Last Friday, Microsoft published a post to its Windows for IT Pros blog to announce the transition of Windows 10 Build 1511 to the Current Business Branch (CBB). This means that the dynamics of an update to the CBB are playing out for real, for the first time. Let’s take a look at this post, and try to understand what the impending release of Win10 CBB Update 1 means.
The double entry for DBB will soon give way to a single entry for 1511 only, once new media is released.
[Click image to see full-size version; Source: Win10 Release Info]
What’s Up with Win10 CBB Update 1?
The blog post is entitled “Windows 10 1511 is now a Current Branch for Business (CBB) release” (this is what I’m calling Win10 CBB Update 1 for brevity’s sake). Here’s what it spells out:
- Windows 10 version 1511 feature update (build 10586, released November 2015) has been officially designated with CBB status. This means that organizations can begin deploying that release broadly.
- The code base for the CBB release is something more than just the straight-up 1511 release: it also includes the injection of the March 2016 cumulative update, KB3140768 into that image (this makes sure that businesses don’t run a CBB image subject to known security vulnerabilities that have been patched since the original release date).
- MS will be publishing updated media for the new CBB release through channels that include MSDN, the VLSC, Windows Update, Windows Update for Business, and Windows Server Update Services in the next few weeks.
- For devices configured to “Defer Upgrades,” they will get Win10 1511 as soon as the updated media is published (further deferral delays via policy is not supported for Windows 10 1507).
- Devices receiving updates via Windows Server Update Services, updates to existing Windows 10 1511 features updates must be re-approved once the new updated media is received.
- Those using Windows 10 servicing plans in System Center Configuration Manager will see the update media designated as “business ready.” This causes servicing plans based on that designation to begin to be evaluated.
Those who don’t want to wait for the updated media to be released can create their own by injecting KB3140768 into the original November release media for the 1511 version. See the Windows 10 Release Information page to observe this status change. It looks like the add-package option to the DISM command could make creating your own image for Win10 CBB Update 1 should be fairly easy, too.
There’s an interesting potential gotcha in the Windows 10 update process. Deep down in the Settings hierarchy lives a pane entitled “Choose How Updates Are Delivered,” that controls where updates come from and even opens the door to sharing downloads from Microsoft with other network peers. In fact, by default Windows 10 Updates Internet PCs! Here’s what that screen looks like:
By default the bottom radio button is selected, which means your PC can turn to “PC’s on the Internet” to obtain or provide updates. Yikes!
To me, it’s mind-boggling that MS elected to make peer-sharing to include nearby Internet users outside the local LAN the default for sharing updates. This not only poses potential security issues, it is also unlikely to please customers on a bandwidth cap of some kind who may find that sharing updates with other PCs nearby ends up counting toward their monthly consumption of bits and bytes.
Turn Off Windows 10 Updates Internet PCs
If you simply click the radio button as shown in the preceding screencap, you’ll turn off the default selection that brings nearby peer PCs on the Internet into the mix. On the other hand, you can always move the slider above the “Get Updates…” instructions to turn this peer update option off entirely. IMHO, either of these options is entirely preferable to the default that automatically includes PCs outside own’s purview and control in the list of potential sources and sinks for Microsoft update packages.
This discovery is so odd, in fact, that it once again triumphantly proves the old saying that “Truth is stranger than fiction.” You just can’t make this kind of stuff up. But whether you’re amused or bemused by this revelation, please be sure to pick a different option for how updates get delivered through the Advanced Options windows in Windows Update as presented in Windows 10 Settings.
OK, so I’ll recognize that not everybody has already dug into Windows 10. With that in mind, some admins may be interested to learn that there is a considerable variety of ready-to-run Windows 10 VMs available from Microsoft for download. These evaluation versions expire after 90 days of use, and can support learning, experimentation, and outright fooling around with the latest MS flagship desktop OS. Why not check them out, and see if one or more of them is right for you?
