From the “better late than never” school of information sharing, I just found an October 2014 TechNet Solution Guide that many Windows administrators are likely to find captivating. It’s entitled “Automate and manage Windows operating system deployments” and it explains how to use the Microsoft Deployment Toolkit (particularly LTI, aka Lite Touch Installation) and System Center Configuration Manager (SCCM) Zero Touch Installation (ZTI) to easily bridge from test/pilot one-offs to large-scale production environment deployments. The former part lets you get the images you wish to distribute just right before going into production, and the latter lets you broadcast your canonical images wherever you need them to go. Good stuff. This nice little diagram illustrates the kinds of very typical situations that the Guide is intended to address:
For many readers (and me) this list of common scenarios is distressingly familiar.
Here’s a link to the latest version of the Microsoft Deployment Toolkit (MDT) for 2013, from the MS Download Center. You can’t, of course, use SCCM unless you have the proper licenses, so in the dread phrase from my old math textbooks, that portion of this assignment (obtaining, installing, and configuring System Center and so forth) is left “as an exercise for the reader!” 😉 Enjoy!
Huh? What’s a “Punditsphere?” Glad you asked! It’s the group of industry insiders, experts, gurus, and gadabouts that attach themselves to specific technology platforms, tools, and operating systems. Windows, in this case. You could have knocked me over with the proverbial feather when I saw yesterday that Paul Thurrott was leaving his SuperSite for Windows (the site’s banner still reads “Paul Thurrott’s Supersite for Windows” BTW) and going off on his own to work with Blue Whale Web and team up with the Petri IT Knowledgebase. Here’s a visual “Tale of Two Website Logos” for you to ponder in this connection:
Old on top, new on the bottom, same Thurrott.
Wow! Thurrot’s “Goodbye” article on the old site is quite an interesting document, and a masterpiece of a genre that might be appropriately labeled: “It was great while it lasted, but I’m outta here.” With tongue now removed from cheek, I can speak more seriously to observe that it’s worth reading, and even more worth reading between the lines. It’s also worth comparing to his companion piece “Hello” on the new site, which means you’ll probably want to read that, too, if only to learn what Mr. Thurrott will be up to next. One great change I already appreciate: I was able to post a comment on one of his stories (a nice rundown on the Windows Surface Pro Firmware Updates that posted on Windows Update on 1/15/2015) and it popped right up, without having to wait for a moderator to approve my input. At the old digs, it could sometimes take days to make it through the pipeline and see one’s contributions pop up (or not, as the case remains for those with rants, obscenities, and other forms of inappropriate input).
I can only wonder how he feels, leaving his name behind on the old and former hobbyhorse, while climbing onto a new one that bears nothing but that same name. It also makes me chuckle to think about what this is going to do to his site operator’s SEO shenanigans to keep ahead of the “once and former competition” to mangle E.B. White’s appellation perhaps beyond recognition. For my part, I’m glad he’s still around, and happy to wish him both luck and success in his latest venture. He’s already retained at least one loyal reader across the divide!
OK folks, here’s a transition point for you to note. As of today, January 14, Windows 7 is no longer on mainstream support at Microsoft. Going forward, it will get no new functionality, no new service packs, nor bug fixes that are not security-related. Should IT pros be concerned? Not really: MS will continue to provide extended support — yes, that’s right, it means security fixes only from now on — until six years from today (January 14, 2020: a Thursday, should you care to know). Here’s a snippet from Microsoft Product Lifecycle Search (search string = “Windows 7”) by way of both illustration and confirmation:
OK then: Windows 7 transitions from mainstream support to extended support, but still has six years of effective life left.
Does this mean it’s time to drop everything, and start migrating like crazy from Windows 7 to 8 or beyond? Heck, no! But it is a signal that Windows 7 will become increasingly distant from the latest features and functions making their way into newer versions of Windows. For those who pondered Windows 8 versions and declined that opportunity, it means that Windows 10 will be the first illustration of what (mostly business) users might have to forgo to maintain the status quo. This will be easy at first, but will get harder over time.
