Harjit Joins Microsoft!

The time has come to let the 🐱‍👤 out of the bag and make the formal announcement. On May 21, 2021, I wrote a blog post where I mentioned that I left my 18 year career in Higher-Ed as a Senior Systems Administrator at the University of Vermont.

I am excited to announce that as of today, June 7, 2021, I have joined Microsoft as a Customer Engineer for Microsoft 365. My role covers a variety of solutions under the Microsoft 365 umbrella including Modern Management which I’m very passionate and super excited about. I can finally say that I’m now a “Blue Badge” and my dream of joining Microsoft has come true!

There is so much that I want to mention and perhaps, I’ll start with my family. My wife Jenny and my daughters Sabrina and Hannah have been my rock, strength, motivation, strong supporters for what I do, and they highly encouraged me to pursue my dreams and passion. Thank you!

I’ve been privileged and honored to be a Microsoft MVP since January 2017, and I have grown and learned so much since then, as well as had many amazing opportunities, from guest blogging, consulting work, product reviews, NDA opportunities with Microsoft, Subject Matter Expert (SME) on various webinars and technical user groups, speaking engagements with several conferences including Microsoft Ignite in Orlando, Microsoft Ignite The Tours in Milan, Johannesburg, and Dubai (unfortunately COVID-19 cancelled my speaking gigs in Zurich, Mumbai, Bangalore, Tel-Aviv, and Chicago), TechMentor, IT/Dev Connections, and the one close to my heart and my favorite MMS aka MMSMOA, to name a few. During this journey, I developed strong bonds, positive reputation, respect, and trust among Microsoft product groups, MVP Program leadership, fellow Microsoft MVPs, vendors, event organizers, IT Professional community, mentees, my wonderful followers, and close friends. Thank you to all of you for your support, guidance, encouragement, and friendships.

Today also marks the end of the road for my Microsoft MVP award, which is something one has to give up upon joining Microsoft as an employee. I will continue to be a valuable resource not only to the MVP Program, the leadership, but to the IT Pro community as well, and will continue to empower everyone and help improve what I can. Thank you Betsy Weber, Rochelle Sonnenberg, and Christian Talavera for allowing me to do what I do, and most importantly for all the amazing opportunities as well as for my inclusivity as one of the trusted leaders within the MVP program. Also, Thank you Cathy Moya for the same and so much more. It’s amazing that we are all colleagues now. 😊🐱‍👤🙏👍

There are a few people who I would like to mention and recognize, who have been instrumental for my next career phase with Microsoft. The offline chats, references, internal recommendations, referring to open positions, keeping me in check, pushing me harder, motivations, encouraging me to stay positive, mentorship, discreet conversations, trust, friendships, and so much more, meant a lot to me and I’m forever appreciative and grateful. I know I am going to miss mentioning someone or another, and for that I apologize in advance and please forgive me. In no particular order, Thank you very much Noel Fairclough, Rod Trent, John Deardurff, Art Hogarth, Cathy Moya, Heather Poulsen, Kerim Hanif, Kris Loranger, Joe Lurie, and last but not least Julie Andreacola.

Thank you to Prayer Solanky who I consider my brother, and has been there for me in good times, during challenging moments of my life, provides tons of valuable advice, keeps me grounded and humble always, and who I trusted with my journey to Microsoft.
Also, Thank you to my wonderful friends Mick Pletcher, Anoop Nair, Richard Hay, John Yoakum, Jen Sheerin, Ben Dumke, Mary Jo Foley, Scott Ladewig, Ben Whitmore, James Petty, Jitesh Kumar, Octavio Rodriguez, Damien Van Robaeys, Nick Pilon, Benoit Lecours, Brian Mason, Greg Ramsey, Mirko Colemberg, Johan Arwidmark, Anne Baker, Peter De Tender, Adnan Hendricks, Team MMS, The Krewe, Team Devops Collective, Team SCDudes, and so many more. Last but not least, my close “Ignitable” friends (Pat, Dean, Brandon, Kenji, Stu, Henrik, Stuart, Joe, Travis, and Jin.