Sources for Ready-to-Run Windows 10 VMs
Here are some sources:
- The Windows Dev Center has a set of development environments built around Windows 10 Enterprise that include a raft of stuff — namely, Windows 10 Enterprise Evaluation, version 1511 (a Ready-to-Run Windows 10 VM); Visual Studio 2015 Community Update 1, Windows developer SDK and tools (Build 10586), Windows I0T Core SDK and Raspberry Pi 2 (Build 10586.0.151029-1700), Windows I0T Core project templates (Version 1.0), Microsoft Azure SDK for .NET (Build 2.8.2), Windows Bridge for iOS (Build 0.1.160304), Windows UWP samples (Build 2.0.4), and Windows Bridge for iOS samples. It’s huge, too: versions are available for VMware, Hyper-V, VirtualBox, and Parallels, and vary between 19 and 21 GB in size.
- Microsoft Developer Technologies has a Download virtual machines page aimed at developers seeking to test various MS web browsers and versions in VMs that covers a plethora of possibilities. VMs offered include Windows 7 running IE 8-11, Windows 8.1 running IE 11, and Windows 10 running Edge for build 10586 (stable) or 14295 (preview). Hypervisors supported include VirtualBox, Vagrant, HyperV, and VMware (VPC is also supported, but only for older Windows versions, not Windows 10). All items are Ready-to-Run Windows VMs, so there a LOT of them here.
- The Microsoft Connect Proof-of-Concept (PoC) Jumpstart pages include a download link for Windows Accelerate, a collection of VMs designed to support test or experimental Windows 10 deployments. Here, you’ll find not only two Windows 10 client VMs for image-building and deployment purposes (these, too, are Ready-to-Run Windows 10 VMs), but also ready-to-run VMs for System Center Configuration Manager (SCCM) from which to drive deployment, and Windows Server instances ready to provide necessary infrastructure elements for a substantial virtual network (Active Directory, DNS services, DHCP, and so forth). In many ways, this is the most interesting item in this list, because it offers a way for organizations to set up and learn from a complete virtualized Windows 10 deployment lab.
Here’s the file manifest from the PoC download.
[Click on image to see full-size/readable version]
Be sure to check this stuff out: there’s a lot of valuable capability here worth investigating, and also worth getting to know. Although the VMs are 90-day items, by snapshotting them early in their lifecycles you can always restore those original snapshots when a particular VM expires, and restart the expiration clock. Cheers!
Every month or so, I like to check in at NetMarketShare.com and see what’s up with Windows 10 in the relative rankings for desktop operating systems. When I did so this morning, I observed that Windows 10 market share has now taken over the number 2 spot. It’s behind only Windows 7 at this point, with a share of 14.15% to Windows 7’s 51.89% share. That’s a ratio of 3.67 to 1, so it will still be years before Win10 can aspire to lead in those rankings.
At 14.15%, Windows 10 Marketshare is now 3.16% ahead of Windows XP, and 2.14% ahead of Windows 8 and 8.1 combined.
[Image source: NetMarketShare.com Desktop share by version for 4/4/16]
Explaining Windows 10 Market share and Its Continuing Increases
Here’s what I believe explains the continued upsurge of Windows 10 market share in these rankings:
- Windows XP continues to tail off as severe procrastinators finally appear to be upgrading away from this ancient OS
- Windows 8 and 8.1 are also tailing off as the deadline for free upgrades to Windows 10 approaches (7/29/2016)
- Windows 7 is decreasing gradually as some elements of that population also take the free upgrade plunge
Overall, though, the process is going more slowly than many had expected, as both Windows 7 and 8 versions maintain market share more stoutly than the free upgrade path might have suggested. The next quarter should be absolutely fascinating to watch as the free upgrade deadline at the end of July gets ever closer.
