Windows Enterprise Desktop

June 22, 2016  12:46 PM

Slim Down Windows Images for Deployment

Ed Tittel Ed Tittel Profile: Ed Tittel
Image management, Windows 10

One of my favorite sources for blog fodder here is This has been a great source for me over the years for Windows tools and utilities. I still visit there once or twice a week to see what’s new and what’s changed. Earlier today, I renewed my acquaintance with a Windows tool I’ve used before but hadn’t thought about for a while. It’s called NTLite and it’s something of a Swiss Army Knife for working with Windows images. There’s even a free version available. Thus, you can download and play around with it to see if you like it or not before considering the Professional ($69) or Business ($249) editions. NTLite provides great ways to slim down Windows images prior to deployment. It can also help to customize the install process that occurs while deployment is underway.

slim down Windows images

To get started with NTLite, select a Windows image: I chose the Build 1511 64-bit Windows 10 Pro.
[Click image to see full-size screen capture.]

How NTLite Lets You Slim Down Windows Images — and Customize Them, Too

Here’s a small laundry list of the kinds of things NTLite will let you do with Windows images (it works with all modern Windows versions back to and including Vista):

  • You can target a running Windows image to modify the Windows you’re currently using. I don’t think this is a particularly good idea, and NTLite’s makers don’t recommend it either. We both agree you should NOT go there without a current image backup and some way to replace your current runtime environment.
  • You can visit and remove a whole slew of built-in Windows components to cut down on image size. These include various Accessories, Drivers, Hardware Support, and so forth. Some items are interesting, and some of them indeed worth removing. This includes drivers and device support you’re sure will never be needed on target machines, or accessories like the on-screen keyboard for PCs that lack touch displays. Ditto for Easy Transfer and Embedded Mode support on machines that won’t be allowed to use those facilities, and so forth.
  • You can integrate third-party drivers, Microsoft updates and language packs, and make Registry modifications. All of these can be handy when building an image for immediate deployment. That’s because MS may not supply all necessary device drivers or new updates may be needed. Likewise when two or more languages may be desirable in a standardized Windows image.
  • Use NTLite to change Windows settings and to incorporate app features. This means pagefile and restore point settings, adding Edge extensions, or altering Internet Explorer settings. You can also pre-configure Windows Features just as you would using the Turn Windows Features on or off facility in Control Panel/Programs and Features, but prior to image deployment.
  • You can pre-configure unattended setup for Windows to select options that might normally require interactive input during the installation process. Disk partitioning commands and values can be supplied to establish custom disk layouts during the install process. Multiple choice options may be pre-selected in advance, or may use an auto-fill function which can ready and supply local machine data such as machine names, IP addresses, and so forth. Local accounts may be defined and passwords supplied, with autologon invoked following installation. Network join functions permit PCs to join workgroups or domains following installation.

All in all, this is pretty good stuff, and worth any admin’s time and effort to explore if their job responsibilities include Windows image creation and maintenance. NTLite will let you slim down Windows images and customize them and their settings to make them simpler and faster to deploy.

June 20, 2016  12:10 PM

Win10 Lockscreen Images Unlocked

Ed Tittel Ed Tittel Profile: Ed Tittel
lock, Windows 10

A familiar lockscreen for Windows 10 appears as the first image in this blog post. It’s an ocean view seen from a tidal cave on the shoreline. Microsoft makes some 170-odd images available right now. Each one comes in two versions: one in portrait, the other in landscape layout. Find this and all the other Win10 lockscreen images in the


folder. The %LocalAppData% variable expands to something like C:\Users\Ed\AppData\Local, where the italic item is replaced by the current logged-in account name. Should you navigate to that directory, you’ll find that image filenames are long and obscure, and lack extensions. You can only view those images if you copy the files elsewhere, then give them a .jpg extension.

Win10 lockscreen images

This view onto the beach from a tidal cave is familiar to many Win10 users.

Easy Access to Win10 Lockscreen Images

This involves a bit too much work for my taste, so when I read about this folder on Supersite Windows over the weekend, I started poking around to see if there was a better way to dig into this trove of beautiful large format photographs. And yes, it turns out there is indeed a tool available that can grab all the current images, add the extension, and stick them into a directory of its own making. It’s called SpotBright, and it’s available through the Store by searching on that program name. The free version is supported by advertising. I purchased the $0.99 Pro version from the Store to avoid waiting for and watching the free version download ads for each screen.

Win10 lockscreen images

SpotBright is cheap to buy and dead simple to use.