As I celebrate this happy occasion, I’m also reminded of my brother Amarjit who passed away on this very day (June 7th) in 2015. I miss him very much, but I know he is proud of me and is watching over me from heaven. 💗💗💗

With all that said, it’s time to kick start my new adventures with the company and people I love, embrace the unique opportunities, advocate and evangelize modern technologies, support the IT Pro community, and I’m ready to “empower every person and every organization to achieve more”! 🐱‍👤🐱‍👓🐱‍💻🐱‍🐉👍🙏✔

End of An Era

Today, Friday May 21, 2021 was my last working day as a Senior Systems Administrator at The University of Vermont in Burlington, Vermont. I hung my hat after almost 18 years of my dedication as an IT Professional at this institution of higher learning.

I have a lot to be Thankful, for the last 18 years here, including the experiences I have gained, the relationships I had built and cherish, the beautiful friendships, the wonderful opportunities for my professional development, the highly technical work I did, the ability to advocate and implement enterprise level technical solutions, the numerous kudos for the assistance I provided to other IT colleagues as well as the people who used the technologies, solving challenging problems, and much more. I have seen medical students become doctors and surgeons, students become engineers, teachers, lawmakers, and technologist to name a few. It’s thrilling to know that somehow big or small, I had some part in their positive education experiences leading to their successful careers.

I won’t deny that while I liked and enjoyed working at the university, there are several things that I wasn’t fond of and I definitely will not miss. However, working this long at one given place, it becomes part of who you are, it’s the identity that forms you, it’s the livelihood that provided for your family and so on. Therefore, it is bitter sweet to leave what I have known and accustomed to, the people who I worked with and also those who I supported, the higher education culture, and the beautiful campus which is the icon of the city of Burlington, Vermont. However, I have an amazing and wonderful opportunity to work at an amazing huge firm where I will be able to take my career to the next phase, be empowered to do amazing things, advocate for the top of the line technical solutions, have lots of growth and learning opportunities, and much much more. I’m super excited.

Where is Harjit headed to next? What’s he going to do? Well, I will officially announce the news of my next adventure in the next 2 weeks, so please be patient. 🙂 If you are one of a few people who has been privy to this knowledge, I kindly request for your trust and confidentiality, and allow me do the honors when I feel it’s the right time to do so. Thank you!

Stay tuned and more to come soon! Cheers!

Harjit has left the building………

Microsoft MVP 2019-2020 Renewal

I’m so Thankful, honored, and excited to receive the above email from the Microsoft Most Valuable Professional (MVP) Award team confirming my award renewal for the 2018-2019 year. This is my second consecutive award since receiving my first one on January 1, 2017. It has been a wonderful, exciting, fun, challenging, and rewarding experience with endless opportunities.

The MVP award has provided me with some great opportunities in terms of my career growth, skill development, and avenues to give back and help others in the IT Professional community. I have been invited to speak at conferences such as Microsoft Ignite (Orlando 2017 & 2018), MVP Community Connections (Boston and New York City), TechMentor, IT/Dev Connections, MMSMOA, user groups, various webinars, as well as opportunities to guest blog, join technical expert panelist, review technical books, test and evaluate software, provide technical expertise, guest speak on podcasts, community reporter at Microsoft Ignite 2017, community engagement specialist at various events, and much more.

This is my 3rd MVP Award and I am very grateful and appreciative for it and for the various opportunities provided to me over time. Thank you very much to each and every one of you for making me successful in my efforts as a MVP, IT Professional, and community contributor, and for providing me with the valuable resources and networking opportunities. Thank you!

