifest file</span></li><li><span style="font-family: verdana;">PSF (Package Support Framework) integration</span></li><li><span style="font-family: verdana;">Generate a conversion project: reload, edit and rebuild your MSIX package in seconds</span></li><li><span style="font-family: verdana;">Build MSIX and MSI/EXE packages from the same project<br /><br /></span></li></ul><p></p><p><span style="font-family: verdana;"></span></p><h4 style="text-align: left;"><span style="font-family: verdana;"><b><u>Important and helpful tools even from 3rd party checkout here:</u></b></span></h4><p><span style="font-family: verdana;">3. "Hover" this is a great FREE tool to work on the application virtualization layer from within the package. Which is normally hard to reach. Checkout this great free tool from AdvancedInstaller</span></p><p><a href="https://www.advancedinstaller.com/hover.html"><span style="font-family: verdana;">Hover: Launching apps inside a MSIX/App-V container (advancedinstaller.com)</span></a></p><p><span style="font-family: verdana;">4. "MSIX Troubleshooter" this is another great FREE tool from Advanced Installer team to support troubleshooting of MSIX packages. Checkout another great free tool from Advanced Installer<br /><a href="https://www.advancedinstaller.com/msix-troubleshooter.html">Troubleshooting MSIX installations (advancedinstaller.com)</a></span></p><p><span style="font-family: verdana;">5. And whenever you need even more tweaks you can benefit from the Package Support Framework (PSF) which is an open source community project to further tweak the MSIX format and circumvent issues as we did in the good old days of Windows 7 App compat shims.<br /><br />5.1 Overview: <a href="https://learn.microsoft.com/de-de/windows/msix/psf/package-support-framework-overview">Framework zur Paketunterstützung (Package Support Framework, PSF) - MSIX | Microsoft Learn</a></span></p><p><span style="font-family: verdana;">5.2 Source: <a href="https://github.com/microsoft/MSIX-PackageSupportFramework/releases">Releases · microsoft/MSIX-PackageSupportFramework (github.com)</a><br /><br />5.3 GUI supporting configuration of PSF <a href="https://apps.microsoft.com/store/detail/tmurgentpsftooling/9NC6K0Q954JV?hl=en-us&gl=us">TMurgent-PsfTooling - Microsoft Store Apps</a> (Kudos to Tim Mangan to support this great tool!)</span></p><p><span style="font-family: verdana;">Happy MSIX-packaging!</span></p><p><span style="font-family: verdana;"> </span></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-53185875975732006152023-05-08T15:47:00.003+02:002023-05-08T15:49:51.583+02:00Microsoft cloud logins - errors and how to get more details<p></p><div style="text-align: center;"><span style="font-family: verdana;">Sometimes when logging in you might see errors like this containing this so called <b>"Correlation ID".</b></span></div><br /><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhw0EYGxcNHYd_A-Vr-thrh8jjM5WmofX05R7XHGwWXPDGMzU_AH1oSeIdQRtUo5Q9XE62Al5HSPqIZ_foOCgJuFh2K2IEgDpNEq4U3FT55FwoiTHjm2DKKcckyYP3w_XGgg4U3ZkeL1OKV9nmpnpHrx-Imgpo6CG-LRuCmWg8182Z_I1Mt3hA1wgen/s701/blog-aadIssueLoginError.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="701" data-original-width="662" height="477" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhw0EYGxcNHYd_A-Vr-thrh8jjM5WmofX05R7XHGwWXPDGMzU_AH1oSeIdQRtUo5Q9XE62Al5HSPqIZ_foOCgJuFh2K2IEgDpNEq4U3FT55FwoiTHjm2DKKcckyYP3w_XGgg4U3ZkeL1OKV9nmpnpHrx-Imgpo6CG-LRuCmWg8182Z_I1Mt3hA1wgen/w450-h477/blog-aadIssueLoginError.png" width="450" /></a></div><div><br /></div><span style="font-family: verdana;">You may wonder where you may find the corresponding log entries with more details on the Azure AD side? The answer helping you is the "Correlation ID".</span><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">That's what it does. It correlates your frontend issue with the backend logs.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Here you should have a closer look. And use the filter for the correlation ID. So its always a good Idea to copy the info to the clipboard and advise your users to send you this information.</span></div><div><br /><span style="font-family: verdana;"><b><u>How to do this:<br /></u></b><br /><ol style="text-align: left;"><li><span style="font-family: verdana;">Open the Azure AD admin page</span></li><li>Open the "Sign-in logs"</li><li><span style="font-family: verdana;">Filter for the "Correlation ID" and click apply.</span></li><li><span style="font-family: verdana;">Add in the new filter the Correlation ID info you copied first.<br /></span>Its a long Guid formatted number.</li></ol></span></div><div> <div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKaqBaHipjyvJT-E32PMV9LRG6FJ-lqPxa2Xky0t74s6L-uNVM5BxynswO6j5F0YdHkSDxCvEXQKTLRgtyo6HdPyfCdZhNB_Wl-IueZ5Vp22Ns0wwXlnI1IacUWavwGPU6ttd3P8iI4mdGeqgroLxFhAtM59v2m7t-Qdf9e2ClIcG502oyusYkkWvV/s1246/blog-aadIssueLoginError2.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="590" data-original-width="1246" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKaqBaHipjyvJT-E32PMV9LRG6FJ-lqPxa2Xky0t74s6L-uNVM5BxynswO6j5F0YdHkSDxCvEXQKTLRgtyo6HdPyfCdZhNB_Wl-IueZ5Vp22Ns0wwXlnI1IacUWavwGPU6ttd3P8iI4mdGeqgroLxFhAtM59v2m7t-Qdf9e2ClIcG502oyusYkkWvV/w640-h304/blog-aadIssueLoginError2.png" width="640" /></a></div><br /><p><span style="font-family: verdana;">Also very helpful is this reference table for the Error Codes (AADSTS...)<br /><a href="https://learn.microsoft.com/en-us/azure/active-directory/develop/reference-error-codes" target="_blank">Azure AD authentication & authorization error codes</a></span></p><p><br /></p><p><br /></p></div>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-29207425584237041512022-04-03T20:15:00.009+02:002022-04-03T20:35:40.337+02:00Azure - How to move resources between subscriptions under different tenants<p><span style="font-family: verdana;">To make a long story short. Directly this does not work at least until now (2022-04). But as often there is a good workaround.<br /><br /><span style="color: red;"><b>ATTENTION! This is an unsupported workaround. So do not blame me if you loose something important. Backup (e.g. ARM Templates, data etc.) is always a good idea! So this is out of any warranty. These steps were working a couple times for me but that does not mean it will work for you. THIS IS ON YOUR OWN RISK!</b></span></span></p><p><span style="font-family: verdana;">First of all you need to know. Not all resources can be moved. Check here which resource you can move.<br /><a href="https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/move-support-resources">Move operation support by resource type - Azure Resource Manager | Microsoft Docs</a><br /><br />You need to differentiate between move from:<br /></span></p><ul style="text-align: left;"><li><span style="font-family: verdana;">Resource to another resource group</span></li><li><span style="font-family: verdana;">Resource to another subscription</span></li><li><span style="font-family: verdana;">Resource to another region</span></li></ul><p></p><p><span style="color: red; font-family: verdana;"><u>Also keep mind some pieces you can not move at all. Whenever you have some access assignments based on your active directory you will loose them and you need to recreate them in a another tenants active directory.</u></span></p><p><span style="color: red; font-family: verdana;"><u>Also if you have some scripts or resource identifiers you may need to update them as well.</u></span></p><p><span style="font-family: verdana;">As a direct move is not possible you can do it with a intermediate "Pay as you go" subscription.<br />This type of subscription can easily move between tenants. But you need to be member of the tenant and need the right to add subscriptions (in my case I am global admin so I do not care. But you need to be at least Account Administrator).</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEiK28uUV4ysxv0dZq0wpRo0kpF82rrlvbmejugsAmwOvFKVHs_aThpWk_AwgE8fv9HR8Vmsx9NN63lSF_c5pJ6c8NE7V44A6nLzlsq2l4RZZ5fQqDD72Z_xqDY-a426uMHG6TADQvqZMfqhDvq1UOGemr1H9TRVVVUKJLomKNS7o8eg1H1bur7ez6M6" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: verdana;"><img alt="" data-original-height="453" data-original-width="550" height="528" src="https://blogger.googleusercontent.com/img/a/AVvXsEiK28uUV4ysxv0dZq0wpRo0kpF82rrlvbmejugsAmwOvFKVHs_aThpWk_AwgE8fv9HR8Vmsx9NN63lSF_c5pJ6c8NE7V44A6nLzlsq2l4RZZ5fQqDD72Z_xqDY-a426uMHG6TADQvqZMfqhDvq1UOGemr1H9TRVVVUKJLomKNS7o8eg1H1bur7ez6M6=w640-h528" width="640" /></span></a></div><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">And then simply move the subscription from one to another directory. All directories your account had sufficient access should be shown in the selection list.</span></p><p><span style="font-family: verdana;">Therefore go to to your resource group and ensure you have selected all resources.<br /><br />Then click on MOVE (dropdown) in the top toolbar -> Select there the "Move to another subscription". <br /><br />While you do this you are asked for the right subscription. In case of the transfer you use the Pay as you go one. And in the second step you repeat it and you select your final target subscription.</span></p><p><span style="font-family: verdana;">While you do this you need to move the resources into a new resource group name. I use there the old one and add an -payg at the end. And in the target subscription I use another extension. But that's your choice what you use there. It must be just different then the one you use in the pay as you go subscription.</span></p><p><span style="font-family: verdana;">Actually you do the same thing twice (moving resources between subscriptions):<br />1. Moving resources from source tenant resource group to PAYG-subscription into an intermediate resource group.</span></p><p><span style="font-family: verdana;">2. Moving the PAYG-subscription to another tenant.</span></p><p><span style="font-family: verdana;">3. Ensuring you are owner of the PAYG-subscription in the target tenant.</span></p><p><span style="font-family: verdana;">4. Moving the resources from the PAYG-subscription to the target subscription in the target tenant.</span></p><p><span style="font-family: verdana;">And do that stuff immediately. Otherwise the PAYG subscription might be charged for you! So do not wait one or a few days in between! Especially if you have to pay with your own credit card!</span></p><p><span style="font-family: verdana;">Are you in doubt if the target resource group remains still empty (after a few seconds/minutes)? Be patient it will take a while. Sometimes even hours. So do not get nervous.</span></p><p><span style="font-family: verdana;">This hint was not by my own. I found an article from Damir Dobric (MVP). So credits go to him (including the great graphics above!): <a href="https://social.technet.microsoft.com/wiki/contents/articles/51360.azure-how-to-move-resources-between-subscriptions-under-different-tenants.aspx">Azure: How to move resources between subscriptions under different tenants? - TechNet Articles - United States (English) - TechNet Wiki (microsoft.com)</a></span><br /><br /><br /></p><p><br /></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-48237854403813127802022-03-21T11:35:00.004+01:002022-03-21T11:35:24.617+01:00Microsoft Portals<p><span style="font-family: verdana;">As Microsoft had a ton of portals this Website might be useful for you.</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgQ23PwD1NcySU9TxxFzr-1ct_HvJC2vz7INWEhNv8hkrxP4t1Zp2sPK8eJ8DM4i8sAU_JQyWf8T87bpxmWr39RpzQByE4uqPlLPMANF8XAS7k9yVCpW9YgcyQvwXCZc6zMPK0z5cFBfGpzcpLmoYxdTQoUCYl1VVq0CO6bryme0cjcYz6-wbYoWyFn=s1110" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="915" data-original-width="1110" height="528" src="https://blogger.googleusercontent.com/img/a/AVvXsEgQ23PwD1NcySU9TxxFzr-1ct_HvJC2vz7INWEhNv8hkrxP4t1Zp2sPK8eJ8DM4i8sAU_JQyWf8T87bpxmWr39RpzQByE4uqPlLPMANF8XAS7k9yVCpW9YgcyQvwXCZc6zMPK0z5cFBfGpzcpLmoYxdTQoUCYl1VVq0CO6bryme0cjcYz6-wbYoWyFn=w640-h528" width="640" /></a></div><br /><p></p><p><a href="https://msportals.io/?search="><span style="font-family: verdana;">Administrator Portals | Microsoft Portals (msportals.io)</span></a></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-88285186638465186212022-01-17T19:00:00.007+01:002022-01-17T19:08:11.825+01:00Microsoft Build of OpenJDK<p><span style="font-family: verdana;">Microsoft is now offering a free and maintained OpenJDK package!</span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhYX3EvguGQ26G7Ogm4jJy9A5LJpjb9uZW0rIs2T3dZ-15zVcfAAogehbr7ztHopXKn7XeUrBfREMenjGBlEKXy3jgxA9YbBKPOtUh0iJInm-CPLt_XlRdv9tYW4aaIkZv-OX0ZmWhgiaJLfI4owvJqF3nIa4i2f4UeaalxobdYAQ7bva6JsGZTEIZ4=s1920" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: verdana;"><img border="0" data-original-height="524" data-original-width="1920" height="109" src="https://blogger.googleusercontent.com/img/a/AVvXsEhYX3EvguGQ26G7Ogm4jJy9A5LJpjb9uZW0rIs2T3dZ-15zVcfAAogehbr7ztHopXKn7XeUrBfREMenjGBlEKXy3jgxA9YbBKPOtUh0iJInm-CPLt_XlRdv9tYW4aaIkZv-OX0ZmWhgiaJLfI4owvJqF3nIa4i2f4UeaalxobdYAQ7bva6JsGZTEIZ4=w400-h109" width="400" /></span></a></div><p><span style="font-family: verdana;">The Microsoft Build of OpenJDK is a no-cost distribution of OpenJDK that's open source and available for free for anyone to deploy anywhere. <br /><br />It includes Long-Term Support (LTS) binaries for Java 11 and Java 17 on x64 server and desktop environments on macOS, Linux, and Windows, AArch64/ARM64 on Linux and Windows, and binaries for macOS on Apple Silicon (AArch64/M1). Additionally Java 16 is also provided (non-LTS).<br /><br /><span style="background-color: white; color: #171717;">The Microsoft Build of OpenJDK binaries are based on OpenJDK source code, following the same build scripts used by the Eclipse Adoptium project and tested against the Eclipse Adoptium Quality Assurance suite (including OpenJDK project tests).<br /><br />More you can learn from here:<br /><a href="https://docs.microsoft.com/en-us/java/openjdk/overview" target="_blank">https://docs.microsoft.com/en-us/java/openjdk/overview</a></span></span></p><p><span style="font-family: verdana;"><span style="background-color: white; color: #171717;">You can download the OpenJDK packages here:<br /></span><a href="https://docs.microsoft.com/en-us/java/openjdk/download" target="_blank">https://docs.microsoft.com/en-us/java/openjdk/download</a></span></p><p><span style="background-color: white;"><span style="color: #171717; font-family: verdana;">With <b>Windows Package manager</b> its in <b>PowerShell</b>:</span></span></p><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><p><span style="background-color: white;"><span style="font-family: verdana;"><u>Search for the OpenJDK version:</u></span></span></p><p><span style="background-color: white;"><span style="color: #171717; font-family: courier;"><b>winget search Microsoft.OpenJDK</b></span></span></p><p><u><span style="background-color: white; color: #171717;"><span style="font-family: verdana;">To Install the corresponding version its:</span></span> </u></p></blockquote><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><p><b style="color: #171717; font-family: courier;">winget install Microsoft.OpenJDK.17</b></p></blockquote><p><span style="background-color: white;"><span style="color: #171717; font-family: courier;"><b><br /></b></span></span></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-20248540674357399342021-12-08T10:37:00.005+01:002021-12-10T09:29:52.142+01:00Windows Performance Analyzer (WPA) & Recorder (WPR)<p><span style="font-family: verdana;"></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: verdana;"><br /></span></div><span style="font-family: verdana;">Recently I got a mail from someone who is complaining about bad logon performance on RDS hosts. To diagnose something like this and many other performance related issues it's great to make use of the <a href="https://docs.microsoft.com/en-us/windows-hardware/test/wpt/" target="_blank">Microsoft Performance Toolkit</a> which is part of the <a href="https://docs.microsoft.com/en-us/windows-hardware/get-started/adk-install">Windows ADK</a>.<br /><br /><br /></span><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjrdHqGF9TtIufFvhsm5H_BFm2BgzaKue2NatiKCSLuilcDspw6pboutXvSWNGzlb1E-JcdKl_aFqEFOBMBgr6_M0zshMUmKamLrK-J9k6skGT3XtFIH2yEkSAv-0PQLIi_yTKjcda5BmvX97jR285YvpXSsaa-K8D5VWH4aFhGgfdz3_Rp3EUJ7JsB=s1398" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1084" data-original-width="1398" height="496" src="https://blogger.googleusercontent.com/img/a/AVvXsEjrdHqGF9TtIufFvhsm5H_BFm2BgzaKue2NatiKCSLuilcDspw6pboutXvSWNGzlb1E-JcdKl_aFqEFOBMBgr6_M0zshMUmKamLrK-J9k6skGT3XtFIH2yEkSAv-0PQLIi_yTKjcda5BmvX97jR285YvpXSsaa-K8D5VWH4aFhGgfdz3_Rp3EUJ7JsB=w640-h496" width="640" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div><span style="font-family: verdana;"><u>It contains 2 important tools:</u></span><p></p><p><span style="font-family: verdana;"><b>Windows Performance Recorder (WPR)</b>,<br />which is used to record the performance in a binary ETW file. (Event Trace for Windows).</span></p><p><span style="font-family: verdana;"><b>Windows Performance Analyzer (WPA)</b>,<br />which is used to examine the ETW file generated by the WPR.</span></p><p><span style="font-family: verdana;">These tools are extremely helpful to nail down the root cause for performance issues. Nevertheless they are not really designed for newbies and you need a solid understanding of the Windows architecture to deal with them.<br /><br />See it more likely as a combined super ProMon & Process Explorer on steroids. </span></p><p></p><div style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhJE-v7Ye14x-QCxrmjuleYrDr_1nJ1rOZ9OUqL4Hr5phM0PtFiegQjkD684--AHkYqCNPSuamsOyDXUYo8_SYoJyzwVU3b6C0hXl6y4nDOHrSwh5wXGszyLjuHGN_nNdYnk28DouJ6SY-tnpwrD0FQXpzFTSr2oUQW-kTEMAp8RnF-ZfQ7orhH1WWL=s1398"><img border="0" data-original-height="1084" data-original-width="1398" height="496" src="https://blogger.googleusercontent.com/img/a/AVvXsEhJE-v7Ye14x-QCxrmjuleYrDr_1nJ1rOZ9OUqL4Hr5phM0PtFiegQjkD684--AHkYqCNPSuamsOyDXUYo8_SYoJyzwVU3b6C0hXl6y4nDOHrSwh5wXGszyLjuHGN_nNdYnk28DouJ6SY-tnpwrD0FQXpzFTSr2oUQW-kTEMAp8RnF-ZfQ7orhH1WWL=w640-h496" width="640" /></a></div><br /><span style="font-family: verdana;"><br /></span><p></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhDgO1AJ2cDKfKW80oo76WYBqZolXFs1N88tQMVR8LqelKSd85tbrcf1xmnbiHJrJDoeq_d2dK9zUK0spwz706D9sXVVOD7oRCflJRpdzdZSUUDRbp4XjU3Z5NzDWIlCKU6L9GLCYl0LFr5aK3ktgTC2AjqwPCxI2EYZendETH1cOJuyXN7OvRTpWv6=s1398" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1084" data-original-width="1398" height="496" src="https://blogger.googleusercontent.com/img/a/AVvXsEhDgO1AJ2cDKfKW80oo76WYBqZolXFs1N88tQMVR8LqelKSd85tbrcf1xmnbiHJrJDoeq_d2dK9zUK0spwz706D9sXVVOD7oRCflJRpdzdZSUUDRbp4XjU3Z5NzDWIlCKU6L9GLCYl0LFr5aK3ktgTC2AjqwPCxI2EYZendETH1cOJuyXN7OvRTpWv6=w640-h496" width="640" /></a></div><p></p><p><span style="font-family: verdana;"><br />This Build Conference video here is explaining the toolset with demos.<br /><br /></span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: verdana;"><iframe allowfullscreen="" class="BLOG_video_class" height="317" src="https://www.youtube.com/embed/nSPsrMFlqUE" width="575" youtube-src-id="nSPsrMFlqUE"></iframe></span></div><span style="font-family: verdana;"><br /><br />Here is a <a href="https://docs.microsoft.com/en-us/windows-hardware/test/wpt/windows-performance-step-by-step-guides" target="_blank">good tutorial</a> to start with. <br /><br /></span><p></p><p><span style="font-family: verdana;">Other cool side effect the WPA can open any ETL file. So if you do some other tracing with built-in tools creating ETL files you can open them with WPA either.<br /><br />Also checkout the rest of the comprehensive WPA/WPR resources on <a href="https://docs.microsoft.com/en-us/windows-hardware/test/wpt/windows-performance-analyzer">docs.microsoft.com</a><br /><br />Actually the learning curve is very steep. Especially if you try to catch up with a series of videos. There was a pretty good one in the old & retired Microsoft virtual academy with 8 hours of content (Chell Sterioff & Milad Aslaner). There is paid copy available via: <a href="https://trainingvideocenter.com/microsoft-virtual-academy-windows-performance-jump-start/">Windows Performance Jump Start (trainingvideocenter.com)</a><br /><br /></span></p><p><span style="font-family: verdana;">But a book might be better to dig deeper into this matter. Fortunately Michael Milirud and Alex Kirshenbaum wrote a new book about it. Actually Michael you already met in the build 2011 video above. ;-)<br /><br />So checkout their new book here: </span><a href="https://leanpub.com/perfbook"><span style="font-family: verdana;">Fundamentals of… by Alex Kirshenbaum et al. [PDF/iPad/Kindle] (leanpub.com)</span></a></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-57613889440165485682021-11-30T11:02:00.006+01:002021-11-30T11:11:01.983+01:00Easy dealing with different identities in Edge Chromium<p><span style="font-family: verdana;">When it comes to deal with different identities in the browser (Edge Chromium) then its sometimes hard to keep track which one is used in which browser window. To here is my ultimate tip to simplify this. </span></p><p><span style="font-family: verdana;">Simple make use of color themes. Its pretty simple but very effective.</span></p><p><span style="font-family: verdana;">Due to the nature of different functions and also different demo environments I need to keep track which credentials where used where. So the "good old times" of having 2 different browsers (using InPrivate mode there) to have 3 different identities are gone. And also 3 are not enough in our days.</span></p><p><span style="font-family: verdana;">See here mine different ones:</span><br /></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiYXbSWu9lPhJHjWt8RryV_QytvVAcGxCUuG4zlmGQIpVVBiGxgdVQBlhHXRdSRxYZEuv6r9D5J7neAABJpjfHy2Y9161a_Kq0ikx8XdzGnlSEErCgyCGB06fo0MLZuaTJhz-vkQGrf5g/s1080/Edge-Themes1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="805" data-original-width="1080" height="478" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiYXbSWu9lPhJHjWt8RryV_QytvVAcGxCUuG4zlmGQIpVVBiGxgdVQBlhHXRdSRxYZEuv6r9D5J7neAABJpjfHy2Y9161a_Kq0ikx8XdzGnlSEErCgyCGB06fo0MLZuaTJhz-vkQGrf5g/w640-h478/Edge-Themes1.png" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">How to make this working? - Simply select the color themes in the browser settings.</span></div><div><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja-9Wc5Xsa1_sZK33fEb1f8C2gml0_guSCJp_kZmXk3NqjAeVqeTF3RVYqg1zMTVkcbjuUSDE1TDEU0Br_cUW3p3z1-QEv0l8y1VPI_HNRkT6jc9c2u-h7ytReCLAIeNSayIP3LFyp5ws/s1365/Edge-Themes2.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="848" data-original-width="1365" height="398" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEja-9Wc5Xsa1_sZK33fEb1f8C2gml0_guSCJp_kZmXk3NqjAeVqeTF3RVYqg1zMTVkcbjuUSDE1TDEU0Br_cUW3p3z1-QEv0l8y1VPI_HNRkT6jc9c2u-h7ytReCLAIeNSayIP3LFyp5ws/w640-h398/Edge-Themes2.png" width="640" /></a></div><br /><div><span style="font-family: verdana;">This is very simple, safe and effective. Just try it. I won't miss it now!</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">And yes what you see in the first screenshot isn't a leak. Now its official that Win365 Enterprise gets also AAD Only <a href="https://techcommunity.microsoft.com/t5/windows-it-pro-blog/support-for-azure-ad-joined-cloud-pcs-in-windows-365-enterprise/ba-p/2912575" target="_blank">(now in private preview but officially announced.)</a></span></div>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-16477334542199256572021-08-27T12:57:00.003+02:002021-09-14T18:15:31.454+02:00Windows365 is there<p><span style="font-family: verdana;">Update from 09/14/2021 (at the end of the article)!</span></p><p><span style="font-family: verdana;">Yeah I know from a timing perspective Windows365 is already here since July 15th 2021. But I had not yet time to write about it. I am glad to be a tester for Windows 365 since October last year. This was the most confidential TAP program we were ever involved. We were even not allowed to talk to German techy Microsofties about it. ;-)</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpyKscwYZlOoTZf3WH8TNlU2cO7pGOlCctXH1OyJfRDLBrT9oRIml-RR3K2-NPCRmIkGIcIgDecqwZzWhV2-mbB7ve5-o0oMwCm2V4xBv8TTlVITHbUhdG2JUI9sfJaO_jtl9JiO-JgO4/s437/Windows365+Cool+Computer+Picture.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="437" data-original-width="396" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjpyKscwYZlOoTZf3WH8TNlU2cO7pGOlCctXH1OyJfRDLBrT9oRIml-RR3K2-NPCRmIkGIcIgDecqwZzWhV2-mbB7ve5-o0oMwCm2V4xBv8TTlVITHbUhdG2JUI9sfJaO_jtl9JiO-JgO4/w363-h400/Windows365+Cool+Computer+Picture.png" width="363" /></a></div><p></p><p><span style="font-family: verdana;">So to make a long story short and demystify the "Windows got streamed to your device" marketing story. Yes it felt like something is "streamed" to your device. But in reality its:</span></p><p></p><ol style="text-align: left;"><li><span style="font-family: verdana;">A Microsoft managed virtual machine </span></li><li><span style="font-family: verdana;">Sitting on Azure</span></li><li><span style="font-family: verdana;">Dedicated for you</span></li><li><span style="font-family: verdana;">Running all the time</span></li><li><span style="font-family: verdana;">Enabled for regular management with Microsoft Endpoint Manager</span></li><li><span style="font-family: verdana;">Part of your your own domain (hybrid domain joined, Azure AD only is on the roadmap)</span></li><li><span style="font-family: verdana;">Paid on a single flat price (n $ per month)</span></li><li><span style="font-family: verdana;">Accessed via RDP protocol on any device (Windows, IOS, macOS, Android, Browser, Linux)</span></li><li><span style="font-family: verdana;">Very simple to setup and maintain!</span></li></ol><div><span style="font-family: verdana;">And it is for whom?</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Actually its not a default device you would give everybody in the whole company. But its a great complementary solution for specific use cases and that could be:</span></div><div><span style="font-family: verdana;"><br /></span></div><div><ul style="text-align: left;"><li><span style="font-family: verdana;">Regulated scenarios like banking, healthcare, government (outside of Germany ;-))</span></li><li><span style="font-family: verdana;">Changing demands like mergers & acquisitions, temps, contractors or partners</span></li><li><span style="font-family: verdana;">Bring your own device scenarios (very popular e.g. in Switzerland)</span></li><li><span style="font-family: verdana;">New hires (day one) until you get your real device</span></li><li><span style="font-family: verdana;">Device shortages (while you wait until your new or replacement device is there)</span></li><li><span style="font-family: verdana;">Working scenarios like retail workers or call center.</span></li><li><span style="font-family: verdana;">Special LOB applications</span></li><li><span style="font-family: verdana;">Design & Development (even with hardware accelerated VMs for CAD)</span></li><li><span style="font-family: verdana;">Software testing</span></li><li><span style="font-family: verdana;">Pandemic situations</span></li></ul><div><span style="font-family: verdana;"><br /></span></div></div><div><span style="font-family: verdana;">You may have heard of Azure Virtual Desktop. How is that related to Win365?</span></div><div><span style="font-family: verdana;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTit7bGnMbUleWlGniojwlH0mVvW4CBCPzxPC8N71cUtMtCyamMI0cpM7zNE7GaUE7z0bxquEa1vdFgnQE8bQpnGNnWXBe3Ou9RAPF-GvMCo2jnoU0FkSSYGqK20CJqsEeibrKTjuvGaw/s1260/Win365-AVD+comparision.PNG" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: verdana;"><img border="0" data-original-height="683" data-original-width="1260" height="346" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTit7bGnMbUleWlGniojwlH0mVvW4CBCPzxPC8N71cUtMtCyamMI0cpM7zNE7GaUE7z0bxquEa1vdFgnQE8bQpnGNnWXBe3Ou9RAPF-GvMCo2jnoU0FkSSYGqK20CJqsEeibrKTjuvGaw/w640-h346/Win365-AVD+comparision.PNG" width="640" /></span></a></div><span style="font-family: verdana;"><br /></span><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">To learn more about it I gave 2 webcasts including demos:<br /><br />GERMAN webcast held with my colleague Karsten Kleinschmidt in our own glueckkanja-gab AG webcast studio.<br /><a href="https://www.youtube.com/watch?v=Fal_qS3PgkE" target="_blank">YOUTUBE - Windows 365 Cloud PC - German</a><br /></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">ENGLISH webcast held with Ragnar Heil together from home office & vacation bus ;-)<br /><a href="https://www.youtube.com/watch?v=Ng6qSNdWO_s" target="_blank">YOUTUBE - Windows 365 Cloud PC - English</a></span><br /></div><div><br /></div><div><br /></div><div><span style="font-family: verdana;">Pricing and plans are found here:<br /></span><a href="https://www.microsoft.com/en-us/windows-365/all-pricing"><span style="font-family: verdana;">Windows 365 Plans and Pricing | Microsoft</span></a></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Windows 365 Documentation found here:<br /><a href="https://docs.microsoft.com/en-us/windows-365/">Windows 365 Enterprise documentation | Microsoft Docs</a></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">And yes there is also a Business version available. Difference here:<br /></span></div><div><ol style="text-align: left;"><li><span style="font-family: verdana;">Azure AD only</span></li><li><span style="font-family: verdana;">No network connection to on-premises</span></li><li><span style="font-family: verdana;">No custom images</span></li><li><span style="font-family: verdana;">Limited to max 300 users</span></li></ol></div><div><span style="font-family: verdana;">So not really an option a larger enterprise would think of.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">If you want to know what's new and currently available:<br /><a href="https://docs.microsoft.com/en-us/windows-365/whats-new">What's new in Windows 365 | Microsoft Docs</a></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">If you are interested in what's coming next then look here:<br /><a href="https://docs.microsoft.com/en-us/windows-365/in-development">In development - Windows 365 | Microsoft Docs</a></span></div><div><br /></div><p></p><div><span style="font-family: verdana;">In another post later I will talk about tips & tricks for deployment & troubleshooting. Stay tuned!</span></div><div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">PS: Microsoft stopped the trial temporary due to overwhelming success and a large amount of requests for it. You can still "try" with a paid subscription. If you are seriously interested then the probably 32 US$ per month aren't too much for a paid test machine.<br /><br />(UPDATE 9/14/2021):<br />To get a first glimpse here you get access to a interactive demo experience!<br /><a href="https://interactive-demo.azureedge.net/">Interactive Demo (azureedge.net)</a></span></div></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">And if you want to see current feature requests, upvoting or adding a new one.<br /><a href="https://techcommunity.microsoft.com/t5/windows-365-feature-requests/idb-p/Windows365Requests">Windows 365 feature requests - Microsoft Tech Community</a></span></div>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-90448644685580871152021-05-04T19:29:00.003+02:002021-08-27T11:04:27.704+02:00MS deprecates TLS 1.0 and TLS 1.1 in AzureAD<p><span style="font-family: verdana;">Microsoft announced they will deprecate TLS 1.0 and TLS 1.1 as authentication mechanism in AzureAD. This was already done with Office 365 with less impact. This time the impact will be much bigger!</span></p><p><span style="font-family: verdana;">Reason for this is security as there are serious vulnerabilities out there like Heartblead, POODLE, BEAST and others. Also other major vendors will deprecate the usage of TLS 1.0 and TLS 1.1 as also specified in RFC8996!</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT1mBUa_VfWjCY4rtvnflFh6jsr7NW5y4y3ZW9v9TYSt607vzfibjy5iHpIUEdbtzuI2T8E5cUi6nMG1GlxK9Sq3VP1fCrjCVLX4MfSaKRvQ7JlBnx7rhtbRtktMcd2J3Wi01Kp4BaPZE/s1280/AzureAD+TLS+deprecation+V1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="720" data-original-width="1280" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT1mBUa_VfWjCY4rtvnflFh6jsr7NW5y4y3ZW9v9TYSt607vzfibjy5iHpIUEdbtzuI2T8E5cUi6nMG1GlxK9Sq3VP1fCrjCVLX4MfSaKRvQ7JlBnx7rhtbRtktMcd2J3Wi01Kp4BaPZE/w640-h360/AzureAD+TLS+deprecation+V1.jpg" width="640" /></a></div><span style="font-family: verdana;">The MS cloud application catalog is reporting already more than 2.700 apps from the 17.000 apps not supporting TLS 1.0 or TLS 1.1. </span><span style="font-family: verdana;">If Azure AD is used for authentication for one of the affected apps they </span><b style="font-family: verdana;">may fail after June 30th 2021!</b><p></p><p><span style="font-family: verdana;">Also old on-premises stuff will fail when used in combination with Azure Active Directory e.g. but not limited to: </span></p><p></p><ul style="text-align: left;"><li><span style="font-family: verdana;">Use of outdated operating systems (Windows 7 / Window 8 without "extension", Servers older as Windows Server 2012 R2</span></li><li><span style="font-family: verdana;">Use of outdated browsers (used for app compat reasons)</span></li><li><span style="font-family: verdana;">New AzureAD device registration on older OSes</span></li><li><span style="font-family: verdana;">Older Versions of Azure AD connect, PTA agents oder AppProxy connectors</span></li><li><span style="font-family: verdana;">MFA extensions on ADFS servers with older OSes</span></li><li><span style="font-family: verdana;">NPS extensions for Azure MFA on older OSes</span></li><li><span style="font-family: verdana;">Azure AD integrated applications and PowerShell scripts based on older .Net Framework version not configure for use of TLS 1.2</span></li><li><span style="font-family: verdana;">Software as a Service (SaaS) applications or other Line of Business applications hosted on platforms without TLS 1.2 support</span></li><li><span style="font-family: verdana;">Webproxy with SSL inspection which are not supporting TLS 1.2</span></li></ul><div><span style="font-family: verdana;">This list may not be complete but should show the full impact on this!</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">How you can solve this issue in certain scenarios you find here more information's:</span></div><div><span style="font-family: verdana;"><br /></span></div><div><a href="https://docs.microsoft.com/en-us/troubleshoot/azure/active-directory/enable-support-tls-environment"><span style="font-family: verdana;">Enable support for TLS 1.2 in your environment, in preparation for upcoming Azure AD TLS 1.0/1.1 deprecation - Active Directory | Microsoft Docs</span></a></div><div><br /></div><div><br /></div><div><span style="font-family: verdana;">You can do some testing on this also on: <a href="https://www.ssllabs.com/ssltest/">https://www.ssllabs.com/ssltest/</a></span></div><div><span style="font-family: verdana;">(Please keep in mind that more than one URL might be involved in an authentication process!)</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">If you have Microsoft's Cloud App Security you find with this advanced filter all the affected software!</span></div><div><span style="font-family: verdana;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKFHI8t7E0LlnaChhLGO7Kj1nMQCXkHHCGECX0y98AkDjUBTyPUQqZ4nlL9xJV7I9pM_gxjHZJwzT5X9oLaWy5ZUMqpCA0KOZd7J4jzchyphenhyphenBx75yOv36rQGWa7wJSTASTZYJbXGYg3IM40/s1247/CloudAppSecurityTLSreport.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: verdana;"><img border="0" data-original-height="700" data-original-width="1247" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKFHI8t7E0LlnaChhLGO7Kj1nMQCXkHHCGECX0y98AkDjUBTyPUQqZ4nlL9xJV7I9pM_gxjHZJwzT5X9oLaWy5ZUMqpCA0KOZd7J4jzchyphenhyphenBx75yOv36rQGWa7wJSTASTZYJbXGYg3IM40/w640-h360/CloudAppSecurityTLSreport.png" width="640" /></span></a></div><span style="font-family: verdana;"><br /></span><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">And last but not least you can find for all authentications on your tenant a report showing outdated authentications. How reliable this report is, judge on your self in your environment. We found still some strange reports.<br /><br />TLS deprecation report (every 2 days you see a new one. You only see the last 3 reports!)<br /><a href="https://servicetrust.microsoft.com/AdminPage/TlsDeprecationReport/Download">https://servicetrust.microsoft.com/AdminPage/TlsDeprecationReport/Download</a></span></div><div><br /></div><p></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-68363294683444454782021-01-20T13:02:00.004+01:002021-01-20T13:02:58.582+01:00PSexec failing with no process on the other end of the pipe<p><span style="font-family: verdana;">Recently we had a new strange issue with current Windows versions and PSExec.</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi72u4nPs5wMJGg8kDUB6q2KJEa6-Gz1x5IQMbi93r1Ju0naZTHLEiz_asyt0TwupftxPWg0lRCK-T-ad7cytIhefpr6NKDn69TvGqAn89Dm0lj7qFmllY6Xd2Sqok7AJm0_VTVX4lTLBA/s1280/blog_fixing_computer-2851285_1280.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1033" data-original-width="1280" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi72u4nPs5wMJGg8kDUB6q2KJEa6-Gz1x5IQMbi93r1Ju0naZTHLEiz_asyt0TwupftxPWg0lRCK-T-ad7cytIhefpr6NKDn69TvGqAn89Dm0lj7qFmllY6Xd2Sqok7AJm0_VTVX4lTLBA/s320/blog_fixing_computer-2851285_1280.png" width="320" /></a></div><br /><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">If you execute something like PSExec -s -i cmd.exe <br /></span><span style="font-family: verdana;"><br />which is creating a CMD under local system context you may receive an error like this</span></p><div style="box-sizing: border-box;"><span style="font-family: courier;">Error communicating with PsExec service on [MACHINE_NAME]:<br />
