On Twitter I asked the following to David James (Director of Engineering, ConfigMgr, Microsoft) and Johan Arwidmark (CTO @ TrueSec):
With Windows 10 1607, Microsoft introduced Dual Scan functionality, which allows the computer to connect with Microsoft Updates besides using WSUS or SCCM. Steve Henry from Microsoft: “It is for the enterprise that wants WU to be its primary update source while Windows Server Update Services (WSUS) provides all other content.” I’ve seen various blog posts not covering all the steps I had to take to ensure Windows only looks to SCCM/WSUS. Especially covering Windows 10 deployments with System Center – Configuration Manager.
This error message is related to Device Guard Code Integrity in Windows 10 and shows up in the Event Viewer under the Code Integrity folder. As of writing this article, the error message is not described in online documentation of Microsoft.
With the Windows 10 Creators Update, Microsoft introduced Windows AutoPilot. Windows AutoPilot is a service which allows users to enroll their device with the Intune/Azure AD tenant of the organization during the Out-of-the-Box (OOBE) experience of Windows 10. By using Windows AutoPilot, organizations can dramatically decrease the time needed to configure a new device. During Microsoft Tech Summit 2018 in Amsterdam, Michael Niehaus announced some exciting new features which I will discuss in this blog post too.
With Windows Servicing, Microsoft is forcing consumers and businesses to upgrade to a Windows 10 Build twice a year. Theoretically you could go for one build per year, but that forces you to upgrade to a new build within 6 months. Otherwise you will end up without support for the old build.
This introduces quite some issues within both SMBs and large organizations. Recently a friend asked me about a recent printer that stopped working. The printer was 2 months old and from a large vendor. I directly checked the build of the machine and yes, it was recently upgraded to the Fall Creators Update. The printer was identified as an “Unknown USB Device”. Updating the driver of the printer didn’t help. Luckily the Technical Support was responding quickly to help, but this means manual processing of orders for the next couple of weeks. Yes I can revert the machine back to the old build, but will that fix the issue or create more issues? And because it’s not a Windows 10 Enterprise machine, Microsoft will try to update the machine later on.
Lost track of the service channel naming of Windows and Office Servicing? Is it “Current Branch” or “Semi-Annual Channel” now?! Or Standard Release?!
Ready: Semi-Annual Channel (Targeted)
Ready for Business: Semi-Annual Channel
Ready: Semi-Annual Channel (Targeted) (Or Targeted Release)
Ready for Business: Semi-Annual Channel (Or Standard Release)
Last update: recently… 🙂
Every day is a new day to change these again, so stay tuned!
This article describes the licensing options you have when you want to deploy Windows Server Virtual Machines in Azure. It’s getting complicated when you start using the Hybrid Use Benefit solution, so always contact Microsoft or your licensing supplier. Please note that I will not answer any licensing questions.
Built-in Licensing for Windows Server
This type of licensing is by-far the most easy to use but it can be an expensive solution. You deploy an Azure Virtual Machine from the Portal or PowerShell and the licensing costs are automatically included with the Virtual Machine costs. But what if you want to use your existing KMS licenses which you’ve bought with your Enterprise Agreement? Or you want to use Windows Server Standard licenses instead of Datacenter licenses?