MVP Profile

Microsoft MVP 2018-2019 Renewal

I’m so Thankful, honored, and excited to receive the above email from the Microsoft Most Valuable Professional (MVP) Award team confirming my award renewal for the 2018-2019 year. This is my second consecutive award since receiving my first one on January 1, 2017. It has been a wonderful, exciting, fun, challenging, and rewarding experience with endless opportunities.

The MVP award has provided some great opportunities for me in terms of my career growth, skill development, and avenues to give back and help others in the IT Professional community. I have been invited to speak at conferences such as Microsoft Ignite (Orlando 2017), MVP Community Connections (Boston and New York City), TechMentor, IT/Dev Connections, MMSMOA, user groups, webinars, as well as opportunities to guest blog, expert panelist, review technical books, test and evaluate software, provide technical expertise, guest podcaster, community reporter at Ignite 2017, community engagement specialist at various events, and much more.

I am very grateful and appreciative for my MVP award and various opportunities provided to me over time. Thank you very much to each and every one of you for making me successful in my efforts as a MVP, IT Professional, and community contributor, and for providing me with the valuable resources and networking opportunities. Thank you!

#2 Week 3 – Top 1000 Tech Bloggers

On January 23, 2018, I received an email from Rise Social Media with the weekly listing of social media influencers and their respective rankings among 1000 Tech bloggers. Typically, I quickly scan the email and delete it, but this time in the week 3 newsletter, something caught my eye and it was this message:

Well done to this week’s top three Antonio GrassoHarjit Dhaliwal, and Dave Winer ?

I did a double take and clicked on the week 3 link and confirmed that I had moved up to the number 2 spot from way down the list. I was super excited and couldn’t wait to share the news with my friends and followers on social media, which is the source of my influence. I remember being just as excited when I made it to the 14th spot on week 43 in 2017 (see image below).

I was first introduced to Rise Global by my friend Richard Hay, who is well respected in the technology industry where he covers valuable news, reviews, and many other tech related matters as a tech journalist. Rich has taught me how to use several useful tools, helped me with some automation techniques, as well as shared some insightful strategies which in turn has made me successful with my social media work. We also had the opportunity to work together as the official social media journalists for the IT/Dev Connections Conference held in San Francisco in October 2017. We are looking forward to do the same at IT/Dev Connection 2018 in Dallas.

And then we have my friends Christian Buckley and Vlad Catrinescu, who are great contributors in the tech community and powerhouse Microsoft MVPs. These guys make Rise Global status ranking fun and exciting to take part in. We have a running joke and a friendly competition between us, which often involves some fun teasing to keep things challenging. We are rooting for each other to get to the top spot, and then we can call it a collective success. It will happen sooner than later!

As an IT Professional, I enjoy social media quite a bit and have a knack for it. I have developed some strong skills in this respect which has allowed me to contribute to the community in various ways from helping IT Professionals with valuable information and resources to keeping commuters safe during their daily travels. My social media activities have provided many wonderful opportunities which include travel, representation at large conferences, member of various committees, access to privileged groups, speaking engagements, contributions to technical newsletters, reviewer for products, books, and software, and some consulting work to name a few. I am humbled and grateful for these opportunities and to everyone who has helped me and continue to support me. Thank you, Thank you!

Well, I’m not naive to know that my reign on Rise Global will not last for long but I did get my five minutes of fame for what it’s worth. If you have somehow come across this blog post, please feel free to follow my social media channels, subscribe to my blog, YouTube channels, and podcasts. You’ll enjoy the information I share. Thanks.

About Me: Harjit Dhaliwal
Blog: www.harjit.us
Twitter: @Hoorge
Twitter: @TechKonnect
Facebook: TechKonnect
LinkedIn: Me
YouTube: Harjit
YouTube: Harjit & Prayer Show
Podcast: PowerShell News
Instagram: Me
Microsoft: MVP
Microsoft Ignite: Speaker
Microsoft: TechCommunity

Happy New Year 2017

Greetings and Happy New Year to all. Wishing you lots of happiness, good health, abundance of love, wealth, prosperity, safety, adventurous travels, kindness, and much much more.

Here’s my vlog message for you!

Follow me (@Hoorge) on Twitter and join Tech Konnect on Facebook and Twitter (@TechKonnect) to stay current on technology related matters.

Recap – Microsoft Ignite 2016 By Harjit

photo-sep-30-10-17-09-am

– Ignite 2016 by Harjit –

*** This is my first pass on the recap. There is a lot more information which I would like to share and I’ll do so by adding on to this post or in a separate post ***

Microsoft Ignite Conference was held in Atlanta last week – One of my favorite conferences that I enjoy attending for learning and networking

23,000 attendees plus a few hundred vendors in a massive convention center. Sounds crazy but it was less chaotic as we experienced in Chicago last year

Over 1400 sessions from 20-minute theater sessions to 75-minute breakout sessions

Lots of great networking opportunities with peers, product teams, and speakers. One of the best values from this conference

Cloud, Cloud, Cloud = Azure, O365, Sharepoint, etc are hot stuff and the future (and the present)

Security was a big focus too with Windows 10, Windows Server 2016, Azure, and other online offerings

Azure is becoming the first AI supercomputer. Microsoft has some impressive datacenters across the world

The afternoon Innovation Keynote by Satya Nadella was cool and exciting. The morning Keynote was less than desirable but they served fresh donuts and other treats

Closing Celebration was held on Thursday at Centennial Park and it was a “camping” style theme, which had lots of games, activities, food, treats, and beer. Lots of fun!

Highlights:

  • Beam Robots were introduced at Ignite and were quite popular. People signed up from all over the world to drive them around the convention center and interact with attendees, product teams, and vendors to name a few. They were a lot of fun
  • Spark 360 Photo Booth – Had a cool 360 photo taken and my image turned into a window cling and displayed on a large window in the convention center along with several others. It was more of a pixelated style image
  • Had some casual chats with my tech idols Wally Mead, Jason Helmick, Sami Laiho, Paula Januszkiewicz, and a few others
  • Got to meet the wonderful and friendly Ignite planning team, i.e. marketing, social media, and the folks behind the new Microsoft Tech Community (which apparently will replace TechNet in the near future)
  • Everyone was friendly, courteous, and nice which made the experience much pleasant and enjoyable
  • Reconnecting with fellow IT peers who I see yearly at these conferences and made some new connections as well
  • Having friends with privileges set me up with lounge access at Harstfield-Jackson Airport (helped to kill time comfortably before my flight home)
  • Got to check out some Atlanta venues such as CNN, Coca Cola, Centennial Park, Philips Arena, and off course the massive Georgia World Convention Center
  • Feeling energized, motivated, and enthusiastic for future IT and my career
  • Two thumbs up!

Cons:

  • I got sick!
  • Missing my IT friends!
  • Conference ended!

I attended many sessions, spent time in the expo hall talking with vendors and checked out the demos of their products, talked with Microsoft product teams and developers, attended mini theater sessions such as Edge, Cortana, OneNote, Windows 10, ConfigMgr, Office, PowerShell, etc; had some “hallway” sessions with fellow attendees to learn about their IT issues and how they do things at their organizations, looked at some of their home grown tools, and asked for some technical tips and suggestions; spent some time in the Hands-On-Labs (HOLs) area to try and “play” with some products; attended some after-hour social events, and took advantage of a lot of networking opportunities. I was sad to discover that my new friend from Australia had her bag stolen from an evening social event which contained her laptop, passport, wallet, and phone to name a few. It was a big setback for her but she eventually made it home with some emergency documents from her embassy.

There was a lot of information covered and things I learned at Ignite, however it was a busy week and a lot to capture in one go, so going back to some of the sessions (recorded) which I attended and others that I missed (which I had wanted to check out) in the upcoming days and weeks as time permits will be a good refresher and valuable to me. At the conference, I focused mostly on Windows 10, Windows Server 2016, ConfigMgr, and deployments to name a few. Below are some of my notes from a few different areas in no particular order. Sorry for the long post.

==================================================================

Windows 10

Windows 10 Deployments: What’s new?

  • Deploy Windows 10 to Windows 7,8, 8.1 with In-Place Upgrade or Traditional Deployment
  • New devices – Deploy with Provisioning or Traditional Deployments
  • Existing Windows 10 (Stay Current) – In-Place Upgrade

When not to use In-Place Upgrade:

  1. Changing from x86 to x64
  2. Changing from Legacy BIOS to UEFI
  3. Dual boot and multi boot systems
  4. Using certain 3rd party disk encryption products
  5. Can’t use custom image for in-place upgrade. Must use install.wim that comes with the original media, which lays down the clean OS and then merges the apps, data, and settings

Upgrade Process: Drivers

  1. Some classes of driver are not migrated forward – Display and Bluetooth drivers are left behind and any driver considered incompatible. New in-box drivers are used for those devices

Upgrade Process: Dynamic Update

  1. Grabs latest servicing update to inject into media
  2. Gets needed drivers that aren’t in the media
  3. Manually inject Cummulative Updates into install.wim

Upgrade Process: Size

  1. Each feature update is 3.5GB per PC (whether from Windows 7/8.1 or from Windows 10 to a later feature upgrade)
  2. Each monthly quality update is now up to 1GB per PC (when using ConfigMgr or 3rd party patching tools)
  3. Recommended to use peer-to-peer distribution
  4. Use of Express update with WSUS, reduces monthly traffic to 50-100MB as only the new components are pulled down
  5. Microsoft is investigating changes to ConfigMgr (Current Branch) for Windows 10 help
  6. Use BranchCache in ConfigMgr

Upgrade Process: In-Box Apps

  1. Can remove in-box apps but each feature update puts them back
    https://blogs.technet.microsoft.com/mniehaus/2015/11/11/removing-windows-10-in-box-apps-during-a-task-sequence/
    Workaround: Remove them again post-upgrade with task sequence step, scheduled task, or SetupComplete.cmd file that runs a script

Upgrade Process: Settings Migration

  1. The upgrade process should migrate all settings (default applications, file associations, user, systems, and app settings
  2. Some settings may not be migrated properly and these should be considered as bugs (submit feedback, contact TAM, open a case)

Upgrade Process: Preflight

  1. Preflight to determine ahead of time if upgrade will succeed
    Use exe /Auto Upgrade /Compat ScanOnly /Quiet
  2. Runs an upgrade process without actually running a production upgrade
  3. Provides return code and XML reports to identify issues
    https://blogs.technet.com/b/mniehaus/archive/2015/08/23/windows-10-pre-upgrade-validation-using-setup-exe.aspx

Other:

  1. Feature updates can be deferred for 1-180 days
  2. Quality updates can be deferred for 1-30 days

Quality Updates:

  1. Single cumulative update each month
  2. Security fixes, reliability fixes, bug fixes, etc
  3. Supersedes the previous month’s updates
  4. No new features

Feature Updates:

  1. Targeting twice per year with new capabilities
  2. Reliable with built-in rollback capabilities
  3. Deployment using in-place upgrade, driven by existing tools

Provisioning:

  1. Designed for new PCs out-of-the-box to transform for business use with little or no user interaction
  2. Create provisioning packages using Windows Imaging and Configuration Designer tool (available with Windows ADK)
  3. Provisioning packages are small (< 10K) and can be deployed by email, file server, or USB
  4. Can change OS SKU from Professional to Enterprise (slmgr.vbs /ipk)
  5. Can apply policies, settings, install apps and updates, enroll device for management
  6. This could be a better method to use by the Depot to prepare Windows 10 PCs for the organization instead of imaging them

MDT 2013 Update 2 is still the current release

  1. Fully supports Windows 10 1607 and most bugs fixed

Sysprep Changes

  1. Previous Sysprep did not support upgraded OSes, for example upgrading from Windows 7 to Windows 10, then trying to Sysprep and capture would always fail
  2. With Windows 10 1607, Sysprep is now supported on upgraded OSes

Taskbar Configuration

  1. With Windows 10 1607, can now configure the task bar
  2. Add or remove icons or replace entire layout
  3. Driven by Group Policy (same Start screen control policy used for the Start menu) or via LayoutModification.xml file
  4. Place file in c:\users\default\appdata\local\microsoft\windows\shell

https://technet.microsoft.com/en-us/itpro/windows/manage/windows-10-start-layout-options-and-policies

https://technet.microsoft.com/en-us/itpro/windows/manage/configure-windows-10-taskbar

Windows Upgrade Analytic Service (free service via OMS with a subscription)

  1. Free tool that leverages telemetry
  2. Tells you what issues you may encounter with upgrades
  3. Shows you what PCs are in your environment, what applications are running, and what drivers are on them
  4. Shows known incompatibility issues

Windows 10 Deployment: Tips & tricks

  • Handling device drivers in deployment process, common deployment issues, workarounds, parsing logs, WinPE and PXE troubleshooting, UEFI deployments
  • Use MDT and ConfigMgr for deployments

Patching

  • Starting October 2016 Patch Tuesday cycle, Windows 7 and Windows 8.1 will follow the Windows 10 Cummulative Update framework, where monthly patches will be delivered in one CU rather than split up into many individual patches, which means individual patches cannot be removed post CU install. Heard some rumors that Microsoft may be coming up with a tool to allow IT Pros to remove problematic updates, since that is a big concern for many especially when older LOB applications have compatibility issues.

==================================================================

ConfigMgr

New Current Branch servicing model

  1. New features added with 3 releases per year
  2. 12 month support lifecycle for each release
  3. N-1 support for Windows 10 deployments and management – ConfigMgr 1602 or 1607 are required to support Windows 10 1607

Two mechanisms for Windows 10 feature updates

  1. Windows 10 Servicing feature, for automated servicing plans
  2. Task Sequences – when needing to do pre or post processing steps using customized media
  • ConfigMgr 1606 Tech Preview deprecates OSDPreserveDriveLetter (Task Sequence variable) – No more D: drive or E: drive issue for system OS

ConfigMgr sessions were catered around OSD, Intune, managing mobile devices and apps, deploying O365 clients, and Windows 10 deployments.

  • Over 40 million clients managed by ConfigMgr worldwide
  • New ConfigMgr CB release is called 1610 and offers cloud-based management and peer caching content
  • Microsoft Intune portal is moving from Silverlight to Azure – New Intune portal expected in Q1 2017
  • “When you need to go fast with Windows 10, you need to go fast with ConfigMgr too”
  • New MDT toolkit releasing later this year and will simply be called MDT instead of MDT 2016
  • Nested task sequences are coming soon in ConfigMgr

==================================================================

Cortana

  • With the Windows 10 Anniversary Update, Sticky Notes got a link-enabled update with support for Cortana insights which lets you set reminders, call written phone numbers, send email messages, view web links, map directions, etc
  • Cortana is gathering data and learning daily

=================================================================

Windows Server 2016

Introduce Windows Server 2016 Into Your Environment (*Watch this sessions*):
https://youtu.be/ximW1iMaUwE

– Configuration Levels

  1. Windows Server with Desktop Experience (Graphical Shell, Management Tools, Desktop, Core OS)
  2. Windows Server Core (more for application services)
  3. Nano Server

Windows Server with Desktop Experience and Windows Server Core follows the Long Term Servicing Branch (LTSB) – New version every 2 to 3 years and supported with 5 years support and 5 years extended (5 + 5).

Nano Server follows the Current Branch for Business model – a new version every 6 months.

Nano Server:

  • Smallest footprint (approximately 500 MBs)
  • Very fast deployment and reboots
  • Focus on two key scenarios – Born-in-the-cloud applications and Cloud platform (Hyper-V and Scale-Out File Servers)
  • Not installed in the traditional manner. Use Nano Server Image Builder or PowerShell cmdlets
  • Sysinternals tools ported to run on Nano Server https://download.sysinternals.com/files/SysinternalsSuite-Nano.zip

Windows Server 2016 utilizes Cummulative Updates like Windows 10.
Only need the latest CU to bring the server to the latest patch version.
Security Updates will be delivered on an as needed basis.

Containers:

  • Most people struggle to deploy custom applications to production environment. Containers solves this by enabling applications and libraries to run in their own containers which have dependencies
  • Fast deployment and high density
  • Share an OS instance with user mode isolation (sandbox)
  • Can be managed with DockerCLI or PowerShell (uses Docker REST API). Docker is the management engine for Containers
  • Each container cannot see other containers from a user mode level

Storage:

  • Storage Spaces Direct – Aggregates internal disks or connected via external storage
  • Storage Replica – Block-level replication between stand-alone or clustered servers. Replication via SMB 3
  • Some features in Datacenter SKUs only
  • ReFS got some improvements in performance

Networking:

  • Major changes with Network Virtualization – Software defined networking v2
  • Manageable via PowerShell, Azure Stack, or SCVMM

Remote Desktop Services:

  • OpenGL 4.4 and OpenCL 1.1 RemoteFX support. RemoteFX support in Windows Server 2016 guest
  • Personal session desktops, i.e. specific RDSH per user
  • Pen remoting support (pen acting as pen instead of mouse)
  • Remote Credential Guard – Credentials are not stored on the remote server when /RemoteGuard switch is used with mstsc

Active Directory:

  • Privileged Identity Management (PIM) to mitigate credential theft using a bastion forest, utilizes Microsoft Identity Manager (MIM)
  • New workflows for administrative privilege access
  • Time-bound memberships – Kerberos ticket lifetimes restricted to time of lowest time-bound membership

Manage and Troubleshoot Your Windows Server Environment Remotely

  • Free Azure management tools for on-prem Windows Server 2016. Securely manage on-prem servers remotely from anywhere
  • Need to setup a proxy to allow communication between on-prem servers and Azure
  • Can start a free trial for Azure and when it expires, you can still keep using the remote server management tools for free
  • Web-based remote Server Management Tools (SMT) – Free Azure service with a subscription https://azure.microsoft.com
  • Includes replacements for local only tools, such as Task Manager, Device Manager, Sconfig, Registry Editor, Firewall rules, Certificate Manager, Local Administrators, Network Settings, PowerShell Console, Services, Storage, Windows Updates, Event Viewer, etc
  • Alternative to Remote Desktop
  • Based on WMI and PowerShell
  • Manages Nano Server, Server Core, Server with Desktop Experience
  • Supports Windows Server 2016, Server 2012 R2, Server 2012

Deployments of SMT (https://portal.azure.com):

  • UX hosted within Azure portal connected via a gateway service deployed in your infrastructure
  • Agentless model, gateway service connects to the internet via port 443
  • Gateway deployed via MSI on a server designated as the gateway service
  • Gateway resource provisioned in Azure Resource Group
  • Scale gateways for resiliency and performance
  • Gateway only reaches out using https – no special firewall rules required
  • Gateway Group Policy – AllowGateway (lock down environment by default, only allow SMT gateways on authorized servers)
  • Gateway Group Policy – RequireMFA (require MFA for Azure to send the required header)

SMT page http://aka.ms/smt-create
Blog page http://aka.ms/servermanagement

Remote Server Management Tools (RSAT)