SpotBright is the work of programmer Timo Partl, and is currently available in version 1.2.0. It provides ready access to all of the current lock screen images available from Microsoft, but stores them in a folder named SpotBright in the Pictures library. Because that left a bunch of files on my boot/system drive (I haven’t reassigned Pictures to another drive on my system), I cut and pasted those images to another drive to reclaim the drive space. Other than that small contortion, no additional effort is needed to browse through the way cool collection of lock screen images that Microsoft has already put on each and every Windows 10 machine. I’m not sure this is actually good for anything (unless you want to use one or more those images for some other purpose) but it’s always interesting to learn and see more of Windows’ inner workings. That’s why I, for one, am tickled to find an easy way to peruse  the Win10 lockscreen images using SpotBright.

June 17, 2016  11:26 AM

Windows 10 Fresh Start Tool Appears

Ed Tittel Ed Tittel Profile: Ed Tittel
Clean install, Management tools, Windows 10

I’ve more or less stopped covering Insider Preview releases for Windows 10 in this blog. That’s because they’re coming fast and furious now, and admins usually have more to do than track beta OS releases. But yesterday, when MS released its second build this week — namely 14367 — the covering announcement in the Windows Experience Blog mentioned a new Windows 10 Fresh Start Tool:

 A new tool to give your PC a fresh start: We’ve heard from many of you that are attempting to perform a clean installation of Windows that it can sometimes be hard to get started. To help, we are providing a new tool that enables an easy and simple way to start fresh with a clean installation of Windows. This tool is now available from the Settings app for Windows Insiders using the latest builds that installs a clean copy of the most recent version of Windows10 and removes apps that were installed on your PC. You can visit this Microsoft Community page (which has been updated) to learn more about the tool and download it.

Windows 10 Fresh Start Tool

This new tool provides an alternative to “Reset your PC”

This item had been promised earlier this year, so I was interested to check it out. The download is a file named RefreshWindowsTool.exe that is a miniscule 343 KB in size. It turns around and downloads a copy of a Windows image file (.wim) of its choosing (3.4 GB for the 64-bit version that most PCs use).

Why Testing the Windows 10 Fresh Start Tool May Be Premature

The tool will be included with the public release of the Anniversary Update in July, 2016, but is currently subject to some potential gotchas and limitations:

  • The tool performs a clean install of Windows 10. Thus, all applications installed atop the OS must be reinstalled to be available. A working Internet connection must also be available to grab a Windows image.
  • According to MS “The build installed by this tool is not guaranteed to be the latest build available to insiders, and at times may install a Windows 10 build that is older that [sic: than] you had previously.”
  • The tool supports only three language versions: English (EN-US), Chinese (ZH-CN), and Japanese (JA-JP).
  • MS indicates that “digital licenses, digital content associated with applications, or other digital entitlements for applications” may not survive the fresh start process. This would either make those applications unusable, or the content unavailable. MS recommends that the tool be avoided on PCs where such applications or content are in use.

My hope is that all these dangling issues and gotchas will be fixed by the time the Anniversary Update goes out the door in mid-to-late July, 2016. If so, admins and users can put the Windows 10 Fresh Start Tool to work without fear of license or digital entitlement issues.

June 15, 2016  10:57 AM

Performing an SSD SysBoot Drive Swap

Ed Tittel Ed Tittel Profile: Ed Tittel
SSD install, UEFI, Windows 10

There are many benefits to the modern Windows alternative to the Basic Input Output System (aka BIOS) that provides the basic bootstrapping services on PCs needed to boot and launch an operating system. That alternative is called the Unified Extensible Firmware Interface (aka UEFI). UEFI supports important pre-boot security protection, enhanced services and capabilities, and much more (see this Extreme Tech story for a great overview). Alas, there’s an interesting problem that UEFI poses that BIOS does not.Descriptive data about the system/boot (sysboot or SysBoot) drive gets written to non-volatile RAM under UEFI control, and integrity controls require that the value stored match the value discovered when boot-up gets underway. Otherwise, the system won’t boot at all. Thus, performing an SSD sysboot drive swap or upgrade on a modern Windows system also requires replacing the old descriptive NVRAM data with something new. I blogged about this first for Windows 8.1 on 11/8/2013, but these issues also apply to Windows 10.

Handling UEFI Data Rewrite as Part of an SSD SysBoot Drive Swap

As with so many things in life, handling this part of the upgrade or swap maneuver can be done the hard way, or the easy way. The hard way is free , but it requires several steps using the command line involving the partition editing tool diskpart. exe, the boot configuration data editor BCDedit.exe, and an image transfer from the source disk to the target SSD. The easy way costs $20, but turns the entire process over to a tool expressly written to perform those tasks on your behalf. That entails purchase of German disk wizardry company Paragon Software’s Migrate OS to SSD tool, which I have used repeatedly since this issue reared its head for me in 2012 on numerous occasions. First, it enabled me to switch several systems’ system/boot drives from conventional spinning hard disks to SSDs. Second, it  enabled me to upgrade existing system/boot SSDs to larger, faster and even different technology drives (SATA to NVMe). Using the tool is as simple as loading it up, launching it, selecting source and target drives, then letting it run to completion. After that, power off to switch out the old system/boot drive for the new one, then reboot the system. Assuming the program reports a successful completion, your PC finds and boots from the new drive each and every time without fail (at least in my personal experience, and in reviews of the product I’ve read online).

SSD SysBoot Drive Swap

Paragon’s Migrate OS to SSD automatically handles all BCDedit changes needed for a successful SSD SysBoot drive swap.

The amount of time this process saves is on the order of 30-40 minutes per system. Assuming an admin’s time is worth $50 an hour on a fully-burdened overhead basis, this means the program more than pays for itself each time it is purchased and used. In today’s world, guaranteed ROI like this comes along only seldom. Take it from me: it’s well worth the cost.

June 13, 2016  10:49 AM

Mind Blown — MS Buys LinkedIn

Ed Tittel Ed Tittel Profile: Ed Tittel
Linkedin, Mergers & Acquisitions, Microsoft

I just got done watching Satya Nadella of MS and Jeff Weiner of LinkedIn enthuse together on a YouTube video. It introduces the mind-boggling concept of merging those two companies together. As the announcement hits that “MS buys LinkedIn,” Nadella talked about “productivity tools and communications network” linked to a “professional network.” This is intended to enable success in one’s current job, and improve one’s prospects for the next job. Weiner talks about ensuring alignment of “purpose and structure.” He also speaks about “dreaming big” in uniting forces between both organizations. What we’ve got coming up now is “the world’s leading professional cloud and network,” in the words of the LinkedIn Official Blog. Wow … $26Bn … Mind blown!

MS Buys LinkedIn

This still from the YouTube video shows the happy couple.

Sure, MS has the cash to consummate the deal without even drawing its reserves down too far. According to YCharts, the company had $105.5Bn on hand as of March 31, 2016. It’s not a financial stretch for them, then — rather it’s a mental and perhaps existential stretch. It’s also a bold move for Microsoft, enabling them to insinuate themselves into all levels of business, especially the personnel dimension. LinkedIn not only supports professional development and hiring. It also promotes skills development and professional learning through its own acquisition of in April of 2015. For me, just the combination of MS Learning and Lynda is already extremely interesting. And that’s just one element of a huge collection of potential sources of synergy.

MS Buys LinkedIn: What Happens Next?

It’s not as big a deal as Dell’s pending absorption of EMC for a staggering $67Bn. But the combination of Microsoft and LinkedIn speaks much more evocatively to me of where the industry is going than does that other mega-merger. I can’t wait to see what unfolds from this move. I have to believe that regulatory due diligence is already assured enough for all parties to believe the deal can go forward unhindered in the USA. Hopefully that means things look good in the EU (the other big bloc with powerful anti-trust capabilities). I guess we’ll see!

Press coverage — such as this Engadget story — makes mention of Microsoft’s plans to integrate LinkedIn into “many of its apps and services, including Office, Skype, and Cortana.” It mentions integration of professional background info into calendar appointments (and presumably also, e-mail messages). Ditto for ways of obtaining access to professional expertise on Microsoft platforms and technologies (specifically, Office 365, but presumably also database, BI, collaboration, and other widely-used business-oriented items from MS). Then, too, there’s constant opportunity to market subscriptions and services to a big, busy, and vibrant global professional community.

This one should be interesting, and will be riveting to watch unfold. Will it head for new heights of glorious accomplishment or a tragic encounter with the rocks? As MS buys LinkedIn and attempts its integration, its future could hang on how well this works.


June 10, 2016  2:48 PM

Win10 OEM Keyfinder

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10

Some tools have lots of capabilities, others have a few, or only one. Here’s a tool that Windows Admins will appreciate, especially those tasked with upgrading PCs from Windows 7 or 8.1 to 10. The name of the tool is the Windows OEM Product Key Tool from NeoSmart Technologies, and it’s free. It does one thing, and one thing only: on newer PCs with UEFI, it reads the OEM Windows key burned into UEFI storage at the factory when the OS gets installed. That’s why I call it a Win10 OEM keyfinder. Here’s what that output looks like under two circumstances:

win10 OEM keyfinder

You will see a key on a PC that does have it stored in UEFI (above); you’ll be informed that there is no OEM key if you don’t have one (below).

When do you need a Win10 OEM Keyfinder?

In most cases, Windows will read the OEM key from UEFI on its own but that presupposes Windows is up and running. In situations where Windows is not available or driver issues impede an installation, it can be helpful to have the key around “just in case” (it can’t be accessed). That’s why I recommend running this tool before attempting any upgrades (if it won’t help you, the software will tell you) and recording the OEM key you find (where applicable). If you need, you’ll be glad; if you don’t, it won’t cost you much (nothing for the software and a very small amount of time). The utility is 1.38 MB in size and runs straight from the .exe so you can run it from your admin UFD (USB flash drive) without having to copy or install anything.

This is another useful item for the Windows admin toolkit. True, it’s a one-trick pony. But it’s a really nice trick! Good stuff…

June 8, 2016  10:37 AM

WUDO Backfire on Narrow WAN Pipes

Ed Tittel Ed Tittel Profile: Ed Tittel
Windows 10, Windows Update Management, Windows Updates

Found a fascinating story on The Register (UK) this morning, entitled “Is Windows 10 Ignoring Sysadmins’ network QoS settings?” It explains how an Australian sysadmin observed a sudden drop in Internet connection performance that ties into Windows 10. Specifically, it shows how a Microsoft default setting (see figure below) can impact overall Internet performance especially on networks with narrow-bandwidth connections. In reader comments, ADSL (usually limited to T-1 or fractions thereof, at or under 1.544 Mbps) gets particular mention. For such users a WUDO backfire on narrow WAN pipes seems likely, if not inevitable.

wudo backfire on narrow wan pipes

By default, this control is turned on, and the option to get updates from and send updates to both local PCs and the Internet is enabled! Here, it’s turned off, as it properly should be.

This update control is called Windows Update Delivery Optimization, aka WUDO. It’s intended to allow Windows users to obtain (and share) updates from sources other than Microsoft’s Windows Update service. Alas, the process of sharing or obtaining updates with other PCs on the Internet may cause a WUDO backfire on narrow WAN pipes.

How Does WUDO Backfire on Narrow WAN Pipes?

Apparently, the TCP connection used for update transfer can be ill-behaved between sender and receiver when WUDO comes into play. The admin who reported the problem used Wireshark to confirm that network congestion came from large numbers of out-of-order TCP packets. Apparently, connection negotiation failed to downsize packets moving from sender to receiver. Instead of reducing packet size and traffic volumes, it caused added retransmissions  and swamped the connection.

Fortunately, the fix is easy. Turning off WUDO makes the issue moot. On most networks of scale, this shouldn’t be a problem: internal update mechanisms prevent WUDO from coming into play. But for BYOD user machines, admins would be well-advised to turn it off. Who wants users to get Windows updates from an unknown source? The whole thing is a foulup, if you ask me.

June 6, 2016  10:23 AM

Built-in Malware Scanning via MRT.exe

Ed Tittel Ed Tittel Profile: Ed Tittel
anti-malware, Windows 10

There are times on Windows PCs when a malware scan is a good idea, even if some kind of anti-malware program is resident. That’s probably why Microsoft updates its own malware scanning tool, known as the Malicious Software Removal Tool aka MRT.exe, on a monthly basis. It also runs that tool at the same frequency in the background (when the updates for Patch Tuesday get run). Although you can turn to excellent and free third-party tools such as Trend Micro’s HouseCall or MalwareBytes Anti-Malware (aka MBAM) instead, you can also run built-in malware scanning via MRT.exe any time you like (it resides in the %Windir%\System32 directory).

built-in malware scanning via MRT.exe

Type MRT.exe into the Win10 search box, and presto! you can run it directly and immediately.

Any Downsides to Built-In Malware Scanning via MRT.exe?

The foregoing section head poses a reasonable question regarding a tool updated once a month. Certainly, you should understand why Microsoft states that MRT is not, and can never be, a replacement or substitute for anti-malware software. It offer no real-time protection as such software invariably does, and its infrequent update cycle means it can’t keep up with the most current (or zero-day) threats. But if you should ever find yourself in urgent need of a quick malware scan — especially in a situation where you have no Internet acccess, or have deliberately disabled such access to prevent a presumed infection from propagating — MRT.exe should almost always be available for immediate and direct use on any modern Windows PC (versions 7, 8, 8.1 or 10, in other words).

Check-ups/Clean-ups for Malware Scanning via MRT.exe

Because the tool goes poking around amidst sensitive and critical system files — and may even attempt deletions and clean-up in the %windir% folder hierarchy — you must run the program from an administrative account (usually, an account that’s a member of a local or domain administrators’ group for the target PC). Otherwise, the tool won’t have sufficient permissions to do its job properly. It runs pretty much on its own and doesn’t require user input once launched. The tool does take some while to run (and explains why Windows Update often takes as long as half an hour to complete). Even on my way-fast production PC with its Samsung 950 NVMe SSD, the program took more than 10 minutes to run to completion.

June 3, 2016  11:26 AM

Admin toolbox item: Uncleaner

Ed Tittel Ed Tittel Profile: Ed Tittel
Disk cleanup, Windows 10, Windows utility

In my never-ending quest for good Windows admin tools, I occasionally post mini-reviews and pointers here in this blog. My latest find is a narrowly focused cleanup tool called UnCleaner. It comes from utility maker Josh Cell Softwares (their name, not mine). They also offer tools to manage Windows startup, bootable USB media, and other file facilities. Based in Quebec, Canada, the company offers interesting Windows tools with a somewhat fractured command of English that adds to their charm. This provides another Admin toolbox item: Uncleaner to add to my open-ended collection.

Admin toolbox item: Uncleaner

The spare and Spartan interface shows how simple and focused Uncleaner really is.

What Does Admin Toolbox item: Uncleaner Actually Clean?

Simply put, Uncleaner finds and removes unneeded files on Windows PCs where it’s run. The items it identifies for clean-up are log files and items from the Temp directory inside individual user accounts. This is shown in the following partial list from my Surface Pro 3 running Windows 10 1511 Build 14352.1002 (Current Branch release, preview version):

Admin toolbox item: Uncleaner files list

Check through the files list of items to be cleaned, and you see a sharp focus on temp and log files.

I’ve tried the utility on numerous systems, and have never noticed — or seen reported — errors or problems related to removing supposedly unneeded files that turn out to be needed after all. That’s always a concern for file clean-up utilities in general, but apparently not a concern for Uncleaner.

If you’re single-minded in wishing to be rid of all the dross that Windows can deposit in its file systems, Uncleaner is a tool worth downloading and installing. If you give it a try, and decide you like it, you might also want to make a small donation to its makers. They’ve got a link for that purpose on their Website. I gave them $5 for this nice piece of work; you may wish to do likewise. Admin toolbox item: Uncleaner is now part of my Windows collection, and perhaps should be part of yours as well.

June 2, 2016  12:30 PM

Win10 Desktopshare 17-23% for May

Ed Tittel Ed Tittel Profile: Ed Tittel
market research, Windows 10

The proportion of Windows users running Windows 10 varies, according to the source for such data. But as a rising tide floats all boats, so recently do several metrics show the Windows 10 share of desktops going up, up, up. The current numbers from put Windows 10 solidly in the number 2 slot at 17.43% behind Windows 7 at 48.57%. XP remains in third place at 10.09%, though adding both Windows 8 versions (8 and 8.1) edges ahead at 11.38% (at 8.77% for 8.1 and 2.62% for 8). That puts the range for Win10 desktopshare 17-23% in May 2016.

The US Government is another major source for this kind of information, through its website. It reports only on visitors to its own websites for a more USA-centric view of the online world. Its numbers put Windows 10 at 23.5% of visitors running Windows versions, or at 19.6% of visitors not running either iOS or Android (a different way to get to a desktop focus). This means that Windows 10 is running on 12.1% of all devices accessing those websites, FWIW. The government numbers come in at the top of the Win10 desktopshare 17-23% range.

I’m surprised to see XP still so strongly represented in the NetMarketShare numbers at 10.09% when reports only 1.4% of its visitors running the same OS. Possibly, this reflects a larger base of hangers-on outside the USA that shows up in NetMarketShare’s more global population. That’s ironic, because various agencies and arms of the US Government have some of the largest continuing support contracts for XP still running to this day, to the tune of millions of dollars per year.

The last figures for active devices running Windows 10 came from Microsoft on May 5 at 300 million. Given current run rates between 23 and 30 million new devices per month, that means the current total is probably in the neighborhood of 320-300 million as of the beginning of June. Take a look at how this graphs out in terms of getting to the 1 billion mark, extrapolating with growth rates in those two increments:

Win10 Desktopshare 17-23%

Looks like 2018 is a more likely year for Microsoft to hit the “one billion served” mark for Win10!

The way I read these chart lines, I see the 1 billion mark occurring sometime between April and December in 2018 if those monthly growth rates continue unabated. But who knows if the numbers will keep going so strong once the free upgrade deadline comes and goes at the end of July? If I were forced to bet on the trend, I’d be inclined to bet against that proposition. Microsoft’s goal is probably not a dream deferred at this point, but it could easily become a dream delayed.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: