This week Microsoft quietly released some information about a new Azure solution called Azure Bastion. Azure Bastion acts as a gateway between a Virtual Machine in Azure and your session in the Azure Portal. This means that without assigning a Public IP address, you are able to connect to your Azure Virtual Machine through the Azure Portal. No Remote Desktop environment or jumpbox needed. Azure Bastion is currently in Private Preview.
On Twitter I asked the following to David James (Director of Engineering, ConfigMgr, Microsoft) and Johan Arwidmark (CTO @ TrueSec):
With Windows 10 1607, Microsoft introduced Dual Scan functionality, which allows the computer to connect with Microsoft Updates besides using WSUS or SCCM. Steve Henry from Microsoft: “It is for the enterprise that wants WU to be its primary update source while Windows Server Update Services (WSUS) provides all other content.” I’ve seen various blog posts not covering all the steps I had to take to ensure Windows only looks to SCCM/WSUS. Especially covering Windows 10 deployments with System Center – Configuration Manager.
This error message is related to Device Guard Code Integrity in Windows 10 and shows up in the Event Viewer under the Code Integrity folder. As of writing this article, the error message is not described in online documentation of Microsoft.
With the Windows 10 Creators Update, Microsoft introduced Windows AutoPilot. Windows AutoPilot is a service which allows users to enroll their device with the Intune/Azure AD tenant of the organization during the Out-of-the-Box (OOBE) experience of Windows 10. By using Windows AutoPilot, organizations can dramatically decrease the time needed to configure a new device. During Microsoft Tech Summit 2018 in Amsterdam, Michael Niehaus announced some exciting new features which I will discuss in this blog post too.
With Windows Servicing, Microsoft is forcing consumers and businesses to upgrade to a Windows 10 Build twice a year. Theoretically you could go for one build per year, but that forces you to upgrade to a new build within 6 months. Otherwise you will end up without support for the old build.
This introduces quite some issues within both SMBs and large organizations. Recently a friend asked me about a recent printer that stopped working. The printer was 2 months old and from a large vendor. I directly checked the build of the machine and yes, it was recently upgraded to the Fall Creators Update. The printer was identified as an “Unknown USB Device”. Updating the driver of the printer didn’t help. Luckily the Technical Support was responding quickly to help, but this means manual processing of orders for the next couple of weeks. Yes I can revert the machine back to the old build, but will that fix the issue or create more issues? And because it’s not a Windows 10 Enterprise machine, Microsoft will try to update the machine later on.
Lost track of the service channel naming of Windows and Office Servicing? Is it “Current Branch” or “Semi-Annual Channel” now?! Or Standard Release?!
Ready: Semi-Annual Channel (Targeted)
Ready for Business: Semi-Annual Channel
Ready: Semi-Annual Channel (Targeted) (Or Targeted Release)
Ready for Business: Semi-Annual Channel (Or Standard Release)
Last update: recently… 🙂
Every day is a new day to change these again, so stay tuned!