My best guess is that enterprises and organizations should start paying attention to new Windows versions, starting with 10, and begin planning for migration when and as they see features, functions, and reliability/stability good enough to go for emerge. This could be a couple of years out (which should take us through some interesting evolution in Windows, given the company’s new “rapid update cadence”) or it could be longer. Time will tell. But it’s only time to start thinking about migration, and getting ready to plan for same, rather than time to get moving down that trail.
About two months ago, I purchased a Dell Venue 11 Pro model 7130, when I read that it featured a Broadwell “M” class CPU in a compact 11″ format. By the time all was said and done I spent around $1,300 to get a tablet with an Intel i5-4210Y (1.5 GHz) processor, 8GB RAM, a 10.8″ IPS 1920×1080 touch display, and a 256 GB SSD with a snap-in external keyboard with rotating hinge that essentially turns the tablet into a small format notebook PC. The unit includes no additional ports on the keyboard deck, but that deck does add an extra battery that doubles battery life from a respectable 5-7 hours depending on usage patterns, to a device that easily delivers 10 or more hours of battery for all-day use — on my unit BatteryBar Pro rates total battery life at 12:06 with both batteries, and at 6:01 with the internal battery only.
The matt-finish plastic backing on the unit is non-slip, resists fingerprints, and feels good in the hand.
The tablet itself offers a single USB 3.0 port, headphone/microphone combo jack, and a mini HDMI jack. Near Field Communications (NFC) circuitry comes standard, and the networking interface is a Dell 1537 802.11 a/g/n adapter. There’s also a micro SD slot that accommodates SDXC memory cards (I’ve tested it with a 128 GB unit and it works fine; I’m using a 64 GB SanDisk unit in that slot at the moment because I don’t really need that much extra storage). The rear deck is easily removable, and provides access to the NIC, an unoccupied WWAN slot (for which both 3G/HSPA+ and LTE/HSPA/EVDO options are available), and the removable battery (you can buy spares, and swap them easily in the field to literally buy extra battery life without buying the keyboard dock).
Total weight of the tablet is 796g/1 lb 12 oz by itself, and the keyboard/battery unit weighs 670g/just under 1 lb 8 oz, for a combined weight of 1466g/3lb 4 oz. Overall it’s pretty portable, fairly friendly in the hand, solidly constructed, and user friendly. I’m running Windows 10 on it and except for some issues with sleep (losing network connectivity, occasional loss of keyboard/touchpad upon wake or after removal/reinsertion when the tablet is running) it works like a champ.
So far, I’ve used it as a light-duty general purpose PC (surfing the net, reading e-mail, light writing activity) and also as a personal entertainment PC (watching TV/movies, reading books, playing low-grade Web-based games). It seems to function pretty darn well in either role, and it makes for dandy in-bed viewing and reading, with 3-4 hours of battery life while binge-watching The Wire on Amazon Prime lately, and up to 5 hours when using the Kindle Reader. I learned all this from actual experience over the holiday break while laid up with a nasty sinus infection, which is perhaps not the recommended way to gain such experience.
Now that I’ve lived with the unit long enough to get familiar with it, I find it a much better value than the Fujitsu Q704 i7 tablet I bought at the beginning of 2014, and perhaps even a better deal and user experience that the i7 Surface Pro 3 that replaced the Q704 in September/October of 2014. It’s not as fast, nor can it run as many applications simultaneously, but I don’t really benefit much from that capability on a 10.8″ screen anyway. The only time I really notice the lesser performance of the i5 is when I remote into the machine from my production desktop to try to exercise its capabilities more thoroughly. Methinks this is not something most users will be interested in doing. I find the Venue 11 Pro to represent a good set of price/performance tradeoffs, though I would like it even more if the rig as it stands cost $1,000 instead of the $1,292.48 I just found on the Dell invoice for this unit (including 8.25% sales tax). Nevertheless, the Venue 11 Pro is well worth checking out, and for many personal and business users, probably also worth owning.
For the past year or so, Patch Tuesday has been remonikered Update Tuesday. In a blog post from the Microsoft Security Response Center on Thursday, January 8, Chris Betz discussed the topic of “Evolving Microsoft’s Advance Notification Service in 2015.” To cut directly to the chase, this post announces that distribution of or access to the company’s Advance Notification Service (ANS) is changing, to wit:
Moving forward, we will provide ANS information directly to Premier customers and current organizations involved in our security programs, and will no longer make this information broadly available through a blog post and web page.
What does this mean? Because MS has observed that even large customers no longer make extensive use of ANS, MS is pointing customers (and end-users) to their myBulletins dashboard on TechNet instead. This service requires users to log in with a Microsoft Account, and to set up that dashboard by picking the names of products, platforms, and development environments in use in their workplaces, so that the service will reflect only those Security Bulletins that affect those things. Here’s a snippet from the Dashboard I set up for my office network for the period from October 1, 2014 through today, January 10, 2015.
The dashboard at the upper right summarizes relevant metrics, with detail access to related Security Bulletins in list form below.
Given the volume of Security Bulletins that emerge on a monthly basis nowadays (usually anywhere from half-a dozen to three times that many, with an average of just over 7 per month for 2014, for example) it’s easy for Microsoft to position this screening of bulletins on the basis of what admins are most inclined to attend to anyway. Advance notification certainly served me (and others who follow Windows Security topics) with a tantalizing view of what the next Update Tuesday would bring to Windows Update, but beyond that narrow audience I have no trouble understanding why a dashboard approach tuned to items actually in use (and hence also, subject to security exploits and vulnerabilities) makes more sense in an increasingly active security environment.
Be sure to check out myBulletins to see what you think of it yourself. It’s the new face for Windows Security (and other) Updates. Cheers!
[Thanks to Brink at Windows 8 Forums for bringing this to my attention in his news posting on 1/9/2015.]
Previous releases of the Windows 10 Technical Preview have come via a special online update through PC Settings. Only two weeks after Build 9879 was released did MS provide ISOs to permit clean installs (or bare metal builds). Next time around, says Engineering General Manager Gabe Aul, MS will make ISOs available through MSDN and TechNet at the same time it pushes the update out to self-selected “Fast Ring” members of the Windows Insider group. Here’s a screencap of a Twitter exchange, courtesy of WinBeta.org, that makes this promise:
Visual evidence that ISOs will be available from the get-go for the “Customer Preview” analog for Win10.
This is a welcome departure from previous practice, and will make it much easier for those jumping into Windows 10 for the first time, especially if they plan to install on multiple test rigs at the same time. The timing of the upcoming release is still in the air, though many interested observers assume it will happen on January 21, the same day that Microsoft has set aside for its next public Windows 10 event, or shortly thereafter (as was the case with the initial Technical Preview event last September).
Now that the holidays are behind us, and the New Year is unrolling before is, it’s time for that annual technology extravaganza known as the Consumer Electronics Show (CES), still one of the biggest and most wide-ranging of all the big technology conferences that take over Las Vegas from time to time. While the official show dates run from January 6 -9 (Tuesday through Friday), the announcements and press releases started flowing yesterday and are already kicking up into high gear.
As usual, the hype gets hoppin’ even before CES gets officially underway.
So far, only a smattering of announcements of interest to Windows professionals have appeared, but some of them are pretty interesting indeed:
1. On Sunday, Nvidia announced its latest system-on-a-chip (SOC) offering, the Tegra X1, which CEO Jen-Hsun Huang presented as a “mobile superchip.” It incorporates an 8-core CPU along with a 256-core GPU, and delivers a combined 1 Teraflop of computing power to small, hand-held devices. At a minimum, this could mean highly fluid and realistic animation, video, and gaming on next-gen tablets and smartphones.
2. Lenovo announced a reworked ThinkPad series, with a new ultraslim X1 Carbon model, plus X250, T450, and T550 models, all aimed at business and enterprise users. These will make use of 5th-gen Intel processors from the higher-powered U (ultra-low voltage) series (PDF document), which deliver significantly more power (and heat) that the so-called Core M processors in the same family. They’re also offering a set of nesting, electrically interconnected mobile extenders for notebooks and laptops called the ThinkPad Stack that includes a power module, Bluetooth speaker set-up, a 1 GB external USB 3 drive, and a WAP to share a 4G phone connection via Wi-Fi.
3. Cloud extensions into/out of all kinds of devices are showing up at CES, including a firmware update to give the Netgear R7000 router the ability to provide remote access to network users when outside the broadcast range of the device, including file and photo sharing and backup. Likewise, Seagate is showing off network storage devices that support remote backup over the Internet (which the company calls “Personal Cloud”).
4. The Internet of Things is going to gain a lot of occupants with all kinds of attached devices on their way, from thermostats to home and office controls, smart appliances in many shapes and sizes, and all manner of health, fitness, and exercise applications as well.
And this is just the beginning of what promises to be an onslaught of interesting concepts and tantalizing technologies. While not all of them will eventually emerge as successful commercial products, it’s always fascinating to see what the industry can dream up and try to sell. As more such things pop up, I’ll add to this posting, instead of posting multiple times about the same show. That leaves room for more real Windows Enterprise posts on this week’s blog roster. Cheers!
[Added 1/6/15 2:30 PM
Check out the TechRadar CES 2015 pages for the best ongoing coverage of the show I’ve seen so far. The IoT trend continues unabated, and there’s been a plethora of extremely thin-and-light Windows tablets and ultrabooks from the likes of Asus (whose Transformer series will soon sport i5 and i7 5th generation processors of the ultralow voltage variety, whose model numbers start with “U”; current models are the lowest voltage “M” models whose designators start with “Y”), Toshiba (which has some very interesting items on offer), and even Dell, which hit the stage with a remodeled XPS 13 that looks pretty sweet.]
Two persistent myths that attach to SSDs running under “modern” Windows OSes (version 7 and higher) are as follows:
(a) defragging such disks is a bad idea
(b) Windows doesn’t defrag such disks by default, provided that it recognizes them properly.
Visiting the Windows 8 Forums this morning I saw a tantalizing post from regular (but anonymous) contributor “A Guy,” entitled Does Windows defragment your SSD? This, in turn, led to a nice article by Scott Hanselman that addresses the subject in some detail. This screen shot, from my own Windows 8.1 Update 3 system reveals that the Optimize Drives utility in Windows 8.1 does indeed perform *periodic* defrags of SSDs when (as is the case on my system) restore points are enabled for those drives:
Hanselman cites “the Windows storage team” to affirm that volsnap copy requires optimization to keep the number of file fragments on an SSD below the allowable maximum.
Volsnap is shorthand for the Volume Shadow Copy operation used to capture a snapshot of the drive to be used as a restore point, which then becomes available to the System Restore operation to roll the drive back in time to when the snapshot was taken. During this operation the file system follows metadata used to link file fragments together to “stitch them up” into a single logical extent that comprises all the individual physical file extents of which they’re made. If the number of fragments exceeds a critical maximum value, the file system can’t keep up with the fragments any more (and file copy or access operations can fail). This can’t be allowed to happen so Windows schedules optimization on SSDs by default on the same day every month, starting from the day that the OS is installed (or if System Restore has been turned off for a drive, on the day that it gets turned back on).
That’s why as you can see in the preceding screencap that Optimize Drives does indeed report a “Last run” date for SSDs that have System Restore turned on. And despite the advice of many “Optimize SSD” guides available on the Web to turn off System Restore for such drives, Hanselman cites some good evidence from an unimpeachable source — the guys responsible for making Windows filesystems behave properly on all available storage devices, including SSDs — that this is probably not a good idea from both a performance and reliability standpoint. Hanselman’s summary is worth quoting in this context: “…Windows is not foolishly or blindly running a defrag on your SSD every night, and no, Windows defrag isn’t shortening the life of your SSD unnecessarily.” Furthermore “Yes, your SSD’s file system sometimes needs a kind of defragmentation and that’s handled by Windows, monthly by default, when appropriate.”
Very interesting and informative!
Those using Windows 8.1, or who wish to install the latest version of the OS, should be pleased to learn that MSDN’s latest version of that OS in ISO form has been synched up to the November update roll-up. At one time, this was to be known as “Windows 8.1 Update 3” but the version is labeled “Windows 8.1 with Update” on its MSDN download page. Nevertheless, this provides admins and enthusiasts with a good way to grab a fairly current OS snapshot for installation or repair that doesn’t require subsequent installation of beaucoups patches and fixes before the resulting image is completely up-to-date.
Careful examination of downloads provided shows that only “Volume License” (VL) versions of Win8.1 Pro are available here.
The release date on these ISOs is 12/15/2014, which means they became available about two weeks ago. But since I just learned about them today, I thought I would share this pointer with you. An MSDN subscription is required to download these ISOs, and to obtain the keys necessary to activate resulting installations. As the subscription purchase page at VisualStudio.com illustrates, such a purchase can be expensive. However, deals from third-party resellers are available (I got mine from Software Wholesale International, and bought a three-year subscription from them for about half of what MS charges; I’m on my second renewal with them, in fact).
Ever since the original Surface and Surface Pro models were introduced, users have been able to refresh their installations or reinstall the OS using the device’s recovery image, which is stored by default as a separate partition on its primary (SSD) drive. This enables easy repair or recovery for any Surface that can still access that drive without having to locate and use a matching external recovery disk. Nevertheless, MS recommends that users or admins create such a drive using the “Create a recovery drive” facility provided as part of the Windows 8/8.1 runtime environment (and carried forward in the Windows 10 Technical Preview, as a similar desktop search on my test installations just verified). Here’s what the Disk Management utility on my SP3 shows after running that utility on a UFD of suitable size (that utility says it should be “8 GB or greater” but MS recommends 16 GB or greater on its “Download a recovery image for your Surface” page for SP3 models).
Although MS recommends 16 GB for the UFD to hold the recovery partition, actual space consumed is under 6 GB using the local recovery utility, and .
Last week, MS made download images available for all of its Surface Models (RT and Pro models in the 1, 2, and 3 series) at the afore-linked download page, to address those situations where recovery may be needed and the primary drive on the Surface in question may not be available (and no external recovery drive has been created in advance). The process requires Surface owners to enter a valid serial number for each such download, but can be conducted and completed on another PC — I did it on my primary production desktop last night, for example — including the creation of the recovery drive on a UFD of suitable size once that download is complete. It comes in the form of a ZIP file that is 6.18 GB in size and 6.24 GB when its contents are extracted and copied to a target drive.
Warning: this tool only enables restoration or recovery of a “factory-fresh” Windows image. That means you’ll lose all of the applications you’ve installed since firing up your Surface for the first time. That’s why I prefer the Slimware Utilities RecImgManager utility: it captures a current snapshot for the “Refresh your system” operation that includes all the elements you’ve added to (or tweaked within) your system. Using this tool is a two-step operation, though: you’ll still have to run the basic refresh or recovery operation through Windows 8 or 8.1 using the recovery drive described here, then install RecImgManager and refresh to that image. This latter item must come from an external USB drive, alas, which necessitates working in the Surface Pro dock or using a USB 3 hub to accommodate both the recovery UFD and the drive with the RecImgManager refresh image, to get all the way back to where you want to be. But this “two-step” is still faster than installing a typical collection of applications on most workaday machines, though — Secunia PSI counts 52 on my Surface Pro 3, including a MS Office, a typical collection of third-party Web browsers, plus miscellaneous tools and utilities. In my experience bringing back the runtime environment takes longer to install than the underlying OS, usually by a significant margin.