Ahead of the curve is a common phrase in IT, and it’s almost always used in a positive light. After all, new technologies and cutting-edge innovations keep the industry growing. Without vendors constantly striving to be ahead of the curve, we’d still be working on unwieldy computer terminals connected to giant mainframes.
But sometimes vendors can go too far and get themselves in trouble. The tipping point is when ahead-of-the-curve technologies and strategies don’t align with customers’ needs.
Workspace suites, as the March issue of Access covered, offer one such example. They aim to provide unified access to and management of all end-user applications and data, which is great. But they combine a lot of different product types, many of which are still emerging, such as enterprise mobility management and identity and access management. Those technologies represent a new way of doing things for both IT and users, and many organizations aren’t ready to adopt them yet — let alone adopt suites that integrate them with other products.
Workspace suites are not at the core of any vendor’s business — at least not yet — and organizations can still buy all their components separately. So while they are too far ahead of the curve, it’s not a huge problem.
Citrix’s push to become a cloud-first vendor focused on security and analytics exemplifies a thornier issue. The company — which changed CEOs in July, citing the need to pivot faster — is betting big on cloud-based management.
The approach makes sense for Citrix. From a financial perspective, selling software on a subscription basis strengthens the customer relationship and makes revenues more predictable. Plus, when existing customers are locked in for the duration of a subscription, it frees up sales staff to pursue new business.
And from a technology perspective, cloud is the future. As users, apps and data become more distributed, the cloud will become not only more convenient but necessary for connecting to and managing these assets.
Many customers aren’t buying in, however.
“With the shift to cloud, is Citrix focusing on the wrong thing?” asked Tim Riegler, a systems engineering manager at a Citrix shop in the healthcare industry. “Lots of Citrix loads run on premises, especially legacy applications or anything that requires large file access. Plus, there are a host of issues with cloud: access, cost, complexity, management.”
In addition, organizations have made significant investments in on-premises management software. It needs to make financial sense for IT departments to abandon their existing investments in favor of cloud, and that’s not always the case these days.
Cloud-first management is an ahead-of-the-curve strategy for Citrix. But it doesn’t align with many IT departments’ current needs. And that’s a problem.
This post originally appeared in the September 2017 issue of Access Magazine.
Maybe, to mangle Shakespeare, we don’t need to kill ALL the lawyers. A recent suit in Baden-Wuerttemberg, Germany, brought by its consumer protection agency has settled. It originated from the 6GB of pre-staged upgrade files for Windows 10. If you’ll recall, MS uploaded a raft of files to PCs prior to the first Windows 10 upgrade. It affected Windows 7 and 8.1 users alike. It also caused consternation for those on limited or metered Internet service plans. Not only did MS provide no prior warning, it gave users no opt-out, either. But before the court could rule against Microsoft, the company voluntarily agreed to quit such behavior. Thus, this German court case foils aggressive MS updates going forward. With the Fall Creators Update just weeks away, that means Win10 users need expect no big mystery downloads to hit their PCs.
Lots of users got steamed when they realized that “never” was NOT an option for downloading upgrades to Windows 10
If a German Court Case Foils Aggressive MS Updates, What Does This Mean?
I got my information from the UK website, express.co.uk. According to its voluntary agreement, Microsoft is “obliged to avoid placing installation data for new operating systems on Windows users’ hard drives without their permission.” Now, MS must ask for permission to pre-stage upgrade files to our PCs. Given the time lag on some PCs in receiving the Spring Creators Update (Version 1703) this year, it may not have been a problem anyway. But it’s comforting to know that MS promises to “play nice” going forward, when it comes to parceling out big upgrade files in advance. Now, if I could just figure out when my older PCs would get the upgrade automatically, I’d be a happy camper… Maybe I should ask the Verbraucherzentrale (literally translated “User Central”) group to look into this, too?
Huh! Turns out there’s an easy way to use a reference Windows installation to create an ISO file. This might not sound like a big deal, but give it some thought. For one thing, it means admins can use a customized Windows 10 installation to spawn as many copies as they like. For another thing, it means power users can snapshot their current installation to create an installer from that image. In turn, this means they can restore or reinstall that image any time they like. Better yet, it’s easy to build install ISO for current Win10 image, if you follow the right steps.
Caveats to Build Install ISO for Current Win10 Image
This approach works only when all elements and user accounts reside on the default Windows drive, aka %windir%. For most installs, this means the C: drive. If any data has been relocated to some other drive, including any or all files or folders for user files, the Documents folder, and so forth, a Windows image file based on the install will not work to (re)install the Windows OS. Unless you’re 100% sure this applies to a reference or target install, you may do the work only to discover that the install doesn’t work. In such a case, it’s best to start over with a clean Windows install and do the work necessary to customize it the old-fashioned way. After that, you can proceed with the steps described to build the custom .wim file confident that it will work the next time you try.