  • An updated RSAT package for Windows 10 will be available in the Windows Server 2016 GA timeframe
  • Will support Windows Server 2016, Nano Server, Windows Server 2012 R2 and 2012

PowerShell

==================================================================

Security

Understanding Credential Security: Important things you need to know about storing your identity
https://www.youtube.com/watch?v=vAmgmibNVys

Paula Januszkiewicz

  • Attended her session because she is a great speaker and super smart. Check it out via the YouTube link above
  • Talks about the unexpected places your passwords reside, how password attacks are performed, and typical paths where credentials can be leaked
  • Demos include how she hacks cached credentials, KeePass, Remote Desktop Manager, IIS, etc
  • Kerberos pre-authorization token which allowed access without the smart card even when that was the only authentication method

Sami Laiho (awesome speaker)

Learn Why You Need To Ditch Admin Rights – Session not yet available online
Learn About Windows 10 Secure Kernel – https://youtu.be/7eMmR7B-xFk
Discover Windows 10 Internals – https://youtu.be/Qz2bRdwS4O4

  • Another brilliant speaker on Windows security
  • Sessions were demo filled, so videos will provide much details
  • Talks about ditching admin rights, how admins can impersonate others, shows how to login to systems as a normal user with admin rights, etc

Microsoft Advanced Threat Analytics (ATA)

  • Can detect advanced threats in your network
  • ATA leverages unique machine learning algorithms, together with the latest security researches in order to detect suspicious activities such as Pass-The-Hash, Pass-The-Ticket, and more
  • ATA helps identify breaches and threats using behavioral analysis

==================================================================

Office 365

  • New UI
  • Office 365 growing rapidly
  • Office 365 App Launcher – https://blogs.office.com/2016/09/27/introducing-the-new-office-365-app-launcher/
  • Office 365 Administration – New Admin Center is now GA (easier, faster, more insights, more functionality)
  • New usage reporting dashboard
  • Improved search
  • Monitor DirSync status (easy access from admin dashboard, quickly identify issues)
  • Message Center – Stay on top of upcoming O365 changes, take required action, and prevent problems
  • Office 365 Admin App – Manage on the go – http://aka.ms/office365adminmobile
  • Retirement of old Admin Center in Q4 2016

Office 365 Roadmap http://roadmap.office.comOffice
Office Blog https://blogs.office.com

==================================================================

Windows Hello

  • Microsoft announced that Android and iOS devices will get Windows Hello authentication support

==================================================================

OneDrive

  • OneDrive getting more integrated with Sharepoint Online, plus new capabilities when used on web browser or mobile device
  • Built-in more features to secure and manage OneDrive content
  • The sync client for OneDrive (consumer) and Onedrive for Business now gets a Sharepoint sync as well
  • Delivers unified sync experience with ability to sync Sharepoint Online document libraries and OneDrive folders shared with users
  • New activity center to show recent changes to files
  • On web, OneDrive able to display rich previews for commonly used business file types such as Adobe, Photoshop, etc
  • New features to OneDrive app for iOS and Android
    • Push notifications when files are shared with you
    • Scan feature to combine multiple photos into a single pdf file
    • Discover how many team members have viewed the files
  • New IT capabilities – OneDrive user management in O365
    • Set storage quota
    • External sharing permissions for specific user

==================================================================

Microsoft SQL Server 2016

Here are some SQL 2016 sessions to check out

Upgrade to Microsoft SQL Server 2016 – https://youtu.be/WboD21kxIRM
Learn How SQL Server 2016 on Windows Server 2016 are better together – https://youtu.be/bEABd2zOV9k

==================================================================

That’s all folks!

Follow (@Hoorge) on Twitter and join Tech Konnect on Facebook and Twitter (@TechKonnect) to stay current on technology related matters.

 

Social Media High Five

My good friend Nick Lagalante of Thycotic surprised me with this awesome recognition for my continued social media engagement with the IT community. Thanks Nick!

You can catch up with me at: