#2 Week 3 – Top 1000 Tech Bloggers

On January 23, 2018, I received an email from Rise Social Media with the weekly listing of social media influencers and their respective rankings among 1000 Tech bloggers. Typically, I quickly scan the email and delete it, but this time in the week 3 newsletter, something caught my eye and it was this message:

Well done to this week’s top three Antonio GrassoHarjit Dhaliwal, and Dave Winer ?

I did a double take and clicked on the week 3 link and confirmed that I had moved up to the number 2 spot from way down the list. I was super excited and couldn’t wait to share the news with my friends and followers on social media, which is the source of my influence. I remember being just as excited when I made it to the 14th spot on week 43 in 2017 (see image below).

I was first introduced to Rise Global by my friend Richard Hay, who is well respected in the technology industry where he covers valuable news, reviews, and many other tech related matters as a tech journalist. Rich has taught me how to use several useful tools, helped me with some automation techniques, as well as shared some insightful strategies which in turn has made me successful with my social media work. We also had the opportunity to work together as the official social media journalists for the IT/Dev Connections Conference held in San Francisco in October 2017. We are looking forward to do the same at IT/Dev Connection 2018 in Dallas.

And then we have my friends Christian Buckley and Vlad Catrinescu, who are great contributors in the tech community and powerhouse Microsoft MVPs. These guys make Rise Global status ranking fun and exciting to take part in. We have a running joke and a friendly competition between us, which often involves some fun teasing to keep things challenging. We are rooting for each other to get to the top spot, and then we can call it a collective success. It will happen sooner than later!

As an IT Professional, I enjoy social media quite a bit and have a knack for it. I have developed some strong skills in this respect which has allowed me to contribute to the community in various ways from helping IT Professionals with valuable information and resources to keeping commuters safe during their daily travels. My social media activities have provided many wonderful opportunities which include travel, representation at large conferences, member of various committees, access to privileged groups, speaking engagements, contributions to technical newsletters, reviewer for products, books, and software, and some consulting work to name a few. I am humbled and grateful for these opportunities and to everyone who has helped me and continue to support me. Thank you, Thank you!

Well, I’m not naive to know that my reign on Rise Global will not last for long but I did get my five minutes of fame for what it’s worth. If you have somehow come across this blog post, please feel free to follow my social media channels, subscribe to my blog, YouTube channels, and podcasts. You’ll enjoy the information I share. Thanks.

About Me: Harjit Dhaliwal
Blog: www.harjit.us
Twitter: @Hoorge
Twitter: @TechKonnect
Facebook: TechKonnect
LinkedIn: Me
YouTube: Harjit
YouTube: Harjit & Prayer Show
Podcast: PowerShell News
Instagram: Me
Microsoft: MVP
Microsoft Ignite: Speaker
Microsoft: TechCommunity

Microsoft Ignite (2017) Community Reporter

I’m happy to announce that I’m honored to be selected as a Community Reporter for Microsoft Ignite at this year’s conference in Orlando from September 25-29, 2017. As a Community Reporter, I’ll be helping to bring the IT Pro community together in a series of interviews, recordings, live shows, social media, and much more. You will find my introduction and a Q&A on the Microsoft Tech Community site.

The Community Reporters are meticulously selected by Microsoft Ignite particularly as community influencers, Microsoft MVP, technical expertise, strong engagements with the IT Pro community, leadership, past conference planning experiences, and other unknown factors which is probably on a need to know only basis. 🙂

Here’s the announcement from Microsoft Ignite:

This year at Microsoft Ignite, we’re excited to have 10 MVPs serving as Community Reporters. Leading up to Orlando, they’ll be sharing tips and tricks for navigating Microsoft Ignite, what to pack, and a look at their session schedules. During Microsoft Ignite, the Community Reporters will be your go-to’s for live event updates. If you aren’t attending the conference this year, these reporters will be a great way to see what’s happening on-the-ground in Orlando. Check out their introductions and follow them on social to stay up-to-date on all things Microsoft Ignite!

I have the pleasure of being on the team of reporters comprised of a top notch crew (some of whom are good friends who I have known for a few years), and they are:

Check out their profiles, follow their social channels, and feel free to engage with any one of us. Thank you to the awesome folks at Microsoft Ignite and Microsoft Tech Community teams for the great opportunity. See you in Orlando!

Follow @Hoorge on Twitter and join Tech Konnect on Facebook and Twitter to stay current on technology related matters.

Recap – Microsoft Ignite 2016 By Harjit

photo-sep-30-10-17-09-am

– Ignite 2016 by Harjit –

*** This is my first pass on the recap. There is a lot more information which I would like to share and I’ll do so by adding on to this post or in a separate post ***

Microsoft Ignite Conference was held in Atlanta last week – One of my favorite conferences that I enjoy attending for learning and networking

23,000 attendees plus a few hundred vendors in a massive convention center. Sounds crazy but it was less chaotic as we experienced in Chicago last year

Over 1400 sessions from 20-minute theater sessions to 75-minute breakout sessions

Lots of great networking opportunities with peers, product teams, and speakers. One of the best values from this conference

Cloud, Cloud, Cloud = Azure, O365, Sharepoint, etc are hot stuff and the future (and the present)

Security was a big focus too with Windows 10, Windows Server 2016, Azure, and other online offerings

Azure is becoming the first AI supercomputer. Microsoft has some impressive datacenters across the world

The afternoon Innovation Keynote by Satya Nadella was cool and exciting. The morning Keynote was less than desirable but they served fresh donuts and other treats

Closing Celebration was held on Thursday at Centennial Park and it was a “camping” style theme, which had lots of games, activities, food, treats, and beer. Lots of fun!

Highlights:

  • Beam Robots were introduced at Ignite and were quite popular. People signed up from all over the world to drive them around the convention center and interact with attendees, product teams, and vendors to name a few. They were a lot of fun
  • Spark 360 Photo Booth – Had a cool 360 photo taken and my image turned into a window cling and displayed on a large window in the convention center along with several others. It was more of a pixelated style image
  • Had some casual chats with my tech idols Wally Mead, Jason Helmick, Sami Laiho, Paula Januszkiewicz, and a few others
  • Got to meet the wonderful and friendly Ignite planning team, i.e. marketing, social media, and the folks behind the new Microsoft Tech Community (which apparently will replace TechNet in the near future)
  • Everyone was friendly, courteous, and nice which made the experience much pleasant and enjoyable
  • Reconnecting with fellow IT peers who I see yearly at these conferences and made some new connections as well
  • Having friends with privileges set me up with lounge access at Harstfield-Jackson Airport (helped to kill time comfortably before my flight home)
  • Got to check out some Atlanta venues such as CNN, Coca Cola, Centennial Park, Philips Arena, and off course the massive Georgia World Convention Center
  • Feeling energized, motivated, and enthusiastic for future IT and my career
  • Two thumbs up!

Cons:

  • I got sick!
  • Missing my IT friends!
  • Conference ended!

I attended many sessions, spent time in the expo hall talking with vendors and checked out the demos of their products, talked with Microsoft product teams and developers, attended mini theater sessions such as Edge, Cortana, OneNote, Windows 10, ConfigMgr, Office, PowerShell, etc; had some “hallway” sessions with fellow attendees to learn about their IT issues and how they do things at their organizations, looked at some of their home grown tools, and asked for some technical tips and suggestions; spent some time in the Hands-On-Labs (HOLs) area to try and “play” with some products; attended some after-hour social events, and took advantage of a lot of networking opportunities. I was sad to discover that my new friend from Australia had her bag stolen from an evening social event which contained her laptop, passport, wallet, and phone to name a few. It was a big setback for her but she eventually made it home with some emergency documents from her embassy.

There was a lot of information covered and things I learned at Ignite, however it was a busy week and a lot to capture in one go, so going back to some of the sessions (recorded) which I attended and others that I missed (which I had wanted to check out) in the upcoming days and weeks as time permits will be a good refresher and valuable to me. At the conference, I focused mostly on Windows 10, Windows Server 2016, ConfigMgr, and deployments to name a few. Below are some of my notes from a few different areas in no particular order. Sorry for the long post.

==================================================================

Windows 10

Windows 10 Deployments: What’s new?

  • Deploy Windows 10 to Windows 7,8, 8.1 with In-Place Upgrade or Traditional Deployment
  • New devices – Deploy with Provisioning or Traditional Deployments
  • Existing Windows 10 (Stay Current) – In-Place Upgrade

When not to use In-Place Upgrade:

  1. Changing from x86 to x64
  2. Changing from Legacy BIOS to UEFI
  3. Dual boot and multi boot systems
  4. Using certain 3rd party disk encryption products
  5. Can’t use custom image for in-place upgrade. Must use install.wim that comes with the original media, which lays down the clean OS and then merges the apps, data, and settings

Upgrade Process: Drivers

  1. Some classes of driver are not migrated forward – Display and Bluetooth drivers are left behind and any driver considered incompatible. New in-box drivers are used for those devices

Upgrade Process: Dynamic Update

  1. Grabs latest servicing update to inject into media
  2. Gets needed drivers that aren’t in the media
  3. Manually inject Cummulative Updates into install.wim

Upgrade Process: Size

  1. Each feature update is 3.5GB per PC (whether from Windows 7/8.1 or from Windows 10 to a later feature upgrade)
  2. Each monthly quality update is now up to 1GB per PC (when using ConfigMgr or 3rd party patching tools)
  3. Recommended to use peer-to-peer distribution
  4. Use of Express update with WSUS, reduces monthly traffic to 50-100MB as only the new components are pulled down
  5. Microsoft is investigating changes to ConfigMgr (Current Branch) for Windows 10 help
  6. Use BranchCache in ConfigMgr

Upgrade Process: In-Box Apps

  1. Can remove in-box apps but each feature update puts them back
    https://blogs.technet.microsoft.com/mniehaus/2015/11/11/removing-windows-10-in-box-apps-during-a-task-sequence/
    Workaround: Remove them again post-upgrade with task sequence step, scheduled task, or SetupComplete.cmd file that runs a script

Upgrade Process: Settings Migration

  1. The upgrade process should migrate all settings (default applications, file associations, user, systems, and app settings
  2. Some settings may not be migrated properly and these should be considered as bugs (submit feedback, contact TAM, open a case)

Upgrade Process: Preflight

  1. Preflight to determine ahead of time if upgrade will succeed
    Use exe /Auto Upgrade /Compat ScanOnly /Quiet
  2. Runs an upgrade process without actually running a production upgrade
  3. Provides return code and XML reports to identify issues
    https://blogs.technet.com/b/mniehaus/archive/2015/08/23/windows-10-pre-upgrade-validation-using-setup-exe.aspx

Other:

  1. Feature updates can be deferred for 1-180 days
  2. Quality updates can be deferred for 1-30 days

Quality Updates:

  1. Single cumulative update each month
  2. Security fixes, reliability fixes, bug fixes, etc
  3. Supersedes the previous month’s updates
  4. No new features

Feature Updates:

  1. Targeting twice per year with new capabilities
  2. Reliable with built-in rollback capabilities
  3. Deployment using in-place upgrade, driven by existing tools

Provisioning:

  1. Designed for new PCs out-of-the-box to transform for business use with little or no user interaction
  2. Create provisioning packages using Windows Imaging and Configuration Designer tool (available with Windows ADK)
  3. Provisioning packages are small (< 10K) and can be deployed by email, file server, or USB
  4. Can change OS SKU from Professional to Enterprise (slmgr.vbs /ipk)
  5. Can apply policies, settings, install apps and updates, enroll device for management
  6. This could be a better method to use by the Depot to prepare Windows 10 PCs for the organization instead of imaging them

MDT 2013 Update 2 is still the current release

  1. Fully supports Windows 10 1607 and most bugs fixed

Sysprep Changes

  1. Previous Sysprep did not support upgraded OSes, for example upgrading from Windows 7 to Windows 10, then trying to Sysprep and capture would always fail
  2. With Windows 10 1607, Sysprep is now supported on upgraded OSes

Taskbar Configuration

  1. With Windows 10 1607, can now configure the task bar
  2. Add or remove icons or replace entire layout
  3. Driven by Group Policy (same Start screen control policy used for the Start menu) or via LayoutModification.xml file
  4. Place file in c:\users\default\appdata\local\microsoft\windows\shell

https://technet.microsoft.com/en-us/itpro/windows/manage/windows-10-start-layout-options-and-policies

https://technet.microsoft.com/en-us/itpro/windows/manage/configure-windows-10-taskbar

Windows Upgrade Analytic Service (free service via OMS with a subscription)

  1. Free tool that leverages telemetry
  2. Tells you what issues you may encounter with upgrades
  3. Shows you what PCs are in your environment, what applications are running, and what drivers are on them
  4. Shows known incompatibility issues

Windows 10 Deployment: Tips & tricks

  • Handling device drivers in deployment process, common deployment issues, workarounds, parsing logs, WinPE and PXE troubleshooting, UEFI deployments
  • Use MDT and ConfigMgr for deployments

Patching

  • Starting October 2016 Patch Tuesday cycle, Windows 7 and Windows 8.1 will follow the Windows 10 Cummulative Update framework, where monthly patches will be delivered in one CU rather than split up into many individual patches, which means individual patches cannot be removed post CU install. Heard some rumors that Microsoft may be coming up with a tool to allow IT Pros to remove problematic updates, since that is a big concern for many especially when older LOB applications have compatibility issues.

==================================================================

ConfigMgr

New Current Branch servicing model

  1. New features added with 3 releases per year
  2. 12 month support lifecycle for each release
  3. N-1 support for Windows 10 deployments and management – ConfigMgr 1602 or 1607 are required to support Windows 10 1607

Two mechanisms for Windows 10 feature updates

  1. Windows 10 Servicing feature, for automated servicing plans
  2. Task Sequences – when needing to do pre or post processing steps using customized media
  • ConfigMgr 1606 Tech Preview deprecates OSDPreserveDriveLetter (Task Sequence variable) – No more D: drive or E: drive issue for system OS

ConfigMgr sessions were catered around OSD, Intune, managing mobile devices and apps, deploying O365 clients, and Windows 10 deployments.

  • Over 40 million clients managed by ConfigMgr worldwide
  • New ConfigMgr CB release is called 1610 and offers cloud-based management and peer caching content
  • Microsoft Intune portal is moving from Silverlight to Azure – New Intune portal expected in Q1 2017
  • “When you need to go fast with Windows 10, you need to go fast with ConfigMgr too”
  • New MDT toolkit releasing later this year and will simply be called MDT instead of MDT 2016
  • Nested task sequences are coming soon in ConfigMgr

==================================================================

Cortana

  • With the Windows 10 Anniversary Update, Sticky Notes got a link-enabled update with support for Cortana insights which lets you set reminders, call written phone numbers, send email messages, view web links, map directions, etc
  • Cortana is gathering data and learning daily

=================================================================

Windows Server 2016

Introduce Windows Server 2016 Into Your Environment (*Watch this sessions*):
https://youtu.be/ximW1iMaUwE

– Configuration Levels

  1. Windows Server with Desktop Experience (Graphical Shell, Management Tools, Desktop, Core OS)
  2. Windows Server Core (more for application services)
  3. Nano Server

Windows Server with Desktop Experience and Windows Server Core follows the Long Term Servicing Branch (LTSB) – New version every 2 to 3 years and supported with 5 years support and 5 years extended (5 + 5).

Nano Server follows the Current Branch for Business model – a new version every 6 months.

Nano Server:

  • Smallest footprint (approximately 500 MBs)
  • Very fast deployment and reboots
  • Focus on two key scenarios – Born-in-the-cloud applications and Cloud platform (Hyper-V and Scale-Out File Servers)
  • Not installed in the traditional manner. Use Nano Server Image Builder or PowerShell cmdlets
  • Sysinternals tools ported to run on Nano Server https://download.sysinternals.com/files/SysinternalsSuite-Nano.zip

Windows Server 2016 utilizes Cummulative Updates like Windows 10.
Only need the latest CU to bring the server to the latest patch version.
Security Updates will be delivered on an as needed basis.

Containers:

  • Most people struggle to deploy custom applications to production environment. Containers solves this by enabling applications and libraries to run in their own containers which have dependencies
  • Fast deployment and high density
  • Share an OS instance with user mode isolation (sandbox)
  • Can be managed with DockerCLI or PowerShell (uses Docker REST API). Docker is the management engine for Containers
  • Each container cannot see other containers from a user mode level

Storage:

  • Storage Spaces Direct – Aggregates internal disks or connected via external storage
  • Storage Replica – Block-level replication between stand-alone or clustered servers. Replication via SMB 3
  • Some features in Datacenter SKUs only
  • ReFS got some improvements in performance

Networking:

  • Major changes with Network Virtualization – Software defined networking v2
  • Manageable via PowerShell, Azure Stack, or SCVMM

Remote Desktop Services:

  • OpenGL 4.4 and OpenCL 1.1 RemoteFX support. RemoteFX support in Windows Server 2016 guest
  • Personal session desktops, i.e. specific RDSH per user
  • Pen remoting support (pen acting as pen instead of mouse)
  • Remote Credential Guard – Credentials are not stored on the remote server when /RemoteGuard switch is used with mstsc

Active Directory:

  • Privileged Identity Management (PIM) to mitigate credential theft using a bastion forest, utilizes Microsoft Identity Manager (MIM)
  • New workflows for administrative privilege access
  • Time-bound memberships – Kerberos ticket lifetimes restricted to time of lowest time-bound membership

Manage and Troubleshoot Your Windows Server Environment Remotely

  • Free Azure management tools for on-prem Windows Server 2016. Securely manage on-prem servers remotely from anywhere
  • Need to setup a proxy to allow communication between on-prem servers and Azure
  • Can start a free trial for Azure and when it expires, you can still keep using the remote server management tools for free
  • Web-based remote Server Management Tools (SMT) – Free Azure service with a subscription https://azure.microsoft.com
  • Includes replacements for local only tools, such as Task Manager, Device Manager, Sconfig, Registry Editor, Firewall rules, Certificate Manager, Local Administrators, Network Settings, PowerShell Console, Services, Storage, Windows Updates, Event Viewer, etc
  • Alternative to Remote Desktop
  • Based on WMI and PowerShell
  • Manages Nano Server, Server Core, Server with Desktop Experience
  • Supports Windows Server 2016, Server 2012 R2, Server 2012

Deployments of SMT (https://portal.azure.com):

  • UX hosted within Azure portal connected via a gateway service deployed in your infrastructure
  • Agentless model, gateway service connects to the internet via port 443
  • Gateway deployed via MSI on a server designated as the gateway service
  • Gateway resource provisioned in Azure Resource Group
  • Scale gateways for resiliency and performance
  • Gateway only reaches out using https – no special firewall rules required
  • Gateway Group Policy – AllowGateway (lock down environment by default, only allow SMT gateways on authorized servers)
  • Gateway Group Policy – RequireMFA (require MFA for Azure to send the required header)

SMT page http://aka.ms/smt-create
Blog page http://aka.ms/servermanagement

Remote Server Management Tools (RSAT)

  • An updated RSAT package for Windows 10 will be available in the Windows Server 2016 GA timeframe
  • Will support Windows Server 2016, Nano Server, Windows Server 2012 R2 and 2012

PowerShell

==================================================================

Security

Understanding Credential Security: Important things you need to know about storing your identity
https://www.youtube.com/watch?v=vAmgmibNVys

Paula Januszkiewicz

  • Attended her session because she is a great speaker and super smart. Check it out via the YouTube link above
  • Talks about the unexpected places your passwords reside, how password attacks are performed, and typical paths where credentials can be leaked
  • Demos include how she hacks cached credentials, KeePass, Remote Desktop Manager, IIS, etc
  • Kerberos pre-authorization token which allowed access without the smart card even when that was the only authentication method

Sami Laiho (awesome speaker)

Learn Why You Need To Ditch Admin Rights – Session not yet available online
Learn About Windows 10 Secure Kernel – https://youtu.be/7eMmR7B-xFk
Discover Windows 10 Internals – https://youtu.be/Qz2bRdwS4O4

  • Another brilliant speaker on Windows security
  • Sessions were demo filled, so videos will provide much details
  • Talks about ditching admin rights, how admins can impersonate others, shows how to login to systems as a normal user with admin rights, etc

Microsoft Advanced Threat Analytics (ATA)

  • Can detect advanced threats in your network
  • ATA leverages unique machine learning algorithms, together with the latest security researches in order to detect suspicious activities such as Pass-The-Hash, Pass-The-Ticket, and more
  • ATA helps identify breaches and threats using behavioral analysis

==================================================================

Office 365

  • New UI
  • Office 365 growing rapidly
  • Office 365 App Launcher – https://blogs.office.com/2016/09/27/introducing-the-new-office-365-app-launcher/
  • Office 365 Administration – New Admin Center is now GA (easier, faster, more insights, more functionality)
  • New usage reporting dashboard
  • Improved search
  • Monitor DirSync status (easy access from admin dashboard, quickly identify issues)
  • Message Center – Stay on top of upcoming O365 changes, take required action, and prevent problems
  • Office 365 Admin App – Manage on the go – http://aka.ms/office365adminmobile
  • Retirement of old Admin Center in Q4 2016

Office 365 Roadmap http://roadmap.office.comOffice
Office Blog https://blogs.office.com

==================================================================

Windows Hello

  • Microsoft announced that Android and iOS devices will get Windows Hello authentication support

==================================================================

OneDrive

  • OneDrive getting more integrated with Sharepoint Online, plus new capabilities when used on web browser or mobile device
  • Built-in more features to secure and manage OneDrive content
  • The sync client for OneDrive (consumer) and Onedrive for Business now gets a Sharepoint sync as well
  • Delivers unified sync experience with ability to sync Sharepoint Online document libraries and OneDrive folders shared with users
  • New activity center to show recent changes to files
  • On web, OneDrive able to display rich previews for commonly used business file types such as Adobe, Photoshop, etc
  • New features to OneDrive app for iOS and Android
    • Push notifications when files are shared with you
    • Scan feature to combine multiple photos into a single pdf file
    • Discover how many team members have viewed the files
  • New IT capabilities – OneDrive user management in O365
    • Set storage quota
    • External sharing permissions for specific user

==================================================================

Microsoft SQL Server 2016

Here are some SQL 2016 sessions to check out

Upgrade to Microsoft SQL Server 2016 – https://youtu.be/WboD21kxIRM
Learn How SQL Server 2016 on Windows Server 2016 are better together – https://youtu.be/bEABd2zOV9k

==================================================================

That’s all folks!

Follow (@Hoorge) on Twitter and join Tech Konnect on Facebook and Twitter (@TechKonnect) to stay current on technology related matters.