At last week’s Build conference in San Francisco, MS announced that the total Windows 10 installed population was now at 270 million. If we assume for a moment that the market share numbers at NetMarketShare.com reflect the global PC population at all accurately, that puts the total number of PCs “out there” at around 1.9 billion. For Microsoft to make its goal of 1 billion PCs running Windows 10 by the end of 2017, a substantial portion of the Windows 7 base is going to have to take the plunge between now and then. Extrapolating from IDC forecasts for PC sales from 2015 through 2019, less than 210 million new PCs are likely to be sold between now and the end of 2017. That means that over half a billion PCs from the installed base will have to migrate to Windows 10 for MS to hit its magic number. Can that happen? Maybe it will, but only time will tell for sure.
If we look back in time, and assume the 270 million figure to be through the end of March, 2016, that equates to an 8 month period (overlooking the snippets at the end of July and the beginning of April). Do the math, and we get a monthly run rate of 33.75M. Fast forward to the end of 2017 to total up 30 months, and multiply again to get 1.01B. So far, the numbers indicate it’s possible if the run rate continues. I guess what happens when the upgrade expires (or if the upgrade is extended) will decide this matter. Again: we’ll see!
Include me among those who love to tweak and fiddle with their tools, including the Windows OS. I’ve also been vexed with a Windows 10 File Explorer default since its initial release. Recently, I was delighted to discover a registry tweak to get around my vexation. To my great relief, it enables tweaking File Explorer in Windows 10 to drop duplicate items. Here’s a screen capture to illustrate:
By default the removable G: drive shows up twice. Once under This PC, and a second time by itself immediately below.
I don’t like it that you can see the G: drive twice. But that’s the way Windows 10 shows information in the left-hand navigation pane by default. It shows once in the drive hierarchy under “This PC” and a second time by itself because it’s a removable drive. This is mildly vexing on the Lenovo X220 Tablet whence the screenshot comes. That vexation level jumps on my production PC where up to half-a-dozen removable drives may be visible.
In reading the forums at TenForums.com, I discovered a link to Shawn Brink’s excellent tutorial. It’s entitled “How to Add or Remove Duplicate Drives in Navigation Pane of File Explorer in Windows 10.” That tutorial explains how to edit the registry to drop duplicate drive displays. Better still, it provides registry update files (with a .reg extension) that run programmatically. Thus, manual registry editing need not occur. Brink kindly also includes 32- and 64-bit files to reverse those changes, so that users can resume default operation if they don’t like the new look. This makes tweaking File Explorer about as easy and safe as it gets. After running the update file, this File Explorer display appears:
With the registry update applied, the G: drive appears only under the “This PC” heading.
A Trove of Tutorials for Tweaking File Explorer
Who cares about tweaking File Explorer? Enough people to generate 5 pages of back-and-forth questions and commentary on this tweak, and enough to stimulate expert members of the TenForums community to create an additional 10 further tutorials in this same vein there, to wit:
If you’re an incurable tweaker like me, you can’t help but love this stuff. Have fun, and get going tweaking File Explorer right away!
Now that Windows sleep appears to be working properly on my production PC, I’ve begun to understand that various influences can disturb that hallowed and blissful state. Starting last Thursday, I noticed that my PC was already running in the morning when I arrived in my office. Apparently, something other than my moving the mouse or striking a key on the keyboard was waking up the machine. Mildly curious, I started researching how to figure out what was causing the wake-up to occur, so I could provide some Windows Sleep Protection.
I found my answer in a nice article from Ghacks.net entitled “How to find out why your PC wakes up, and how to stop it.” Although this article from December 31, 2013, predates the Windows 10 release date in mid-2015, it applies to Windows 10 in every particular nonetheless. From its contents, I learned that the powercfg command can provide useful information about wake causes, and that the Windows System log in Event Viewer can shed even more light on what’s causing wake-ups to occur. That’s the foundation on which Windows sleep protection rests.
The powercfg command shows information about the most recent wake-up, and devices that have caused recent wake-ups.
Windows Sleep Protection Requires Preventing Unwanted Wake-up Events
The most important clue in the preceding screen shot comes from the presence of the Intel network interface at the tail end of the -devicequery version of the powercfg command. That let me know that something arriving from the network was waking up my system. Because I’m no longer relying on that system to provide services to the network, it doesn’t need to respond to Wake-on-LAN packets anymore. Once upon a time, that PC had been the host client for a USB-attached printer, and also served as the “master system” for my local Homegroup. But no longer. That means it was now OK to block Wake-on-LAN events as a form of Windows sleep protection.
Confirmation came from inspecting the March 24, Power-troubleshooting events in Event Manager, as this detail display illustrates:
The event detail for 3/24 clearly confirms the wake-up originated from the Intel I211 GbE network interface.
How to fix this? Simple! I know from long prior experience with local area networks that the Power Management tab in the Properties window for modern Windows network interfaces includes a “Wake on LAN” pane, with a variety of wake-up options related to the so-called “Magic Packet” that can trigger a wake-up event. I simply made sure all of those checkboxes were unchecked, and I have not had an unwanted wake-up since. Here is what my current settings look like:
Please note that none of the “Wake on…” checkboxes is selected. That’s the trick!
Not every unwanted wake-up will be as easy to fix as this one was, though these techniques should work for any kind of cause. Follow-up research on how to delay or disable the cause of the wake should provide the additional details necessary to keep Windows from being disturbed when you don’t want it to be. Blissful snoozing should be the resulting outcome.
What to do when a Windows 10 install gets damaged to the point where it won’t boot? Why, repair the code, of course! That’s what a recent post from Sergey Tkachenko over at Winaero.com reminded me of yesterday. It’s entitled “How to run the sfc /scannow command if Windows 10 does not boot,” and it’s worth a read in its own right. The importance of attempting Windows 10 image repair on a troubled or damaged OS is easy to overlook, and impossible to overstate.
I can’t say this has never happened to me, usually because I’ve been tinkering with something that might have been better left alone. But I can say that the ensuing “Oh no!” reaction sometimes turns off my “intellect vast and cool and unsympathetic” (to channel HG Wells). Thus, I might be inclined to forget that the reverse of the old maxim is entirely true and apt — namely: “If it is broke, you SHOULD fix it.” And fixing a broken Windows install is very often possible and doable using one of two powerful tools. As Sergey observes in the afore-cited blog post, the system file checker (SFC) is indeed one of those tools. The other is the redoubtable Deployment Image Servicing and Management tool, aka DISM. Both of them can help with Windows 10 image repair, in fact.
Windows 10 Image Repair, By the Numbers
Either way, the general approach to dealing with the repair is the same, though the syntax details do differ. Here’s the 10,000 foot view of what’s involved:
- Use a bootable UFD to boot into the Windows installer
- Follow along until you see the Repair option, then elect the “Command Prompt” option
- Run sfc /scannow … to attempt a Windows OS files repair, then reboot
- If that reboot works, you’re done. If it still fails, run dism /image /cleanup-image /restorehealth … to attempt another repair, then reboot
- If that reboot works, you’re done. If it still fails, you will want to try an in-place upgrade next
Basic syntax for the DISM offline image repair command. Be sure to read up on the /source attribute: it’s a doozy!
I could keep going to the ultimate fix but readers probably have the idea right now. And that, of course, would be an image or backup restore from the most recent backup or image. But like the old textbooks say, I can leave that as an exercise for the reader!
There are a couple of important notes here. They come from the ellipses at the end of the commands in steps 3 and 4 above. First, the syntax for running these commands offline on a moribund OS is different from running them on an active image. Tkachenko’s post does a nice job of covering them for sfc so I’ll let readers dig them up there. The definitive DISM reference for offline repair is available from TechNet, entitled “Repair a Windows Image,” but you’ll also need “DISM Operating System Package Servicing Command-Line Options” to get the /image and /source attribute options completely straight. And both of these commands will sometimes provide just the Windows 10 image repair you seek.
Just saw a nice infographic from the folks at 1e.com. Their Nomad product lets Microsoft System Center Configuration Manager handle large-scale Windows deployments. “But wait!” I hear you thinking. “Doesn’t SSCM do deployment on its own? Why another tool?” Good questions. The quick answer is Deployment Automation. Here’s my explanation:
Setting the Stage for Deployment Automation
Think about mammoth enterprises, with tens to hundreds of thousands of endpoints. Or ponder the US DoD, which has announced plans to upgrade ~4M endpoints by the end of 2017. Sure, SCCM can set up and fire off in-place or policy-based upgrades for endpoints. But alas, that is subject to some interesting issues:
- Bandwidth: upgrade packages for Windows 10 range from 3.2 to 4.2 GB in size. Also, they must be transferred to every endpoint. SCCM isn’t good at bandwidth throttling, nor can it stagger downloads to reduce traffic. Multiply this by large numbers, and what happens? Enough data in transit to choke WAN links of any size.
- Legacy hangover: Sure, an in-place upgrade sounds good. But it doesn’t support UEFI boot security on PCs running legacy BIOS. To benefit from UEFI boot security enhancements, the boot drive must be wiped and reformatted. Oops! That doesn’t work with an in-place upgrade.
- Manual labor: Many organizations still require human interactionto get upgrades installed. Ditto, for production systems migrating from an old OS to a new one. 1e’s infographic shows that over a third of organizations require manual intervention for OS deployments (40+%) and application migration (37+%). That’s alotta labor!
There are more issues worth chewing on, even for organizations willing to stage SCCM servers closer to sites where Windows 10 gets deployed. These include cost of additional SCCM licenses and platforms, admin overhead, and more. In short, there’s a big gap between what needs to be done to migrate and what SCCM can do unaided at enormous scales.
What’s the solution? Simply put: bandwidth conservation, proximity staging, and ample deployment automation. 1e’s Nomad addresses deployment all the way to the endpoints. It is especially relevant to remote endpoints. These might reside in remote premises, branch or satellite offices, or belong to itinerant field staff:
- Local staging: For each LAN, Nomad picks a “master” node. It gets one download of the deployment package over the WAN. All other clients on that LAN get their copy from that master. Thus, only one WAN transfer per LAN occurs. Local transfers work peer-to-peer, using an agent on each endpoint to request and manage delivery. Bandwidth is monitored and automatically throttled so transfer traffic won’t interfere with business traffic.
- Powerful deployment automation: On each client, automation tools preserve and migrate applications, settings, and preferences from an old to a new install. They also handle wipe-and-clean-install of Windows 10 where needed. Ongoing monitoring and status reporting built into the agents helps, too. It lets them flag a flubbed or faulty system, and revert it to its original state. It can even schedule that client for manual intervention through mechanisms the customer chooses. This might be something like “provide a replacement, ship unit to depot for service, swap replacement for upgraded unit,” for example.
This diagram from the Nomad page speaks to the product’s many capabilities.
These capabilities and techniques present a workable way to manage large-scale Windows 10 migrations and deployments. That’s what makes products like 1e’s Nomad worth investigating, and perhaps acquiring. For those with big Windows 10 deployment plans, it makes good sense to inquire further.
With the appearance of the latest Insider Preview build of Windows 10 (14291) an interesting feature has appeared in Settings. It’s a tool for temporary files cleanup that also handles the Windows.old and other files retained by default for 30 days after a Windows 10 upgrade. Find it by following this item selection sequence in Settings:
System –> Storage –> This PC –> Temporary Files
[Note: You must scroll down to find the Temporary Files item under “This PC”. It is the penultimate item in that list.]
What Temporary Files Cleanup Looks Like in Settings
Here’s what turned up when I ran this on my Dell Venue Pro 11 this morning, updated to Build 14291 last Friday, but not yet cleaned up using either CCleaner or the built-in Disk Cleanup utility to clear away the previous Windows 10 Insider Preview build. It addresses all the common categories to conduct a temporary files cleanup.
Note the final item that reads ‘Previous version of Windows.’
This adds yet another method for cleaning out prior versions of Windows to the general bag of tricks. I imagine this will remain a part of Windows 10 going forward, but am curious to learn if this portends possible changes to the venerable Disk Cleanup utility, whose “Clean up system files” option provides another means for achieving the same end.
I’ve also noticed recently that CCleaner’s ability to handle Windows.old, Windows.$~BT, and other remnants of prior Windows releases tends to vary according to the release it’s pointed at. Right now, for example, it (and the Disk Cleanup utility) can handle those elements on my Windows 10 Enterprise Insider Preview just fine. But they’re balking at removing a folder in the Windows.old\Windows hierarchy named InfusedApps on Windows 10 Pro Insider Preview. Now that I double-check the new Temporary Files cleanup facility in the aftermath of an attempted clean-up using that tool, I see that the same folder persists following its use, too. I wonder what’s in that 124 KB folder that’s causing it to resist removal? To make it go away, I had to take ownership of the InfusedApps folder, and then manually delete all the folders in the hierarchy above and below it, all the way up to Windows.old. Strange!
[Note: here’s a shout-out to Richard Hay at WinSuperSite.com, whose Friday 3/18 story “Windows 10 Build 14291 — Visual Changes and Enhancements” brought this newly-minted capability to my attention. Thanks also to him for responding to my comment to explain how to navigate to this facility.]
Windows PE stands for “Windows Preinstallation Environment.” It’s a minimal running subset of the regular Windows operating system that’s designed to support Windows installation, deployment and repair. It’s been around since the Windows Vista days, and an iteration for every subsequent version of Windows is readily available. The Windows 10 version is described nicely in a Hardware Dev Center article entitled “Windows PE (WinPE)” and is included in the Windows Assessment and Deployment Kit (Windows ADK aka WinADK). Using MS-supplied tools, Windows admins can build their own completely customized Windows PE tools, as described in those documents (and in other items that are linked to there).
Windows PE Tools Tend to Focus on System Repairs
A full-blown WinPE environment can incorporate all kinds of third-party tools and utilities, as well as whatever set of drivers might be needed for the machines on which that environment will run. While some Windows PE tool sets stick to the command line as an interface, others have well-built GUIs that can sometimes be hard to distinguish from a complete Windows OS installation. Most WinPE environments tend to be heavy on repair and recovery tools, though. That’s because WinPE as a runtime environment is primarily aimed at repair efforts (installation and deployment work just fine fully automated, so GUI grandeur is not needed).
Building one’s own Windows PE tools environment may not be necessary, except for those with very special needs. There are numerous WindowsPE toolkits readily available, some free and some for a fee. Admins may want to look over and ponder this list before deciding to roll up their sleeves and take the DIY route:
- Paragon Software Rescue Kit 14 Free Edition
- Lazesoft Recovery Suite 4.1 ($27.95 and up, various editions)
- AOMEI PE Builder (free)
- LSoft Technologies Active@ Boot Disk ($99.95 and up, based on Windows 8.1 PE)
- Kyhi’s Windows 10 Recovery Tools — Bootable PE Rescue Disk (free, TenForums.com)
- Gandalf’s Windows 10 x64 PE with all x64 apps (free)
This screen cap of the Start menu from Gandalf’s Win10 PE tools shows off a full-blown GUI.
[Click image above to see full-size version.]
No doubt there are other pre-fab Windows PE tools programs out there for Windows 10. So far the preceding items are the best that I’ve been able to find. If you know of others, please post a comment here. I’ll check them out, and those that I also like I’ll add to subsequent updates to this post with shout-outs to the first person to provide a pointer. Thanks!