No process is on the other end of the pipe.</span></div><div style="box-sizing: border-box;"><span style="font-family: verdana;"><br /></span></div><div style="box-sizing: border-box;"><span style="font-family: verdana;">Solution: Simply update PsExec to the latest version!<br />Minimum here is 2.32!</span></div><div style="box-sizing: border-box; font-size: 14px;"><span style="font-family: courier;"><br /></span></div><div style="box-sizing: border-box; font-size: 14px;"><a href="https://docs.microsoft.com/en-us/sysinternals/downloads/psexec" target="_blank"><span style="font-family: verdana;">https://docs.microsoft.com/en-us/sysinternals/downloads/psexec</span></a><br /></div>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-54202104397523218692021-01-11T14:31:00.002+01:002021-01-11T14:38:00.338+01:00Surface device - driver and firmware support lifecycle<p><span style="font-family: verdana;">Recently a friend ask me for an updated driver for an issue with an older device in the surface family. So I thougth it would be a good idea first to check if the device is still supported. As we have the row of devices now for a couple years.</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDcoOQbyNaipevw3iXKXooGYpSR3G2mlMTDuJe77xX3vOVrNQ_rD5j72QsRo8bhFcv33OKOwrHoDLiop3TpGML6_u1cTyyvC4WveC2j3tjjKVo98ow-ckPotV5q7Bj9ZdO4zqKrrPBmYA/s1280/blog_hourglass-23654_1280.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1280" data-original-width="762" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDcoOQbyNaipevw3iXKXooGYpSR3G2mlMTDuJe77xX3vOVrNQ_rD5j72QsRo8bhFcv33OKOwrHoDLiop3TpGML6_u1cTyyvC4WveC2j3tjjKVo98ow-ckPotV5q7Bj9ZdO4zqKrrPBmYA/s320/blog_hourglass-23654_1280.png" /></a></div><br /><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">The good news were the devices up to Surface 3 are still under "firmware and driver" support. So in this case I could open a case for this driver issue and still believe it may be served. Actually its not a guarantee that PG agrees with my issue and will fix it. But there is some how a legal basis for it according to their own support policies.</span></p><p><span style="font-family: verdana;">Checkout here the list!</span></p><div class="table-scroll-wrapper" style="background-color: white; box-sizing: inherit; color: #171717; font-family: "Segoe UI", SegoeUI, "Helvetica Neue", Helvetica, Arial, sans-serif; font-size: 16px; outline-color: inherit; overflow: auto hidden;"><table class="table" style="border-collapse: collapse; border-spacing: 0px; box-sizing: inherit; font-size: 0.875rem; outline-color: inherit; table-layout: auto; width: 913.636px;"><thead style="box-sizing: inherit; outline-color: inherit;"><tr style="box-sizing: inherit; outline-color: inherit;"><th style="border-bottom-style: initial; border-color: initial; border-left-style: solid; border-right-style: solid; border-top-style: initial; border-width: 0px 0px 1px; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; text-align: left; vertical-align: top;">Device</th><th style="border-bottom-style: initial; border-color: initial; border-left-style: solid; border-right-style: solid; border-top-style: initial; border-width: 0px 0px 1px; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; text-align: left; vertical-align: top;">Release Date</th><th style="border-bottom-style: initial; border-color: initial; border-left-style: solid; border-right-style: solid; border-top-style: initial; border-width: 0px 0px 1px; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; text-align: left; vertical-align: top;">End of Servicing Date</th></tr></thead><tbody style="box-sizing: inherit; outline-color: inherit;"><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface RT<span style="box-sizing: inherit; font-size: 10.5px; line-height: 0; outline-color: inherit; position: relative; top: -0.5em; vertical-align: baseline;">1</span></td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 26, 2012</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">April 11, 2017</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro<span style="box-sizing: inherit; font-size: 10.5px; line-height: 0; outline-color: inherit; position: relative; top: -0.5em; vertical-align: baseline;">1</span></td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">February 9, 2013</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">April 11, 2017</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface 2<span style="box-sizing: inherit; font-size: 10.5px; line-height: 0; outline-color: inherit; position: relative; top: -0.5em; vertical-align: baseline;">1</span></td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 22, 2013</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">April 10, 2018</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro 2<span style="box-sizing: inherit; font-size: 10.5px; line-height: 0; outline-color: inherit; position: relative; top: -0.5em; vertical-align: baseline;">1</span></td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 22, 2013</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">April 10, 2018</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro 3</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">June 20, 2014</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 13, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface 3</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">May 5, 2015</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 13, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Book</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 26, 2015</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 13, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro 4</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 26, 2015</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 13, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Book with Performance Base</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 10, 2016</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 13, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Studio (1st gen)</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">December 15, 2016</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 13, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Laptop (1st gen)</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">June 14, 2017</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 13, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro (5th gen)</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">June 15, 2017</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 13, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Book 2</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 17, 2017</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 17, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro LTE (Model 1807)</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">December 1, 2017</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">December 1, 2021</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Go</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">August 2, 2018</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">August 2, 2022</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Studio 2</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 2, 2018</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 2, 2022</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Laptop 2</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 16, 2018</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 16, 2022</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro 6</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 16, 2018</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 16, 2022</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Go with LTE Advanced</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 20, 2018</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 20, 2022</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Laptop 3</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 22, 2019</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 22, 2023</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro 7</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 22, 2019</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 22, 2023</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro X</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 5, 2019</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">November 5, 2023</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Go 2</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">May 6, 2020</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">May 6, 2024</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Book 3</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">May 26, 2020</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">May 26, 2024</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Pro X SQ2</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 13, 2020</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 13, 2024</td></tr><tr style="box-sizing: inherit; outline-color: inherit;"><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">Surface Laptop Go</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 13, 2020</td><td style="border-bottom: 0px solid; border-left: 0px solid; border-right: 0px solid; border-top-style: solid; box-sizing: inherit; line-height: 1.5; outline-color: inherit; overflow-wrap: break-word; padding: 0.75rem 1rem; vertical-align: top;">October 13, 2024</td></tr></tbody></table></div><p style="background-color: white; box-sizing: inherit; color: #171717; font-family: "Segoe UI", SegoeUI, "Helvetica Neue", Helvetica, Arial, sans-serif; font-size: 16px; margin: 1rem 0px 0px; outline-color: inherit; overflow-wrap: break-word; padding: 0px;"><span style="box-sizing: inherit; font-weight: 600; outline-color: inherit;">1.</span> <em style="box-sizing: inherit; outline-color: inherit;">Indicates devices with a previously declared end of firmware/driver servicing support date.</em></p><p><br /></p><p><span style="font-family: verdana;">More details especially also the differentiation on device support and OS version support you will find here: <a href="https://docs.microsoft.com/en-us/surface/surface-driver-firmware-lifecycle-support" target="_blank">https://docs.microsoft.com/en-us/surface/surface-driver-firmware-lifecycle-support</a></span></p><p><br /></p><p><span style="font-family: verdana;">To dig deeper its also very helpful to checkout the surface update history which is found here: <a href="https://support.microsoft.com/en-us/help/4036283">https://support.microsoft.com/en-us/help/4036283</a></span><br /></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-11557392865504099202020-12-05T14:20:00.003+01:002020-12-05T14:23:14.472+01:00Why a former open source fan trusts in Microsoft and their secure data handling<p><span style="font-family: verdana;">In the beginning of my IT "career" in mid-80's I was a open source fan and had bad prejudices against Microsoft. For me this was a huge "bad" US corporation and in these days it sounded also bad to pay money for software. Especially for kids having just their small pocket money. So illegal software copies were very widespread. Also people did not understand the concept of intellectual property in software these days. May be also as it was just too easy to make a simple copy of a program. Nobody was missing something (like it was physically stolen) as you made a copy out of "nothing".</span></p><p><span style="font-family: verdana;">Later on I was working as CAD administrator in my first job. There we also had Unix systems (Silicon Graphics IRIX, IBM AIX and still the evil Windows 3.1/3.11). Followed in my next job as 2nd level supporter for a SIEMENS affiliate company we used SCO Unix and Linux together with the (still evil) Windows 95/ NT 4.0. I loved Linux for the open source concept. Making things available for all for free.</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggF4kdWgwOY7j_PyzkavPxcAknv35SNU8GGkm7f6oXQGlBUFhZWAdFr0n1k_NYQfIseXLIEiRTsslUoDy0YEKD5HCIhI662x2VOANGnfvBgxyT5_oi3ZKaPcQ_oNUB7m6DAnXQ5PyI6VI/s1920/security-5199239_1920.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1280" data-original-width="1920" height="426" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggF4kdWgwOY7j_PyzkavPxcAknv35SNU8GGkm7f6oXQGlBUFhZWAdFr0n1k_NYQfIseXLIEiRTsslUoDy0YEKD5HCIhI662x2VOANGnfvBgxyT5_oi3ZKaPcQ_oNUB7m6DAnXQ5PyI6VI/w640-h426/security-5199239_1920.jpg" width="640" /></a></div><br /><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">But one day in my IT career a consulting company offered me a job to work as vendor lab engineer for (the big evil) Microsoft Corporation near Munich (Unterschleissheim). It took a while to think about it. I had so many (pre-)judices against them. But I realized I need to find out myself if I was right or wrong!</span></p><p><span style="font-family: verdana;">Until then I only got in contact with some Microsoft sales men and in these days these guys were very snobbish. At least it felt like snobbish. But I was willing to give it a chance and may be correct myself.</span></p><p><span style="font-family: verdana;">After a few weeks I realized the big difference between my thoughts and the reality. The tech guys there were as cool as the open source guys. Same techy mindset and all very open and friendly. But there was also this other difference which I understood better by then. Microsoft's techies realized they have to pay their bills at the end of each month for their houses, cars etc. So there was really a a very good justification for paying money for software. Actually this also paid my own bills :-$</span></p><p><span style="font-family: verdana;">So this was my personal conversion from a Linux open source minded "Saul" to a Microsoft/Windows minded "Paul"!</span></p><p><span style="font-family: verdana;">But when it comes to data protection (which is the origin topic of this article) then there is even a different story to tell. And why I absolutely trust in Microsoft's data handling way more than all others. I was one of the "victims" of this data handling. Victim in the sense as I learned on my own hands what does this really means to them!</span></p><p><span style="font-family: verdana;">Many people argue that Microsoft is making money with customers data. As far as I observed this is absolutely not true! Even the opposite is true!</span></p><p><span style="font-family: verdana;">First of all you have to think about different companies and their business models. Many of the "I-give- it-for-free" companies like Google, Facebook, Twitter (just to name a few more prominent) have a business model based on data. </span></p><p><span style="font-family: verdana;">Rule of thumb is: "Whenever you do not pay for a product - YOU are the product."</span></p><p><span style="font-family: verdana;">Actually this is not bad and also very popular. Most people still like stuff they have not to pay for. But you need to make yourself aware that your personal usage pattern is used for marketing and advertisement purposes. So Google, Facebook and Co. doing their business based on advertisement.</span></p><p><span style="font-family: verdana;">If you use their services you need to accept that! And believe it or not I still use Google for searching.<br /><br />Whenever you are a data protection officer arguing against Microsoft regarding data handling (obviously without knowing it better) then you also need to be consequent and stop using Google for search in your company!</span></p><p><span style="font-family: verdana;">Microsoft's business model is different. You actually pay for the services. The free stuff there is normally "just" to bind people to the paid stuff. Actually I myself use Office365 Home (for me and my family) and pay for it. I get all the cool new stuff and lots of services for a little price. So I do not care anymore. This meaning they make money with software & services not originally with data (only).</span></p><p><span style="font-family: verdana;">To be fair they are also getting usage data to help them making better advertisement to you (when it comes to Microsoft services) but they do not sell this data. </span></p><p><span style="font-family: verdana;">To check this out in detail check it here in <a href="https://privacy.microsoft.com/en-us/privacystatement" target="_blank">English </a>or <a href="https://privacy.microsoft.com/de-de/privacystatement" target="_blank">German </a>(Microsoft Privacy statement).</span></p><p><span style="font-family: verdana;">Even Google states that they do not sell your data. They just create advertisement based on your behavior on their platform (or platform "legs" on other websites (with embedded google advertisement frames)) as stated <a href="https://safety.google/privacy/ads-and-data/">here</a>. As I was not working there I can not judge on this seriously!</span></p><p><span style="font-family: verdana;">Now lets come to Microsoft's internal data handling behavior. And this was even done by myself as how I was instructed to do:</span></p><p></p><ol style="text-align: left;"><li><span style="font-family: verdana;">Whenever a customer went into our lab with some sort of personal data we refused it.</span></li><li><span style="font-family: verdana;">If it was necessary we only allowed at least <a href="https://en.wikipedia.org/wiki/Pseudonymization" target="_blank">pseudonymized data</a>.</span></li><ol><li><span style="font-family: verdana;">Then the data need to reside on dedicated systems <br />(hardware or VMs on dedicated hardware)</span></li><li><span style="font-family: verdana;">Not connected to any IP network</span></li><li><span style="font-family: verdana;">Accessible only by <a href="https://en.wikipedia.org/wiki/KVM_switch" target="_blank">KVM switch</a> (just keyboard, video, mouse extension, no data transmission)</span></li><li><span style="font-family: verdana;">KVM switch only accessible via dedicated VPN into our internal lab network and only from Microsoft corporate network</span></li><li><span style="font-family: verdana;">Data deleted with DoD wipe process (<a href="https://web.archive.org/web/20090612060432/http://www.dtic.mil/whs/directives/corres/pdf/522022mchaps.pdf" target="_blank">DOD 5220.22-M</a>) afterwards with 5 times writing "trash" on the whole hard disk (certified)</span></li></ol></ol><div><span style="font-family: verdana;">Actually we "feared" real customer / personal data in our lab environment as we had to take it very serious which introduced also a lot of extra work for us!</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">In my life I have seen many companies handling with data. But none of them was by far so strict as Microsoft is. And in days of GDPR Microsoft take it even more serious. They have today literally a dozen different personal data classifications and different handling instructions.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Also in terms of layered security (starting with access, process data, store data and even data disposal) Microsoft is really THE ultimate model student). And less they can not accept.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Just think of their <a href="https://www.microsoft.com/en-us/msrc/cdoc" target="_blank">cyber defense operation center (CDOC)</a> which takes care of all Microsoft's assets on premise an in the clouds (public and private). Or the <a href="https://news.microsoft.com/uploads/2018/02/dcuFS_170106.pdf">Microsoft Digital Crime Unit (DCU)</a>. They are helping to make the world actively safer every day. Just <a href="https://news.microsoft.com/on-the-issues/topic/cybersecurity/">checkout their current reports.</a><br /></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">This is why I absolutely trust in security & secure data handling at Microsoft. They do much more then even my bank does (and I had a IT project with my own bank as well many years ago!)</span></div><p></p><p><span> </span><br /></p><p><br /></p><p><br /></p><p><br /></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-7694656125185093992020-11-25T08:33:00.008+01:002020-12-18T13:02:09.453+01:00Schrems-II OR the myth of data security outside of US companies like MS<p><span style="font-family: verdana;">UPDATED 18.12.2020 (Added 7. Dagger Complex)</span></p><p><span style="font-family: verdana;">Today its time to sort out some important things on cybersecurity & the Schrems II myth on "data is secure when it is not anymore in reach of NSA or US based companies forced by NSL (National Security Letters)" which would include Microsoft with its Cloud offerings (as its headquarter is based in Seattle Washington (State)) as well as Google, Facebook or Amazon.</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9XiyAkkYicBYIQqo9XxcpDmbbCMzt6Mqi9_nmsGTr67Ho5AizLrjC8v24vRigXzyLmuw3nGPDfL-UP8mzo-OfJ_TZ4eriMqH-bEtV1rD-PklKx-8PPolrD_PzClyNePO4hYBQq1ZlY-Y/s1920/shield-707801.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1920" data-original-width="1920" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9XiyAkkYicBYIQqo9XxcpDmbbCMzt6Mqi9_nmsGTr67Ho5AizLrjC8v24vRigXzyLmuw3nGPDfL-UP8mzo-OfJ_TZ4eriMqH-bEtV1rD-PklKx-8PPolrD_PzClyNePO4hYBQq1ZlY-Y/w400-h400/shield-707801.png" width="400" /></a></div><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">The very short story: When it comes to cyber security and cyber protection there are multiple players. From some you can protect yourself (even with MS security tools and the Microsoft Security Graph and its relying toolset which is still unbeaten in this area). These include typical hackers. </span></p><p><span style="font-family: verdana;">And others you simply can't protect yourself as they operate on a complete different level which includes NSA and probably also MOSSAD / SHIN BET (during my time in Israel I learned some former Israel militaries (e.g. Unit 8200) they are now working in cyber security. Did you ever thought why most of the cyber security startups coming from Israel? Its caused by their military as they are forced to be specialists on this while surrounded by their enemies). If you are more interested in this - here is a great article from <a href="https://www.jpost.com/jpost-tech/the-dark-side-of-israeli-cybersecurity-firms-637933" target="_blank">Jerusalem Post</a></span></p><p><br /></p><p><span style="font-family: verdana;">Now lets come to the really long story (Hopefully you have time. Its worth I think but grab a coffee! After the legal part it becomes better than James Bond!)</span></p><p><span style="font-family: verdana;">But first lets us sort out some things and be open.</span></p><p><span style="font-family: verdana;">1. Lets come first to Mr. <a href="https://en.wikipedia.org/wiki/Max_Schrems" target="_blank">Max Schrems</a>. He is an austrian lawyer, author and data protection activist. I do not want to judge on his motives and if he is a US or MS hater or not who knows.</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0JxHjJkzPldJaiUK8oVwnpNlZwGsZgwWH78Ms6J0urQCCXGY5begoGHaHucOQWboj0A7ZnIcsDZ5jEyzG3B6_DGH3pwAMyiW7R_crr_Bic2h4Bg2KR-NTc2esBoF_1dEyEx0NJiS-fpg/s1920/europe-3083111_1920.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1275" data-original-width="1920" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0JxHjJkzPldJaiUK8oVwnpNlZwGsZgwWH78Ms6J0urQCCXGY5begoGHaHucOQWboj0A7ZnIcsDZ5jEyzG3B6_DGH3pwAMyiW7R_crr_Bic2h4Bg2KR-NTc2esBoF_1dEyEx0NJiS-fpg/s320/europe-3083111_1920.png" width="320" /></a></div><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">2. Now lets come the the current Schrems II court rule. Originally as answer of the Schrems I court rule the EU Privacy Shield was created. This was falling last summer.</span></p><p><span style="font-family: verdana;">"The CJEU ruled that the Privacy Shield does not provide adequate protection, and invalidated the agreement. The court also ruled that European data protection authorities must stop transfers of personal data made under the standard contractual clauses by companies, like Facebook, subject to overbroad surveillance. This decision has significant implications for U.S. Companies and for the U.S. Congress because it calls into question the adequacy of privacy protection in the United States." ( <a href="https://epic.org/privacy/intl/dpc-v-facebook/cjeu/RELEASE-EPIC-CJEU-July2020.pdf" target="_blank">epic.org Press Release</a>)</span></p><p><span style="font-family: verdana;">Microsoft created a smart solution for this until (slower) law rulers in the EU and the US will sort out these things in another legal way.</span></p><p><span style="font-family: verdana;">a. the Microsoft cloud is acting under EU standard clauses which are independent of the EU Privacy Shield.</span></p><p><span style="font-family: verdana;">b. the very long story on this and how it relates to Microsoft365 in this <a href="https://www.rakoellner.de/2020/07/folgen-des-schrems2-beschlusses-des-eugh-fuer-microsoft-365/">blog post</a> (from data protection lawyer Koellner (sorry its in German especially as this relates very much to Germans as we are taking everything very serious. What is a joke? I don't know Jokes. I am a German :-D)</span></p><p><span style="font-family: verdana;">c. Latest <a href="https://blogs.microsoft.com/on-the-issues/2020/11/19/defending-your-data-edpb-gdpr/">MS answer on</a> this by Julie Brill (Corp VP for Privacy and Chief Privacy Officer at MS 11/19/2020) including financial commitment. I think this is up to now still a good reason to stick with the Microsoft Cloud.</span></p><p><span style="font-family: verdana;">Ok for now I think we can stop this legal discussion and come to the real beef!</span></p><p><span style="font-family: verdana;"><br /></span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHJbyokV9dKJQXwWWgiEz8z2pqzYyHNBD1dHJynhFe3B-nMFo75O9P_Z9c3i9knHs7pY55bc51QddaoRIyfFXxMB2X9Ic_5zHissqfh-UilaH2oN_zhAlKTiEQUW_53VILUzi04e03vuI/s1920/binary-2372130_1920.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1280" data-original-width="1920" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHJbyokV9dKJQXwWWgiEz8z2pqzYyHNBD1dHJynhFe3B-nMFo75O9P_Z9c3i9knHs7pY55bc51QddaoRIyfFXxMB2X9Ic_5zHissqfh-UilaH2oN_zhAlKTiEQUW_53VILUzi04e03vuI/s320/binary-2372130_1920.jpg" width="320" /></a></div><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">3. Lets talk first about the <a href="https://en.wikipedia.org/wiki/Global_surveillance">NSAs global surveilance capabilities</a>. The capabilities they had some years ago were revealed by the <a href="https://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa-files-surveillance-revelations-decoded" target="_blank">Snowden leak</a>. And this is what is known (un-)officially. As this leak has passed 7 years for now; don't think they did not improved their systems.</span></p><p><span style="font-family: verdana;">We always talk about legal access to data in a central datacenter and we need to protect this. You are absolutely wrong! From a legal (only) perspective you are wright but not in the NSA case. </span></p><p><span style="font-family: verdana;">If they had not (yet) direct access on the data in an US companies datacenter somewhere on earth. The data will be transmitted from or to your computer. And this is the real crown jewel. Then they have everything. Your data, access to your mic and your camera and everything that's going on on your screen. </span></p><p><span style="font-family: verdana;">The toolset they have is utilizing lots of still unknown Zero day exploits in an very automated manner. They point to an IP and finally that's it. Game over (for you). </span></p><p><span style="font-family: verdana;">And don't think "my virus scanner" is saving me. Often they cant as 50% of attacks are ongoing "in memory only" so the AV scanner does not see anything. </span></p><p><span style="font-family: verdana;">Microsoft developed Advanced Threat Protection (Microsoft ATP; now called Microsoft Defender for Endpoints) to cover also this sort of attacks. </span></p><p><span style="font-family: verdana;">Another serious and very hard to handle attack vector are firmware attacks. As this is done on a hardware layer no software can see or control it. Just imagine a hacked network adapters firmware. Everything is done and manipulated on the last piece before the bytes hit the wire!</span></p><p><span style="font-family: verdana;"><br /></span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs45Py0nKLBecg7NyLXO67QYj7p003s4GXOoZ94tlj0W-uTlwSRpdqhGYjgLfZpjBD9VUQKy63mg3pujupx-Y9d9r-BMl8q7x_lD-0Tnm1yeUNUdps1jPAv39tMYceGxjhAGBtKmLHpiE/s1920/cyber-security-3400657_1920.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1152" data-original-width="1920" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs45Py0nKLBecg7NyLXO67QYj7p003s4GXOoZ94tlj0W-uTlwSRpdqhGYjgLfZpjBD9VUQKy63mg3pujupx-Y9d9r-BMl8q7x_lD-0Tnm1yeUNUdps1jPAv39tMYceGxjhAGBtKmLHpiE/s320/cyber-security-3400657_1920.jpg" width="320" /></a></div><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">4. Now lets talk about encryption. We believe (oh yeah) we use the latest and greatest encryption. (And I don't talk right now about quantum computing which is another huge threat just around the corner. I will cover this in another blog post). </span></p><p><span style="font-family: verdana;">When you do some research on this you will come across <a href="https://csrc.nist.gov/CSRC/media/Events/ISPAB-MARCH-2006-MEETING/documents/E_Barker-March2006-ISPAB.pdf">NSA encryption suite B</a> (WARNING NIST official website!) (now replaced by <a href="https://apps.nsa.gov/iaarchive/programs/iad-initiatives/cnsa-suite.cfm">Commercial National Security Algorithm Suite CNSA</a>) (WARNING NSA official website!)</span></p><p><span style="font-family: verdana;">Hmm lets think a moment! When there is a Suite B (officially known encryption algorithms) isn't there also a Suite A and when does NSA advice to use which one?<br /><br /></span></p><p><span style="font-family: verdana;">First of all. There is also a Suite A. While Suite B is using lots of algorithms you already know very well like AES (Advanced Encryption Standard) there are also others you may never heard of in Suite A. So fancy names like ACCORDION, BATON, FIREFLY, JOSEKI, KEESEE, MAYFLY, MEDLEY, SAVILLE, SHILLELAGH, WALBURN or WEASEL.</span></p><p><span style="font-family: verdana;">Ok when to use which one (according to <a href="https://www.dni.gov/files/NCSC/documents/nittf/CNSSI-4009_National_Information_Assurance.pdf">official CNSSI 4009 National Information Assurance</a> term definitions)</span></p><p><span style="font-family: verdana;"><i>"Suite A:<br />A specific set of <b>classified cryptographic algorithms</b> used for the protection of <b>some categories of restricted mission critical information.</b></i></span></p><p><span style="font-family: verdana;"><i>Suite B:<br />A specific set of cryptographic algorithms suitable for <b>protecting both classified and unclassified </b>national security systems and information <b>throughout the US government and to support interoperability with allies and coalition partners."</b></i></span></p><p><span style="font-family: verdana;">Translated: When Suite B is not safe enough US government will use Suite A for the real sensitive stuff.</span></p><p><span style="font-family: verdana;">Wait a moment there is something which come into my (history) mind. When did the US government released officially SSL encryption in browsers with 128 bit encryption end of 1990's ? They <a href="https://blog.cryptographyengineering.com/2013/12/03/how-does-nsa-break-ssl/">started to release when they were able to break it!</a></span></p><p><span style="font-family: verdana;">Translated: We give others only encryption stuff when we are able to break it by ourselves.</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEib6eThdfRqH9f2M2GPJWuoBMg3llJFr-CsXPqTMihpU4mQoeTDxDqOEb4R4qVSkAkpfd2zVzL7fkU2LwcwSP7W3VbfvKYTkGlr_0y-UmJ-F9ge_pN2EZleAL8619l4pWuIK8im6YVj3KY/s1920/james-bond-1015612_1920.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1920" data-original-width="1920" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEib6eThdfRqH9f2M2GPJWuoBMg3llJFr-CsXPqTMihpU4mQoeTDxDqOEb4R4qVSkAkpfd2zVzL7fkU2LwcwSP7W3VbfvKYTkGlr_0y-UmJ-F9ge_pN2EZleAL8619l4pWuIK8im6YVj3KY/s320/james-bond-1015612_1920.jpg" /></a></div><br /><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">5. And now lets come to the greatest coup CIA did ever (still cant stop laughing on it how bold they were). Its the case of Crypto AG also known as "Operation Rubikon". </span><b style="font-family: verdana;"><u>And that's actually why you are not even safe in Germany with German vendors!</u></b></p><p><span style="font-family: verdana;">But for a better understanding a short lesson on <b>sigint</b> (signal intelligence) history. The so-called 5-Eyes (US, UK, Canada, Australia, New Zealand) operating the global surveillance network. </span></p><p><span style="font-family: verdana;">The German BND (Bundesnachrichtendienst / the German version of CIA) had it's roots from <a href="https://en.wikipedia.org/wiki/Gehlen_Organization" target="_blank">Organization Gehlen </a> the successor of the German military intelligence in 2nd world war. After the war lots of these guys were recruited again for Gehlen Org which become later the BND and had already in its early years very strong connection to the CIA. Also caused due to the cold war. So lets say BND is a very good buddy of CIA and NSA. Just read the book "Bedingt dienstbereit: Im Herzen des BND" (from the former BND agents Norbert Juretzko and Wilhelm Dietl, sorry its in german only)</span></p><p><span style="font-family: verdana;">And believe it or not many countries and militaries in the good old time thought hey its a bad idea to buy encryption stuff from US companies. They might have embedded backdoors. Lets go better to guys they have a strong "security" reputation in any way. And that's Switzerland. They are absolutely neutral to anybody (What they state. If they are really I don't know).</span></p><p><span style="font-family: verdana;">Lets look for a swiss company to get really trustworthy and reliable encryption devices for real safe communications to prevent any espionage on our communication and data.</span></p><p><span style="font-family: verdana;">CIA also realized this behavior. And they feared to loose control. Hmm what to do? This was the birth of "Operation Rubikon" and it lasts for 5 decades until 2018!</span></p><p><span style="font-family: verdana;">Here the story (directly form <a href="https://en.wikipedia.org/wiki/Crypto_AG">Wikipedia</a>. I couldnt write it better):<br /><i>"Crypto AG was a Swiss company specialising in communications and information security. It was secretly jointly owned by the American Central Intelligence Agency (CIA) and West German Federal Intelligence Service (BND) from 1970 until about 1993, with the CIA continuing as sole owner until about 2018. With headquarters in Steinhausen, the company was a long-established manufacturer of encryption machines and a wide variety of cipher devices. </i></span></p><p><span style="font-family: verdana;"><i>The company had about 230 employees, had offices in Abidjan, Abu Dhabi, Buenos Aires, Kuala Lumpur, Muscat, Selsdon and Steinhausen, and did business throughout the world. The owners of Crypto AG were unknown, supposedly even to the managers of the firm, and they held their ownership through bearer shares. </i></span></p><p><span style="font-family: verdana;"><i>The company has been criticised for selling backdoored products to benefit the American, British and German national signals intelligence agencies, the National Security Agency (NSA), the Government Communications Headquarters (GCHQ), and the BND, respectively. On 11 February 2020, The Washington Post, ZDF and SRF revealed that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence, and the spy agencies could easily break the codes used to send encrypted messages. The operation was known first by the code name "Thesaurus" and later "Rubicon". According to a Swiss parliamentary investigation, "Swiss intelligence service were aware of and benefited from the Zug-based firm Crypto AG’s involvement in the US-led spying"."</i></span></p><p><span style="font-family: verdana;">6. And believe it our not it's getting even better. The <a href="https://netzpolitik.org/2020/bnd-gesetz-ausspaehen-unter-freunden-wird-legalisiert-und-ausgeweitet/">new BND law is legalizing </a></span><span style="font-family: verdana;">global data gathering</span><span style="font-family: verdana;"> (sorry its in German and also valid for other countries worldwide) the. Even into an amount of data the BND could probably not handle (initially "limited" to max 50% of all global communication). Just to give them a kind of limit. We do not want to have them off limits. :-D</span></p><p><span style="font-family: verdana;">7. Since the end of 2nd World War the US intelligence community had a couple SIGINT stations in Germany. For example checkout the story behind the Dagger Complex in Darmstadt (which soon is moved to Wiesbaden). Checkout the <a href="https://en.wikipedia.org/wiki/Dagger_Complex">Wiki article</a>.</span></p><p><span style="font-family: verdana;"><u>Conclusion: Just thinking that you are a German company storing data in Germany with a German vendor does mean nothing! You are even not safe in your own premises. </u></span></p><p><span style="font-family: verdana;">Unless you put your computer in an independent bunker with own electricity and no internet connection your are definitely not safe in this world!</span></p><p><span style="font-family: verdana;">So my recommendation: Don't do anything unlawful and you are not interesting for them.</span></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-25794271468562463232020-10-01T18:49:00.003+02:002020-10-01T18:49:40.940+02:00Microsoft Security Report 2020 is out!<p><span style="font-family: verdana;">Recently MS news released the new Microsoft Security Report for 2020. The original press release text was in german only. But the report is in english.</span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeUhuVTeCRwVMrEGPdPV49ZsBlS43PhccaLVeVR0xtGdHGIHSbfiXDkNYMPgWXS4fuo69rdeKjMh8Abyuel50k91l_-4lrR0E6P_0rlnumePMrrOjI93pEXfo1bQHi55ZJrJMxhyl0h7w/s640/hacker-5481612_640.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="427" data-original-width="640" height="268" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeUhuVTeCRwVMrEGPdPV49ZsBlS43PhccaLVeVR0xtGdHGIHSbfiXDkNYMPgWXS4fuo69rdeKjMh8Abyuel50k91l_-4lrR0E6P_0rlnumePMrrOjI93pEXfo1bQHi55ZJrJMxhyl0h7w/w400-h268/hacker-5481612_640.jpg" width="400" /></a></div><p><span style="font-family: verdana;">The report shows the actual threat landscape. This year threats in relationship to Corona where very broadly used. Also nation state attacks and human driven threats as well. Also supply chain and IOT where at risk.</span></p><p><span style="font-family: verdana;">Get the full report here:<a href=" https://www.microsoft.com/en-us/download/confirmation.aspx?id=101738"> https://www.microsoft.com/en-us/download/confirmation.aspx?id=101738</a></span></p><p><br /></p><p><br /></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-10375703260817234382020-09-24T18:06:00.003+02:002020-09-24T18:08:22.096+02:00Microsoft Defender XDR<p><span style="font-family: verdana;">Upps they did it again. Another name change. But it make fully make sense! Microsoft Defender Advanced Threat Protection is becoming Microsoft Defender Endpoint Protection and much more! The whole thing is now Microsoft Defender XDR (eXtended Detection & Response)</span></p><p><span style="font-family: verdana;">Checkout this Microsoft Garage Video!</span></p><div class="separator" style="clear: both; text-align: center;"><span style="font-family: verdana;"><iframe allowfullscreen="" class="BLOG_video_class" height="344" src="https://www.youtube.com/embed/klGmsu3LK4M" width="470" youtube-src-id="klGmsu3LK4M"></iframe></span></div><span style="font-family: verdana;"><br /></span><p style="background-color: white; color: #080e14; margin: 0px 0px 21px; padding: 0px;"><span style="font-family: verdana;">The Microsoft 365 Defender line will include:</span></p><ul style="background-color: white; color: #080e14; margin: 0px 0px 21px; padding: 0px 0px 0px 30px;"><li style="list-style: disc; margin: 0px; padding: 0px;"><span style="font-family: verdana;">Microsoft 365 Defender (<em style="margin: 0px; padding: 0px;">previously Microsoft Threat Protection</em>)</span></li><li style="list-style: disc; margin: 0px; padding: 0px;"><span style="font-family: verdana;">Microsoft Defender for Endpoint (<em style="margin: 0px; padding: 0px;">previously Microsoft Defender Advanced Threat Protection</em>)</span></li><li style="list-style: disc; margin: 0px; padding: 0px;"><span style="font-family: verdana;">Microsoft Defender for Office 365 (<em style="margin: 0px; padding: 0px;">previously Office 365 Advanced Threat Protection</em>)</span></li><li style="list-style: disc; margin: 0px; padding: 0px;"><span style="font-family: verdana;">Microsoft Defender for Identity (<em style="margin: 0px; padding: 0px;">previously Azure Advanced Threat Protection</em>)</span></li></ul><p style="background-color: white; color: #080e14; margin: 0px 0px 21px; padding: 0px;"><span style="font-family: verdana;">Similarly, the Azure Defender line will include:</span></p><ul style="background-color: white; color: #080e14; margin: 0px 0px 21px; padding: 0px 0px 0px 30px;"><li style="list-style: disc; margin: 0px; padding: 0px;"><span style="font-family: verdana;">Azure Defender for Servers (<em style="margin: 0px; padding: 0px;">previously Azure Security Center Standard Edition</em>)</span></li><li style="list-style: disc; margin: 0px; padding: 0px;"><span style="font-family: verdana;">Azure Defender for IoT (<em style="margin: 0px; padding: 0px;">previously Azure Security Center for IoT</em>)</span></li><li style="list-style: disc; margin: 0px; padding: 0px;"><span style="font-family: verdana;">Azure Defender for SQL (<em style="margin: 0px; padding: 0px;">previously Advanced Threat Protection for SQL</em>)</span></li></ul>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-13936308127237377202020-09-24T17:15:00.006+02:002021-05-10T14:02:50.587+02:00Differences on Windows Versions Pro/Business/E3/E5<p><span style="font-family: verdana;"><i>UPDATE 2021-05-10 (Update Link to PDF)</i></span></p><p><span style="font-family: verdana;">Recently a customer asked me about the specific differences between Windows Defender and Microsoft Defender Advanced Threat Protection (aka MD ATP or its new name "Microsoft Defender for Endpoints")</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuKnJ8UzcunzZFcvgXW5gkQtCi7Wko-FX1heuxZF9en6MDNiI1X0do4dukG_o78yI8sXtKfPoEB58UqY8EhrQbK_Dh2U5YwvIi_ZsG3JNISrHfzS9WbpWeqiT4hsqqK0qNnIF6_rFtrMs/" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: verdana;"><img alt="" data-original-height="680" data-original-width="1036" height="420" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuKnJ8UzcunzZFcvgXW5gkQtCi7Wko-FX1heuxZF9en6MDNiI1X0do4dukG_o78yI8sXtKfPoEB58UqY8EhrQbK_Dh2U5YwvIi_ZsG3JNISrHfzS9WbpWeqiT4hsqqK0qNnIF6_rFtrMs/w640-h420/image.png" width="640" /></span></a></div><span style="font-family: verdana;"><br /></span><p></p><p><span style="font-family: verdana;">There is a great "Windows 10 commercial edition comparison" chart available which I want to share with you. Each feature is clickable and tells you more what MS is meaning with it!</span></p><p><span style="font-family: verdana;">Acutally the biggest differentiator is the security area. Standard security is pretty good so far even with Windows Defender (standalone). But the extra costs for E5 is bringing you cloud powered mega security facilitating the Microsoft Security Graph. So the extra bucks are running and operating the cloud facilities for you (hardware, power, cooling, people (3500 security researcher working for you day/night))</span></p><p><span style="font-family: verdana;">To see the full 8 pages version checkout here:<br /><a href="https://github.com/MicrosoftDocs/windows-itpro-docs/files/5363063/Windows10_CommercialEdition_Comparison.zip" target="_blank">https://github.com/MicrosoftDocs/windows-itpro-docs/files/5363063/Windows10_CommercialEdition_Comparison.zip</a><br /></span></p><p><span style="font-family: verdana;">Thanks to Simon for pointing me to this valuable ressource!</span></p>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-91065085971616631572020-08-06T15:57:00.001+02:002020-08-06T15:58:24.102+02:00How to change the number of days to revert to previous Windows Installation<span style="font-family: "verdana" , sans-serif;">Recently I got the question how to change the number of days for reverting Windows 10 to the previous Windows 10 version. Just in case e.g. your hardware or software is running into trouble. Default value is 10 days but this might be too less for strange issues comming up later.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgo9cPlkxhbg1h1Y5cxKd6mRKPbilarJu-egeucA1CX9Ptihqyjfy1aRn_89nCqmL5VfjkwD-8dcPDGpo4RlnBX0ww9OD13eDVydJTIlkvk9nhJPiRDJykkcWMQvjxvyvu3cRqJz-xhSTA/s1600/undo-97591_1280.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1226" data-original-width="1280" height="306" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgo9cPlkxhbg1h1Y5cxKd6mRKPbilarJu-egeucA1CX9Ptihqyjfy1aRn_89nCqmL5VfjkwD-8dcPDGpo4RlnBX0ww9OD13eDVydJTIlkvk9nhJPiRDJykkcWMQvjxvyvu3cRqJz-xhSTA/s320/undo-97591_1280.png" width="320" /></a></div>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<br />
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">In the web there are several ways to do it (like renaming
the .old Folder etc.)<o:p></o:p></span></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: "verdana" , sans-serif;">But the offical supported way is this one (problably set during
a task sequence)<o:p></o:p></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="mso-fareast-font-family: "Times New Roman";"><span style="font-family: "verdana" , sans-serif;">It
is actually a DISM command.<o:p></o:p></span></span></div>
<div class="MsoNormal">
<span style="mso-fareast-font-family: "Times New Roman";"><span style="font-family: "verdana" , sans-serif;"><br /></span></span></div>
<div class="MsoNormal">
<span style="background-color: white; color: #171717; font-family: "verdana" , sans-serif;"><b>/Set-OSUninstallWindow</b></span></div>
<div style="-webkit-text-stroke-width: 0px; background: white; box-sizing: inherit; font-variant-caps: normal; font-variant-ligatures: normal; margin: 1rem 0px 0px; orphans: 2; outline-color: inherit; overflow-wrap: break-word; text-align: start; text-decoration-color: initial; text-decoration-style: initial; widows: 2; word-spacing: 0px;">
<span style="color: #171717; font-size: 12pt;"><span style="font-family: "verdana" , sans-serif;">Run this command against an online image to set the number of
days after an upgrade that an uninstall can be initiated.<o:p></o:p></span></span></div>
<div style="-webkit-text-stroke-width: 0px; background: white; box-sizing: inherit; font-variant-caps: normal; font-variant-ligatures: normal; margin: 1rem 0px 0px; orphans: 2; outline-color: inherit; overflow-wrap: break-word; text-align: start; text-decoration-color: initial; text-decoration-style: initial; widows: 2; word-spacing: 0px;">
<span style="color: #171717; font-size: 12pt;"><span style="font-family: "verdana" , sans-serif;">Syntax:</span></span></div>
<div style="-webkit-text-stroke-width: 0px; background: white; box-sizing: inherit; font-variant-caps: normal; font-variant-ligatures: normal; margin: 1rem 0px 0px; orphans: 2; outline-color: inherit; overflow-wrap: break-word; text-align: start; text-decoration-color: initial; text-decoration-style: initial; widows: 2; word-spacing: 0px;">
<span style="background-color: transparent; color: var(--text); font-size: 0.875rem;"><span style="font-family: "courier new" , "courier" , monospace;"><b>DISM /Online /Set-OSUninstallWindow /Value:<days></b></span></span></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<span style="mso-ascii-font-family: Calibri; mso-bidi-font-family: Calibri; mso-hansi-font-family: Calibri;"><span style="font-family: "verdana" , sans-serif;">Default is set to 10 days. Can be set between
2 – 60 days.<o:p></o:p></span></span></div>
<div class="MsoNormal">
<br />
<span style="font-family: Verdana, sans-serif;">See also here:</span><br /><a href="https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/dism-uninstallos-command-line-options" style="font-family: verdana, sans-serif;">https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/dism-uninstallos-command-line-options</a></div>
<br />MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-578850706151700712020-07-14T10:56:00.000+02:002020-07-14T10:56:06.600+02:00How to become a crack in Microsoft Defender ATP<font face="verdana">Heike Ritter (Sr. PM of MD ATP) just shared a very interesting guide to become a professional threat hunter with Microsoft Defender ATP. And I think every professional in security operations should know this.</font><div><font face="verdana"><br /></font></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxiBGm9-RhpL8DlKyH4t-FAhsVKqehRt0i7byJssNmkpnCV5MZ7z97eHsME5WFT-0WnEWNe9QvVVBGY2IDoebI14GAtGr1dYMC-EXhbEpRzCTFqCHTLW82s9YhbUqEM1rgfA9aaDV5psk/s640/cyber-security-1805632_640.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="465" data-original-width="640" height="363" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxiBGm9-RhpL8DlKyH4t-FAhsVKqehRt0i7byJssNmkpnCV5MZ7z97eHsME5WFT-0WnEWNe9QvVVBGY2IDoebI14GAtGr1dYMC-EXhbEpRzCTFqCHTLW82s9YhbUqEM1rgfA9aaDV5psk/w500-h363/cyber-security-1805632_640.png" width="500" /></a></div><font face="verdana"><br /></font></div><div><font face="verdana"><br /></font></div><div><font face="verdana">The full list can be found here: <a href="https://techcommunity.microsoft.com/t5/microsoft-defender-atp/become-a-microsoft-defender-atp-ninja/ba-p/1515647">https://techcommunity.microsoft.com/t5/microsoft-defender-atp/become-a-microsoft-defender-atp-ninja/ba-p/1515647</a></font></div><div><font face="verdana"><br /></font></div><div><p style="background-color: white; box-sizing: border-box; color: #333333; font-size: 16px; margin: 0px;"><font face="verdana">Its really worth to have a deeper look!</font></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-size: 16px; margin: 0px;"><font face="verdana"><br /></font></p><p style="background-color: white; box-sizing: border-box; color: #333333; font-size: 16px; margin: 0px;"><font face="verdana">You get shown step by step how to become an advanced threat hunter. </font></p></div>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-75330187823132087262020-07-13T10:06:00.001+02:002020-07-13T10:06:02.481+02:00Autopilot Diagnostics<span style="font-family: Verdana, sans-serif;">Just today the "Father" of Windows Autopilot (Michael Niehaus) just wrote a great article about Windows Autopilot diagnostics. And I just refer to this article for you and me for later use. </span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyXvwKBlWQrlbyXpi0_Fl-whC5T83cJ9AXHqXYivxtbWqgfeyW_g3e91Uh1uDABqdKoS-s77iJPjDEq1w4HB4sXxc9X32nlGnx1Ed2dt4TAFbtRBwx8-_zNPtRnVJdNvYH3CBRzfKgSb8/s1600/airplane-2566205_640.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="426" data-original-width="640" height="213" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyXvwKBlWQrlbyXpi0_Fl-whC5T83cJ9AXHqXYivxtbWqgfeyW_g3e91Uh1uDABqdKoS-s77iJPjDEq1w4HB4sXxc9X32nlGnx1Ed2dt4TAFbtRBwx8-_zNPtRnVJdNvYH3CBRzfKgSb8/s320/airplane-2566205_640.jpg" width="320" /></a></div>
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">He is speaking about the "<b>GET-AutopilotESPStatus</b>" and its evolution to the Powershell Commandlet "<b>Get-AutopilotDiagnostics</b>" which it is now. And also about the different steps and even much more stuff to dig deeper into Autopilot diagnostics.</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Feel free to have a deeper look into the Windows Autopilot diagnostics here:<br /><a href="https://oofhours.com/2020/07/12/windows-autopilot-diagnostics-digging-deeper/">https://oofhours.com/2020/07/12/windows-autopilot-diagnostics-digging-deeper/</a></span><br />
<br />
<span style="font-family: Verdana, sans-serif;">And you get the original script here:</span><br />
<a href="https://www.powershellgallery.com/packages/Get-AutopilotDiagnostics"><span style="font-family: Verdana, sans-serif;">https://www.powershellgallery.com/packages/Get-AutopilotDiagnostics</span></a><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<br />MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-77487244515224096502020-06-22T11:07:00.002+02:002020-06-22T11:08:17.720+02:00Win10 - Patchday 06/2020 Printing Issues<font face="verdana">Normally I do not comment temporary issues. Especially as MS is mostly fixing them within the next update period. Unfortunately for this issue it does not seem MS is deploying it via Windows Update even in the near future. Therefore here a short notice.</font><div><font face="verdana"><br /></font></div><div><font face="verdana">When your system get patched with the 06/2020 cumulative update you may see issues with your printers. It does not matter if it is a USB printer or otherwise connected printers. The root cause is in the printer spooler itself. </font></div><div><font face="verdana"><br /></font></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj448zIwySfHfEn-TKU8YOaWN_6RgjpKVYKd6IVH0rPF3BRiY0fjPL0PlTLTruQq5BiHPi5tTrYyIRFY1KA9eAzUE3-jvbMgkTwq8OU1sWZbZ9QyWEqHqn-e-_DXd800pFgfiq1ZA2gewA/s1920/update-3357083_1920.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1308" data-original-width="1920" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj448zIwySfHfEn-TKU8YOaWN_6RgjpKVYKd6IVH0rPF3BRiY0fjPL0PlTLTruQq5BiHPi5tTrYyIRFY1KA9eAzUE3-jvbMgkTwq8OU1sWZbZ9QyWEqHqn-e-_DXd800pFgfiq1ZA2gewA/s320/update-3357083_1920.jpg" width="320" /></a></div><font face="verdana"><br /></font></div><div><font face="verdana"><br /></font></div><div><font face="verdana">For more official information's please refer to this KB article.</font></div><div><p style="background-color: white; border: 0px; color: #333333; font-size: 16px; line-height: 26px; margin: 0px 0px 1em; padding: 0px;"><a href="https://support.microsoft.com/en-us/help/4567512/windows-10-update-kb4567512"><font face="verdana">https://support.microsoft.com/en-us/help/4567512/windows-10-update-kb4567512</font></a></p><div><font face="verdana">MS is providing manual hotfixes for this issue. Currently not deployed via Windows Update. </font><span style="font-family: verdana;">If you encounter such a problem then please check out depending on your Win10 version these updates:</span></div><div><font face="verdana"><br /></font></div><ul style="text-align: left;"><li><span style="background-color: white; color: #333333; font-family: verdana;">Windows 10 Version 2004: </span><a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4567523" rel="noopener noreferrer" style="background-color: white; border: 0px; color: #4c6eb5; font-family: verdana; margin: 0px; padding: 0px; text-decoration-line: none;" target="_blank">KB4567523</a></li><li><span style="background-color: white; color: #333333; font-family: verdana;">Windows 10 Version 1903 & 1909: </span><a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4567512" rel="noopener noreferrer" style="background-color: white; border: 0px; color: #4c6eb5; font-family: verdana; margin: 0px; padding: 0px; text-decoration-line: none;" target="_blank">KB4567512</a></li><li><span style="background-color: white; color: #333333; font-family: verdana;">Windows 10 Version 1809: </span><a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4567513" rel="noopener noreferrer" style="background-color: white; border: 0px; color: #4c6eb5; font-family: verdana; margin: 0px; padding: 0px; text-decoration-line: none;" target="_blank">KB4567513</a></li><li><span style="background-color: white; color: #333333; font-family: verdana;">Windows 10 Version 1803: </span><a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4567514" rel="noopener noreferrer" style="background-color: white; border: 0px; color: #4c6eb5; font-family: verdana; margin: 0px; padding: 0px; text-decoration-line: none;" target="_blank">KB4567514</a></li><li><span style="background-color: white; color: #333333; font-family: verdana;">Windows 10 Version 1709: </span><a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4567515" rel="noopener noreferrer" style="background-color: white; border: 0px; color: #4c6eb5; font-family: verdana; margin: 0px; padding: 0px; text-decoration-line: none;" target="_blank">KB4567515</a></li><li><span style="background-color: white; color: #333333; font-family: verdana;">Windows 10 Version 1703: </span><a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4567516" rel="noopener noreferrer" style="background-color: white; border: 0px; color: #4c6eb5; font-family: verdana; margin: 0px; padding: 0px; text-decoration-line: none;" target="_blank">KB4567516</a></li><li><span style="background-color: white; color: #333333; font-family: verdana;">Windows 10 Version 1607: </span><a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4567517" rel="noopener noreferrer" style="background-color: white; border: 0px; color: #4c6eb5; font-family: verdana; margin: 0px; padding: 0px; text-decoration-line: none;" target="_blank">KB4567517</a></li><li><span style="background-color: white; color: #333333; font-family: verdana;">Windows 10 Version 1507: </span><a href="https://www.catalog.update.microsoft.com/Search.aspx?q=KB4567518" rel="noopener noreferrer" style="background-color: white; border: 0px; color: #4c6eb5; font-family: verdana; margin: 0px; padding: 0px; text-decoration-line: none;" target="_blank">KB4567518</a></li></ul></div>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-69513209886716527602020-06-18T11:20:00.006+02:002020-06-20T08:12:40.118+02:00Windows Virtual Desktop - FSLogix container size limitations<font face="verdana">Recently a customer asked me about the Windows Virtual Desktop (WVD) FSLogix file storage limitations. After some research and talks to the Product Group it turns out that there are not really limitations by FSLogix by itself. The limitations are defined by the underlying technologies.</font><div><font face="verdana"><br /></font></div><div><font face="verdana"><br /></font></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8mFu8cFPZ-fxEaICfOjo1rjt3UE5XaZHES1bp0oKQmFzxlRfi3XQ2coQdKfwvRiKMnx-nqadgFtouCAEDRqpkwMfZDiX7lEB53ZH0m7XusHclZnTtdzM65bvopcQM7G5uShU_GNjmooI/s622/blog-fslogix1.PNG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="622" data-original-width="354" height="625" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8mFu8cFPZ-fxEaICfOjo1rjt3UE5XaZHES1bp0oKQmFzxlRfi3XQ2coQdKfwvRiKMnx-nqadgFtouCAEDRqpkwMfZDiX7lEB53ZH0m7XusHclZnTtdzM65bvopcQM7G5uShU_GNjmooI/w356-h625/blog-fslogix1.PNG" width="356" /></a></div><font face="verdana"><br /></font></div><div><font face="verdana"><br /></font></div><div><font face="verdana"><br /></font></div><div><font face="verdana">First of all FSLogix mainly used the standard container format .VHD/.VHDX</font></div><div><font face="verdana">and these disks are stored on underlaying files storage technologies. In the WVD world this is in general <a href="https://docs.microsoft.com/en-us/azure/storage/files/storage-files-introduction" target="_blank">Azure Files</a>.</font></div><div><font face="verdana"><br /></font></div><div><font face="verdana">In terms of different disk types in general you can use all of them:</font></div><div><a href="https://docs.microsoft.com/en-us/fslogix/profile-container-configuration-reference"><font face="verdana">https://docs.microsoft.com/en-us/fslogix/profile-container-configuration-reference</font></a></div><div><font face="verdana"><br /></font></div><div><font face="verdana"><b>These are the size limitations of the container formats:</b></font></div><div><font face="verdana"><br /></font></div><div><table border="1" bordercolor="#888" cellspacing="0" style="border-collapse: collapse; border-color: rgb(136, 136, 136); border-width: 1px;"><tbody><tr><td style="min-width: 60px;"><font face="verdana"> Type<span> <span> </span></span></font></td><td style="min-width: 60px;"><font face="verdana"> Size Limit<span> Factor<span> </span></span></font></td><td style="min-width: 60px;"><font face="verdana"> Maximum Size Limit</font></td></tr><tr><td style="min-width: 60px;"><font face="verdana"> VHD Fixed Size<br />(<a href="https://docs.microsoft.com/en-us/windows-server/administration/performance-tuning/role/hyper-v-server/storage-io-performance#types-of-virtual-hard-disk-files" target="_blank">recommended</a>)</font></td><td style="min-width: 60px;"><font face="verdana"> <a href="https://docs.microsoft.com/en-us/windows-server/storage/file-server/ntfs-overview" target="_blank">Underlying Filesystem in general NTFS</a></font></td><td style="min-width: 60px;"><font face="verdana">16 TB (4kb <b>default</b> cluster size)<br />256 TB (64kb cluster size)</font></td></tr><tr><td><font face="verdana"> VHD <br /> Dynamic Size</font></td><td><font face="verdana"> <a href="http://go.microsoft.com/fwlink/p/?linkid=137171" target="_blank">VHD specification (Word Document)</a></font></td><td><font face="verdana"> 2040 GB (Theoretically)<br />127 GB (Practically e.g. ATA Hard <br />drive disk protocol limit)</font></td></tr><tr><td><font face="verdana"> VHDX <br /> Fixed Size<span> </span></font></td><td><font face="verdana"> Underlying Filesystem <br /> (Azure Files)</font></td><td><font face="verdana"> 64 TB (by <a href="https://docs.microsoft.com/en-us/windows-server/administration/performance-tuning/role/hyper-v-server/storage-io-performance#vhdx-format">VHDX definition</a>)<br /> 1 TB practically due to <br /> underlaying File System<br /> (e.g. Azure Files <br /> which is used in WVD)</font></td></tr><tr><td><font face="verdana"> VHDX <br /> Dynamic Size<br />(<a href="https://docs.microsoft.com/en-us/windows-server/administration/performance-tuning/role/hyper-v-server/storage-io-performance#types-of-virtual-hard-disk-files" target="_blank">recommended</a>)<br /><i>Used by default <br />from WVD</i></font></td><td><font face="verdana"> Underlying Filesystem <br /> (Azure Files)</font></td><td><font face="verdana"> 64 TB (by <a href="https://docs.microsoft.com/en-us/windows-server/administration/performance-tuning/role/hyper-v-server/storage-io-performance#vhdx-format">VHDX definition</a>)<br /><span style="background-color: #f7cb4d;"> <b>1 TB practically due to </b><b><br /></b><b> underlaying File System</b></span><br /> (e.g. Azure Files <br /> which is used in WVD)</font></td></tr></tbody></table><font face="verdana"><br /></font></div><div><font face="verdana"><b><br /></b></font></div><div><font face="verdana"><b>Underlaying storage technology for FSLogix in Windows Virtual Desktop:</b></font></div><div><font face="verdana"><br /></font></div><div><font face="verdana">FSLogix Default for container disks is VHDX with Dynamic Size used on <a href="https://docs.microsoft.com/en-us/azure/storage/files/storage-files-introduction" target="_blank">Azure Files.</a> </font><span style="font-family: verdana;">Maximum file size is up to 1 TB (as the file is set to dynamic it will start much smaller with the default profile size of your user profile and grow up the the specified limit. In this case the recommendation is to create dynamically VHDX files not greater than 1 TB).</span></div><div><font face="verdana"><br /></font></div><div><font face="verdana">When it comes to Azure Files there are more limits depending on the storage type you are using. A comprehensive list can be found here:<br /></font><font face="verdana"><a href="https://docs.microsoft.com/en-us/azure/storage/files/storage-files-scale-targets">https://docs.microsoft.com/en-us/azure/storage/files/storage-files-scale-targets</a></font></div><div><br /></div><div><br /></div><div><font face="verdana"><b>Performance requirements per user:</b></font></div><div><font face="verdana"><br /></font></div><div><font face="verdana">This add another implication where you have to consider from the user side.</font></div><div><font face="verdana">These are the performance and throughput requirements per User in FSLogix (thanks for Input from the PG)</font></div><div><p class="MsoNormal"><span lang=""><font face="verdana">The
limitations (quotas) are usually not in FSLogix but in the underlying storage
fabric that is being used to store FSLogix. Here are tables that show what
FSLogix needs per one user. If we want to handle 100 users we need 1000 IOPS
for steady used, 5000 IOPS for logon storm, etc.</font></span></p><p></p>
<table border="1" bordercolor="#888" cellspacing="0" style="border-collapse: collapse; border-color: rgb(136, 136, 136); border-width: 1px;"><tbody><tr><td style="min-width: 60px;"><font face="verdana"> Steady IOPS used per user</font></td><td style="min-width: 60px;"><font face="verdana"> 10</font></td></tr><tr><td style="min-width: 60px;"><font face="verdana"> Boot / Login IOPS used per user<span> </span></font></td><td style="min-width: 60px;"><font face="verdana"> 50</font></td></tr></tbody></table><font face="verdana"><br /></font></div><div><table border="1" bordercolor="#888" cellspacing="0" style="border-collapse: collapse; border-color: rgb(136, 136, 136); border-width: 1px;"><tbody><tr><td style="min-width: 60px;"><font face="verdana"> Steady throughput per user (MB per second)<span> </span></font></td><td style="min-width: 60px;"><font face="verdana"> 1.5 </font></td></tr><tr><td style="min-width: 60px;"><font face="verdana"> Boot / Login throughput per user (MB per second) </font></td><td style="min-width: 60px;"><font face="verdana"> 7.5</font></td></tr></tbody></table><br /></div><div><br /></div><div><font face="verdana"><b>Quota <br /><br /></b></font></div><div><font face="verdana">Technically you can setup quota for the user profiles in Windows directly. Due to the used filterdriver the user profile directory behaves like a native folder where quota can be applied. So if the admin sets a quota for the user profile you get notified as usual. There is no dedicated quota management in FSLogix necessary or available. (Thanks to Stefan for clarification!)</font></div><div><br /></div>MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-75273581947190722832020-05-28T14:45:00.000+02:002020-05-28T14:54:51.567+02:00Windows10 - 2004 whats new<span style="font-family: "verdana" , sans-serif;">Windows10 - Version 2004 </span><br />
<span style="font-family: "verdana" , sans-serif;">Build 10.0.19041.264</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_QX_qQmD7oykEdxP14K-Zs6rAhhhfkWVsxa_F63sAsh8r1bI5P58jekus006HJ-fyGaEeeYx3-w3uhu86je4ghXwE8ih_uxGRqjN8XHY-08WeReFywKTJ10NGBp4LiawlOGtR_WSwgI/s1600/update-3357083_1920.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1090" data-original-width="1600" height="218" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_QX_qQmD7oykEdxP14K-Zs6rAhhhfkWVsxa_F63sAsh8r1bI5P58jekus006HJ-fyGaEeeYx3-w3uhu86je4ghXwE8ih_uxGRqjN8XHY-08WeReFywKTJ10NGBp4LiawlOGtR_WSwgI/s320/update-3357083_1920.jpg" width="320" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Comprehensive but not full list of all updates known and available:</span><br />
<br />
<ul style="margin-top: 0cm;" type="disc">
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Cortana<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Cortana has been redesigned with a
conversation-based UI and support for light mode<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The Cortana window can now be moved across
the desktop<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Search<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Windows no longer indexes developer
forlders like .git, .svn, .Nuget, .hg and more<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Search can now better identify high usage
and only index when enough resources are available.<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Taskbar + Action
center<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Searching in Timeline when you didn't
opt-in no longer requires you to tab past the opt-in text before you get
to the search results<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Action center will now show a direct link
to Notification settings<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now rename virtual desktops</span></li>
</ul>
<ul style="margin-top: 0cm;" type="disc">
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">File Explorer<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Search is now powered by Microsoft Search<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The Search bar in the File Explorer is now
slightly longer by default<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The context menu for .HEIC-files will now
include options to Print or Set as Desktop Background<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;">Settings</span><o:p></o:p></span></b></div>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">System<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The App Volume and Device Preferences page
has been redesigned<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Storage Sense's group policies have been
updated with better explanations for their functionality<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now disable sounds for all
notifications at once<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now sort notifications senders<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Under Notifications & actions, a
setting has been added to disable the post-upgrade setup page<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Devices<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now manage the mouse cursor speed<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">When pairing with Swift Pair, the entire
flow now happens within the notification with no need to open Settings<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">One less notification has to be shown for
the full pairing experience over Bluetooth<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now dismiss Swift Pair from the
notification with the Dismiss-button<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The device name and category are now shown
in a Swift Pair notification<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Network &
Internet<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The network Status page has been
redesigned, showing the network usage for all active connections and
integrating Data Usage</span></li>
</ul>
<ul style="margin-top: 0cm;" type="disc">
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Apps<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now select multiple features to be
installed on your device<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Features can now be searched through as
well as sort them by Name, Size or Install date<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Features will now shown when they were
installed and any other dependencies they have<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Latest actions has been added to Optional
features and shows which installs, uninstalls and cancels you've performed<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Accounts<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">"Make your device passwordless"
has been added as a new option under Sign-in options<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Your account picture will now sync faster
through any Microsoft services<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Ease of Access settings can no longer be
set to sync between devices<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The option "Automatically save my
restartable apps when I sign out and restart them after I sign in."
has been added on the Sign-in options page<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Time & language<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Language will now show an overview of
various aspects of the system and to which language they are set,
including Windows display, Apps & websites, Regional format, Keyboard
and Speech, providing quick access to the various settings<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The link to add a local experience pack
has been removed<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Opening a language's options will now show
an updated language features overview<o:p></o:p></span></li>
<ul style="margin-top: 0cm;" type="circle">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Required features are now listed below
other features without a disabled checkmark<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Features and settings that depend on
other features and settings are now shown as a subitem of their parents<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The various language feature will now
show an icon on the right that will give the user a tooltip</span></li>
</ul>
</ul>
<ul style="margin-top: 0cm;" type="disc">
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Ease of Access<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">There is now a tooltip when hovering over
the various color options for your cursor</span></li>
</ul>
<ul style="margin-top: 0cm;" type="disc">
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Update &
Security<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now limit the bandwith usage by
Delivery Optimization for both foreground and background<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">"Cloud download" has been added
as a new recovery option<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Windows Update will now list optional
updates under "View optional updates"<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">All driver updates are now listed under
"View optional updates", removing the need to check for drivers
in the Device Manager</span></li>
</ul>
<ul style="margin-top: 0cm;" type="disc">
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">General<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Improvements to the launch time when the
Settings header is visible<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Ink Workspace<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The Ink Workspace flyout has been replaced
with a small flyout menu<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Sticky Notes are no longer accessible from
the Ink Workspace<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Sketchboard has been replaced with the
Microsoft Whiteboard app</span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;"><br /></span></li>
</ul>
<ul style="margin-top: 0cm;" type="disc">
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Accessibility<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Magnifier with larger pointers will now
pan smoothly when as the pointer changes shape<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">"Change how capitalized text is read"
has been removed from Narrator<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator now announced the toggle state of
checkboxes in a Listview<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Scan mode will now turn off to allow
typing in the edit field of a spinner control<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator now has improved support for
"invalid" and "required" properties on more controls<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator Braille can now reliably activate
links by routing key<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator reliability has been improved
from Chrome<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator now reads tables more efficiently
by only reading the deltas when navigating.<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator + S now gives a webpage summary.<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now keep the text cursor in the
center of the screen when typing with Magnifier<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator can now say the title and url of
a link<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator will now read the header first,
followed by the cell data, followed by the row/column - position of a cell<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">When headers in data tables change,
Narrator will now read them<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Eye Control now supports drag-and-drop<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Pausing Eye Control will now completely
hide the launchpad<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Buttons can now be clicked with switches
on joysticks or device that emulate joysticks<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Eye Control has been updated to provide
more settings<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator now automatically starts reading
web pages and emails<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The Magnifier UI has been revamped with
updated icon and moves the magnification in between the zoom buttons, it
is no longer to change the view from the Magnifier window<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator will now turn on Scan Mode when
reading Outlook or Windows Mail mails automatically<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Each email will now be read with the
status mentioned first in the list view<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The text cursor can now be changed to any
given color<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator will now start reading webpages
from the top rather than from the main landmark on it<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator now supports the arria-haspopup property<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now turn of Narrator input
learning of by hitting Narrator + 1<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Improved Magnifier performance when moving
the mouse around the screen<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Magnifier reading now support reading in
more locations<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Narrator's volume for link and scroll
sounds has been bumped up<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">In Outlook, the
"importance"-header is now always spoken by Narrator before the
importance level<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Magnifier can no longer be set to an UI
that is visible in the viewport as a magnifying glass<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Language and input<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The on-screen keyboard now uses SwiftKey's
Typing Intelligence on 39 new languages: Afrikaans (South Africa),
Albanian (Albania), Arabic (Saudi Arabia), Armenian (Armenia), Azerbaijani
(Azerbaijan), Basque (Spain), Bulgarian (Bulgaria), Catalan (Spain),
Croatian (Croatia), Czech (Czech Republic), Danish (Denmark), Dutch
(Netherlands), Estonian (Estonia), Finnish (Finland), Galician (Spain),
Georgian (Georgia), Greek (Greece), Hausa (Nigeria), Hebrew (Israel),
Hindi (India), Hungarian (Hungary), Indonesian (Indonesia), Kazakh
(Kazakhstan), Latvian (Latvia), Lithuanian (Lithuania), Macedonian
(Macedonia), Malay (Malaysia), Norwegian (Bokmal, Norway), Persian (Iran),
Polish (Poland), Romanian (Romania), Serbian (Serbia), Serbian (Serbia),
Slovak (Slovakia), Slovenian (Slovenia), Swedish (Sweden), Turkish
(Turkey), Ukrainian (Ukraine), Uzbek (Uzbek)<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Dictation support for English (Canada),
English (UK), English (Australia), English (India), French (France),
French (Canada), German (Germany), Italian (Italy), Spanish (Spain),
Spanish (Mexico), Portuguese (Brazil), and Chinese (Simplified, China) has
been added<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">A number of kaomoji have been added the to
emoji picker<span lang="EN-US">.</span><o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Input Method Editor<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The development version of the Japanese
IME from build 18277 has been restored<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Improved security and reliability in the
revamped Chinese Simplified and Chinese Traditional IMEs, as well as a
cleaner settings interface<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The Chinese Pinyin IME now refers to
"Default mode" instead of "Input mode"<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">A tip has been added to the Bopomofo IME
settings that Ctrl + Space will toggle the conversation mode<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The Japanese IME now has as default
assinged value of Ctrl + Space to be "None"<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Key assignment settings are now more
discoverable in the Japanese IME<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Improved performance for the Bopomofo,
ChangJie, and Quick IMEs<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now disable the Shift + Space
keyboard shortcut in the Bopomofo IME as well as changing the candidate
font size<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now hide the IME toolbar from the
toolbar menu<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="line-height: 107%;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;">Apps</span><span style="font-size: 14pt;"><o:p></o:p></span></span></span></b></div>
<div class="MsoNormal">
<b><span style="line-height: 107%;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><br /></span></span></span></b></div>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Connect<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Connect is now an optional feature
downloadable in Settings<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Notepad<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Notepad can now restore unsaved content
when Windows restarts for updates<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Task Manager<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The disk type will now be shown in Task
Manager<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Right clicking a process will now show
"Provide Feedback" after "End task" and "End
process tree" instead of between<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The GPU temperature is now shown under
Performance > GPU<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Windows Sandbox<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Support for capturing hotkeys in full
screen has been added<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">A configuration file can now be set for
Windows Sandboxes<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Error dialogs will now show an error code
and a link to Feedback Hub<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now use a microphone in Windows
Sandbox<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The audio input device can now be set in
the Sandbox config file<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Shift + Alt + PrtScn now opens the ease of
access dialog for high contrast mode<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Ctrl + Alt + Break now toggles fullscreen
mode<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Windows Sandbox no longer requires the use
of Admin privileges<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Windows Subsystem
for Linux<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The file system of a Linux distro can now
be accessed from File Explorer<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Windows Subsystem for Linux version 2 has
been added to Windows, including a full Linux kernel<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Connections can now be made using
localhost<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Improved performance for directory
listings in \wsI$<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">Other features<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Tamper Protection will be set on by
default again<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You can now sign in with your Windows
Hello PIN when in Safe Mode<o:p></o:p></span></li>
</ul>
<div class="MsoNormal">
<b><span style="font-family: "verdana" , sans-serif;">And further<o:p></o:p></span></b></div>
<ul style="margin-top: 0cm;" type="disc">
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The "Windows Light" theme is now
called "Windows (light)"<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">All Emoji 12.0 emojis now have keywords in
the emoji picker<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">The OOBE will now show a lock icon with
networks that are private<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Windows Defender ATP is being renamed to
Microsoft Defender<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Windows will now periodically remind you
to make backups if you do not have a backup solution installed<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">You're prefered defragmentation settings
are now preserved after upgrading Windows<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Support for Microsoft Bluetooth Mouse and
Keyboard has been added to Swift Pair<o:p></o:p></span></li>
<li class="MsoNormal"><span style="font-family: "verdana" , sans-serif;">Update the Windows version name to version
2004</span></li>
</ul>
<div>
<span style="font-family: "verdana" , sans-serif;"><i><u>Thanks to the Team of ChangeWindows!</u></i></span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/jeuRvGNOe3E/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/jeuRvGNOe3E?feature=player_embedded" width="320"></iframe></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: large;">Configuration and Deployment</span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">As this is stuff IT Pros are focused here more explanations:</span></div>
<div>
<h3 id="DO" style="background-color: white; box-sizing: border-box; color: #333333; font-size: 17px; line-height: 1.2; margin: 36px 0px 20px;">
<span style="font-family: "verdana" , sans-serif;">Delivery Optimization enhancements</span></h3>
</div>
<div>
<ul style="background-color: white; box-sizing: border-box; clear: left; color: #333333; font-size: 16px; list-style: outside; margin-bottom: 12px; margin-top: 0px; padding-left: 2.5em;">
<li style="box-sizing: border-box; margin-bottom: 8px; margin-top: 20px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Get-DeliveryOptimizationStatus -PeerInfo</strong>. Offers a real-time view behind-the-scenes of peer-to-peer activity (e.g. the peer IP Address, bytes received/sent).</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Get-DeliveryOptimizationLogAnalysis</strong>. Get a summary of the activity in your Delivery Optimization log (e.g. the total number of downloads, downloads from peers, and overall peer efficiency). Use the <strong style="box-sizing: border-box;">-ListConnections</strong> flag to for in-depth look at peer-to-peer connections.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Enable-DeliveryOptimizationVerboseLogs</strong>. Offers a greater level of detail to assist in troubleshooting.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px; margin-top: 20px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Enterprise network throttling</strong>. We've made enhancements to foreground vs. background throttling.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Automatic cloud-based congestion detection</strong>. Leverage the power of the Delivery Optimization cloud service to help identify download storms on your network. In short, the existing policy to delay background downloads from HTTP will indicate that the cloud service is allowed to dynamically back off downloading updates from the cloud for some devices while continuing to leverage local peer sources. Similarly, the same feature can help improve overall peer utilization by dynamically choosing which devices can download updates first. This feature is particularly useful to those of you who are deploying via rings and would like to avoid selecting individual devices in ring 0 (which can be cumbersome if you have thousands of sites). (Note: This client feature requires a cloud service support, which will be available in the near future, for full functionality.)</span></li>
</ul>
<div>
<h3 id="dep" style="background-color: white; box-sizing: border-box; color: #333333; font-size: 17px; line-height: 1.2; margin: 36px 0px 20px;">
<span style="font-family: "verdana" , sans-serif;">Servicing and deployment enhancements</span></h3>
</div>
</div>
<div>
<ul style="background-color: white; box-sizing: border-box; clear: left; color: #333333; font-size: 16px; list-style: outside; margin-bottom: 12px; margin-top: 0px; padding-left: 2.5em;">
<li style="box-sizing: border-box; margin-bottom: 8px; margin-top: 20px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Reduced offline time during feature updates</strong>. Beginning with Windows 10, version 1703, we've steadily reduced end user downtime during a feature update. With Windows 10, version 2004, offline time continues to decrease, from a median time of over 80 minutes in version 1703, to 16 minutes in version 2004, including only a <em style="box-sizing: border-box;">single reboot</em> for many users.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Improved controls for reserved storage</strong>. With the release of Windows 10, version 1903, we introduced <a href="https://techcommunity.microsoft.com/t5/windows-it-pro-blog/managing-reserved-storage-in-windows-10-environments/ba-p/1297070" rel="noopener" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">reserved storage</a> for newly manufactured PCs and clean Windows 10 installs. With Windows 10, version 2004, we've added a new set of Deployment Image Servicing and Management (DISM) commands and APIs so you can enable and disable reserved storage on demand, including reserved storage for Windows 10 devices that were not shipped with Windows 10, version 1903 and higher. For the full set of reserved storage command line options, see <a href="https://docs.microsoft.com/windows-hardware/manufacture/desktop/dism-storage-reserve" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">DISM Reserved Storage Command-line Options</a><span style="box-sizing: border-box;">.</span></span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Improved controls and diagnostics for Windows Setup</strong>. For those using <a href="https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-technical-reference" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Windows Setup</a>, Windows 10, version 2004 offers more control when upgrading to the latest update. For example:</span><ul style="box-sizing: border-box; clear: left; list-style: outside; margin-bottom: 0px; margin-top: 0px; padding-left: 2.5em;">
<li style="box-sizing: border-box; margin-bottom: 8px; margin-top: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Dynamic Update</strong>. You can now search, download, and install <a href="https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options#dynamicupdate" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Dynamic Updates</a>, but exclude the latest quality update and/or driver updates.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Reduced offline time for users</strong>. Instruct Windows Setup to start update operations on the down-level OS <a href="https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options#skipfinalize" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">without initiating a reboot</a> to start the offline phase, then instruct Windows Setup to <a href="https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options#finalize" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">complete the installation at an appropriate time</a>.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">SetupDiag</strong>: <a href="https://docs.microsoft.com/windows/deployment/upgrade/setupdiag" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">SetupDiag</a> provides additional diagnostic information to troubleshoot update failures. For more information, see <a href="https://docs.microsoft.com/windows-hardware/manufacture/desktop/deployment-troubleshooting-and-log-files" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Deployment Troubleshooting and Log Files</a>.</span></li>
</ul>
</li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Recover Windows 10 from the cloud</strong>. With this release we've added the option to recover Windows 10 by downloading the necessary files from the cloud, resulting in increased reliability and, depending on your internet speed, a faster recovery. For more details about the cloud-reset process, see <a href="https://docs.microsoft.com/windows-insider/at-work-pro/wip-4-biz-whats-new#new-reset-this-pc-option-cloud-download-build-18970" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Reset this PC option: Cloud download</a>.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Windows Autopilot</strong>. Procure devices and have them delivered directly to the end user and provisioned from the cloud. <a href="https://aka.ms/WindowsAutopilotDocs" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Windows Autopilot</a> has been available since Windows 10, version 1703 (with the 7D update) and with each new version of Windows 10 we add new, requested features. Today we're adding the ability to:</span><ul style="box-sizing: border-box; clear: left; list-style: outside; margin-bottom: 0px; margin-top: 0px; padding-left: 2.5em;">
<li style="box-sizing: border-box; margin-bottom: 8px; margin-top: 10px;"><span style="font-family: "verdana" , sans-serif;">Configure <a href="https://docs.microsoft.com/windows/deployment/windows-autopilot/user-driven" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">user-driven</a> Hybrid Azure AD Join with VPN support. This support has been backported to Windows 10, versions 1909 and 1903.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;">Configure language settings in the Windows Autopilot profile so that the out-of-box experience (OOBE) will skip the language, locale, and keyboard pages when the device is connected to ethernet.</span></li>
</ul>
</li>
</ul>
</div>
<h3 id="WUfB" style="background-color: white; box-sizing: border-box; color: #333333; font-size: 17px; line-height: 1.2; margin: 36px 0px 20px;">
<span style="font-family: "verdana" , sans-serif;">Windows Update for Business</span></h3>
<ul style="background-color: white; box-sizing: border-box; clear: left; color: #333333; font-size: 16px; list-style: outside; margin-bottom: 12px; margin-top: 0px; padding-left: 2.5em;">
<li style="box-sizing: border-box; margin-bottom: 8px; margin-top: 20px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Microsoft Intune console updates</strong>. The target version is now available in Intune, allowing you to specify to which Windows 10 OS version you want devices to move. This capability also enables you to keep devices on their current version until they reach end of service. Available now in the Intune console, you can also configure this as a Group Policy or Configuration Service Provider (CSP) policy.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Validation improvements</strong>. To ensure devices and end users stay productive and protected, Microsoft uses safeguard holds to block devices from updating when there are known issues that would impact that device. But we know this can interfere with validations. To better enable IT administrators to validate on the latest release, we have created a new policy to enable admins to opt devices out of the built-in safeguard holds.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Deferral policies</strong>. See FAQ below for a description of how deferral policies work in Windows Update for Business.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Documentation updates</strong>. We have improved our <a href="https://docs.microsoft.com/windows/deployment/update/waas-manage-updates-wufb" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Windows Update for Business documentation</a> to better communicate how to utilize Windows Update for Business to manage Windows Updates to keep devices secure and end users productive.</span></li>
</ul>
<div>
<h3 id="toc-hId--617716867" style="background-color: white; box-sizing: border-box; color: #333333; font-size: 17px; line-height: 1.2; margin: 36px 0px 20px;">
<span style="font-family: "verdana" , sans-serif;">Windows Virtual Desktop</span></h3>
<div style="background-color: white; box-sizing: border-box; color: #333333; font-size: 16px; margin-top: 20px;">
<span style="font-family: "verdana" , sans-serif;">Windows Virtual Desktop continues to evolve and you can keep up with the latest enhancements by bookmarking the <a href="https://techcommunity.microsoft.com/t5/windows-virtual-desktop/bd-p/WindowsVirtualDesktop" rel="noopener" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Windows Virtual Desktop community</a> and staying tuned to the <a href="https://aka.ms/blog/WindowsITPro" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Windows IT Pro Blog</a>. Most recently, we've published <a href="https://docs.microsoft.com/powershell/windows-virtual-desktop/release-notes" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">new PowerShell modules</a> to PSGallery, including <strong style="box-sizing: border-box;">Remove-RdsRoleAssignment</strong> with the <strong style="box-sizing: border-box;">-<em style="box-sizing: border-box;">AadTenantId</em></strong> parameter to remove role assignments of principals not associated to the Azure AD tenant, and <strong style="box-sizing: border-box;">Update-AzWvdHostPool <em style="box-sizing: border-box;">-PersonalDesktopAssignmentType</em></strong> to automatically assign users to virtual machines. For more details, see the <a href="https://docs.microsoft.com/powershell/windows-virtual-desktop/release-notes" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">Windows Virtual Desktop PowerShell release notes</a>.</span></div>
</div>
<div>
<h2 id="cortana" style="background-color: white; box-sizing: border-box; color: #333333; font-size: 20px; line-height: 1.2; margin: 36px 0px 20px;">
<span style="font-family: "verdana" , sans-serif;">Cortana enhancements</span></h2>
<ul style="background-color: white; box-sizing: border-box; clear: left; color: #333333; font-size: 16px; list-style: outside; margin-bottom: 12px; margin-top: 0px; padding-left: 2.5em;">
<li style="box-sizing: border-box; margin-bottom: 8px; margin-top: 20px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Productivity</strong><span style="box-sizing: border-box; font-size: 12px; line-height: 0; position: relative; top: -0.5em; vertical-align: baseline;"><a href="https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-for-it-pros-in-windows-10-version-2004/ba-p/1419764#note1" rel="nofollow noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_self">[1]</a></span>. A chat-based UI gives you the ability to <a href="https://support.microsoft.com/en-us/help/4557165" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">interact with Cortana using typed or spoken natural language queries</a> to easily get information across Microsoft 365 and stay on track. In the coming months, with regular app updates through the Microsoft Store, we'll enhance this experience to support wake word invocation and enable listening when you say “Cortana,” offer more productivity capabilities (such as surfacing relevant emails and documents to help you prepare for meetings), and expand supported capabilities for international users.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Security</strong>. You now must be securely logged in with your work or school account or your Microsoft account before using Cortana. Because of this tighter access, some skills including music, connected home, and third-party skills will no longer be available. Additionally, users get <a href="https://docs.microsoft.com/microsoft-365/admin/misc/cortana-integration?view=o365-worldwide" rel="noopener noopener noreferrer" style="background-color: transparent; box-sizing: border-box; color: #146cac;" target="_blank">cloud-based assistance services</a> that meet Office 365's enterprise-level privacy, security, and compliance promises as set out in the Online Services Terms.</span></li>
<li style="box-sizing: border-box; margin-bottom: 8px;"><span style="font-family: "verdana" , sans-serif;"><strong style="box-sizing: border-box;">Move the Cortana window</strong>. With Windows 10, version 2004, you can drag the Cortana window to a more convenient location on your desktop.</span></li>
</ul>
<div>
<span style="color: #333333; font-family: "verdana" , sans-serif;">and much more so please checkout also the full article here:</span><a href="https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-for-it-pros-in-windows-10-version-2004/ba-p/1419764"><span style="font-family: "verdana" , sans-serif;">https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-for-it-pros-in-windows-10-version-2004/ba-p/1419764</span></a></div>
</div>
MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-35989063927577519772020-04-23T11:10:00.000+02:002020-04-23T11:10:31.929+02:00M365 wrong licensing impacts performance<span style="background-color: white; color: #343a41; font-family: "verdana" , sans-serif; font-size: inherit; font-style: inherit; font-weight: 600; white-space: pre-wrap;">Tenant level security & compliance features may have performance issues when licensed wrong!</span><br />
<span style="background-color: white; color: #343a41; font-family: "verdana" , sans-serif; font-size: inherit; font-style: inherit; font-weight: 600; white-space: pre-wrap;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsLQu38MNzlrDYWNDiPeTRkHdt7z1CPwBPibNtUkgkvGnb811nviptbes_nNY5N3tIRnTrG2qOgdwav-bY4tTtTTYSTfDZQooNB-L-ujmXSuv5waxz7a2Hw8pmAtPo-pRVzWWrim-AoT8/s1600/microsoft-365.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="250" data-original-width="400" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsLQu38MNzlrDYWNDiPeTRkHdt7z1CPwBPibNtUkgkvGnb811nviptbes_nNY5N3tIRnTrG2qOgdwav-bY4tTtTTYSTfDZQooNB-L-ujmXSuv5waxz7a2Hw8pmAtPo-pRVzWWrim-AoT8/s320/microsoft-365.png" width="320" /></a></div>
<span style="background-color: white; color: #343a41; font-family: "verdana" , sans-serif; font-size: inherit; font-style: inherit; font-weight: 600; white-space: pre-wrap;"><br /></span>
<span style="background-color: white; color: #343a41; font-family: "verdana" , sans-serif; font-size: inherit; font-style: inherit; font-weight: 600; white-space: pre-wrap;"><br /></span>
<br />
<div style="background-color: white; border: 0px; box-sizing: inherit; color: #343a41; font-size: 15px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: 20px; min-height: 21px; padding: 0px; vertical-align: baseline; white-space: pre-wrap;">
<span style="font-family: "verdana" , sans-serif;">Good example is the use of Office 365 ATP e.g. detonation chamber for attachements. Behind this feature there are VMs spinned up for processing the attachments. The number of licensed users control in the background the ammount of VMs used for this. Some customers belief its a good Idea to have 1 x E5 license and then they are able to use the features as they are tenant wide activated then. </span></div>
<div style="background-color: white; border: 0px; box-sizing: inherit; color: #343a41; font-size: 15px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: 20px; min-height: 21px; padding: 0px; vertical-align: baseline; white-space: pre-wrap;">
<span style="font-family: "verdana" , sans-serif;">But they fail in: </span></div>
<div style="background-color: white; border: 0px; box-sizing: inherit; color: #343a41; font-size: 15px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: 20px; min-height: 21px; padding: 0px; vertical-align: baseline; white-space: pre-wrap;">
<span style="font-family: "verdana" , sans-serif;">1. doing a license violation</span></div>
<div style="background-color: white; border: 0px; box-sizing: inherit; color: #343a41; font-size: 15px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: 20px; min-height: 21px; padding: 0px; vertical-align: baseline; white-space: pre-wrap;">
<span style="font-family: "verdana" , sans-serif;">2. having not enough ressources allocated to do the work. Physical result is a strongly delayed delivery of mails with attachments or with dynamic delivery option enabled also a strong delay in delivering the final attachment. This is caused by a tremendous queue of attachments waiting to be checked as there are not enough ressources allocated in the background.</span></div>
<div style="background-color: white; border: 0px; box-sizing: inherit; color: #343a41; font-size: 15px; font-stretch: inherit; font-variant-east-asian: inherit; font-variant-numeric: inherit; line-height: 20px; min-height: 21px; padding: 0px; vertical-align: baseline; white-space: pre-wrap;">
<span style="font-family: "verdana" , sans-serif;">For this and more impacts please refer also to this article. It also covers the topic how to limit the services correctly to the targeted users.
</span><a href="https://docs.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance" target="_blank"><span style="font-family: "verdana" , sans-serif;">https://docs.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance</span></a><span style="font-family: "verdana" , sans-serif;">
</span></div>
MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.comtag:blogger.com,1999:blog-3986497757463006066.post-78107227112131999802020-03-27T14:06:00.000+01:002020-03-27T14:11:28.140+01:00SCCM ConfigMgr Client Health<span style="font-family: "verdana" , sans-serif;">When you operate your client in an enterprise environment, then you may find from time to time clients in an unhealty condition. E.g. SCCM reporting does not work anymore or other issues around WMI originating from a corrupt WMI repository and much more.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<br />
<span style="font-family: "verdana" , sans-serif;">The tech fellow Anders Rodland created a fantastic PowerShell based framework to diagnose and heal your (sccm) clients automatically.</span><br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAH5MARni98vmFNgk6UVEd5kDqrd3huhN6k_8vuLLQFfeeWXgeYLHccYkz5HoFeyfYMUTszJJGE9k4OX2RvzVPO8ynooQKZZreGTT7jKEcybFuGJJmckIcE5VjXFlXGu5S_G1VYggeQxA/s1600/medical-sister-1780696_640.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="640" data-original-width="640" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAH5MARni98vmFNgk6UVEd5kDqrd3huhN6k_8vuLLQFfeeWXgeYLHccYkz5HoFeyfYMUTszJJGE9k4OX2RvzVPO8ynooQKZZreGTT7jKEcybFuGJJmckIcE5VjXFlXGu5S_G1VYggeQxA/s400/medical-sister-1780696_640.jpg" width="400" /></a></div>
<h2 style="background-color: white; box-sizing: border-box; font-size: 24px; line-height: 1.1; margin-bottom: 10px; margin-top: 20px;">
<span style="color: blue; font-family: "verdana" , sans-serif;">Features</span></h2>
<div style="background-color: white; box-sizing: border-box; color: #0a0a0a; margin-bottom: 10px;">
<span style="font-family: "verdana" , sans-serif;">ConfigMgr Client Health detects and fixes following errors:</span></div>
<br />
<ul style="background-color: white; box-sizing: border-box; color: #0a0a0a; margin-bottom: 10px; margin-top: 0px;">
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client is not installed.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client is assigned the correct site code.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client is upgraded to current version if not at specified minimum version.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client not able to forward state messages to management point.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client stuck in provisioning mode.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client maximum log file size.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client cache size. Fixed size (MB) or percentage of disk space.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client certificate error.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client hardware inventory not running.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">ConfigMgr client CcmSQLCE.log exists and client is not in debug mode.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">Corrupt WMI.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">DNS server record matches local IP’s</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">Drivers – Reports faulty or missing drivers on client.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">Logging to SQL database and / or file share</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">Pending reboot check</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">User-friendly reboot of computer with 3rd party reboot app when in pending reboot or computer uptime is more than specified in config.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">Services for ConfigMgr client is not running or disabled.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">Other services can be specified to start and run and specific state.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">Windows Update Agent not working correctly, causing client not to receive patches.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;">Windows Update Agent missing patches that fixes known bugs.</span></li>
<li style="box-sizing: border-box;"><span style="font-family: "verdana" , sans-serif;"><b>PLUS </b>additional ones in the latest version (check it out!)</span></li>
</ul>
<div>
<br /></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><span style="color: #0a0a0a;">More Information's can be found </span></span><span style="color: #0a0a0a; font-family: "verdana" , sans-serif;">here:</span><br />
<a href="https://www.andersrodland.com/configmgr-client-health/" style="font-family: verdana, sans-serif;">https://www.andersrodland.com/configmgr-client-health/</a></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">And the latest "ConfigMgrClient Health" can be found on Github:</span><br />
<span style="font-family: "verdana" , sans-serif;"><a href="https://github.com/AndersRodland/ConfigMgrClientHealth">https://github.com/AndersRodland/ConfigMgrClientHealth</a></span><br />
<br /></div>
MS-Labrathttp://www.blogger.com/profile/11329742590892213225noreply@blogger.com