You also need to clean up your system completely before making a snapshot of the image to create the .wim file for the ISO. A TenForums tutorial on this topic is available (follow the instructions in Option Two “To Open and Use Extended Disk Cleanup”). Here again, such cleanup is essential to achieving a successful outcome for your efforts.
The image creation process requires use of the Windows install media, which should be the most current version available. (Visit the Download Windows 10 page to find this.) Boot to the install media, then start the Windows installation process. You’ll press Shift+F10 to launch the Command Prompt window once you see the screen for region and format election. Then you’ll use diskpart to identify your source partition for the Windows image, and the dism (Deployment Image Servicing and Management) command to snapshot your image and create a .wim file. The process is time-consuming and requires close attention to dism syntax, but is otherwise straightforward. The final step is to replace the default (non-custom) install.wim on the Media Creation Tool (MCT) USB with the custom install.wim you just built. After that you can use your customized MCT to install your tailored Windows 10 image as you see fit.
When you see this screen, click Shift+F10 to get into the Command Prompt window…
Get All the Gory Details
The devil is in the details, of course. And that’s where my friend and co-author, Kari Finn, sheds ample light on this subject. His TenForums tutorial on this topic provides nicely-illustrated step-by-step instructions on how to do this. That tutorial is called “Create Windows 10 ISO Image from Existing Installation & Upgrade” and is eminently worth checking out. Then, you too can easily build Install ISO for current Win10 image. Enjoy!
OK, now we’ve got a date for the next major public upgrade to Windows 10. In a post to the Windows blogs, EVP Terry Myerson made it official. Here’s the first sentence : “The next update of Windows 10, the Fall Creators Update, will be available worldwide October 17.” He goes on to tout “an evolution to the photos experience” that lets users put visuals together with “photos, videos and 3D effects.” He also mentions “enhancements in gaming, security, accessibility, and …Mixed Reality,” too. This raises the question “When the Win10 Fall Creators update hits October 17,” how will this new release be received?
The blog post headline puts the 10/17 date right out there.
What to Expect When Win10 Fall Creators Update Hits October 17
After the 1703 build went out the door in April, we witnessed a loooooong rollout to the user base. I gave up waiting on my wife’s PC in August, myself. I’d decided to hold back and wait for MS to push the update to that machine to see when MS got around to it. But when August came and had almost gone, I decided to jump to 1703 anyway, and used the media creation tool (MCT) to force matters to completion. In fact, some PCs still haven’t received the previous upgrade, even as the new one gets queued up with about five weeks to go before release day. One wonders if the next upgrade will be subject to the same long, drawn-out process.
I’ll probably end up jumping early on most of my PCs, using the Download Windows 10 page to grab a current version of the MCT on or after October 17. I imagine many others will do likewise. It should be interesting to see how quickly the user base jumps on the upgrade bandwagon. It will also be interesting to see if more business users climb onto the Current Branch for Business (CBB), currently at Version 1607 (Build 14393.1593), which will probably increment to 1703 (at whatever Build is current come October 17, 2017) when Win10 Fall Creators Update hits October 17. As of May 2017, about 12.5% of the estimated 500 million Windows 10 users were in businesses (source: Petri.com).
In my never-ending quest for good Windows utilities, I’m always on the prowl for cool tools. In trolling over TenForums recently, I came across mention of a utility called LockHunter. As the blog post title says, LockHunter reports locked Windows files. That is, it identifies the Windows process that is locking a file. It can also schedule such a file for deletion the next time the system reboots. From time to time this sort of thing comes in handy, so I took the tool for an extended spin. I liked what I found, so I’m recommending it here.
When LockHunter Reports Locked Windows Files, What Does It Do?
That turns out to be a pretty good question. If the file really is locked, LockHunter reports something that looks like this:
In Windows, a running process locks files it needs and uses.
In setting up the preceding screenshot, I used the File Explorer shell extension that LockHunter adds to the right click menu for filenames. That menu entry reads “What is locking this file?” and it shows the Lockhunter icon, like so:
If you click on this menu entry, LockHunter launches itself with the selected file as its focus. To produce the first screenshot, I launched Task Manager, then ran LockHunter against the .exe file for the program itself. Because running programs are always locked to keep them working, I knew this would report a locked file. And by no coincidence at all, the Task Manager process is responsible for the lock on its own executable file!
At this point, you could choose to unlock it (not wise for a running .exe file, but something worth trying for a file subject to a “mystery lock”). You can also choose to delete that file (not wise for a Windows OS component). Other options available include:
- Delete at Next System Restart
- Unlock & Rename
- Unlock & Copy
- Terminate Locking Processes
- Delete Locking Processes From Disk
Helpful stuff, all the way around.
What If the File Isn’t Locked, But You Can’t Delete It Anyway?
Sometimes a file may resist deletion even if it isn’t locked by a process. I set up a typical example by creating a file named Test test test.docx in Word, and left it open in that program. Windows won’t let you delete open files, even if they aren’t locked. Thus, I wanted to see what would happen using LockHunter against an open file. When I right-clicked that file and picked the “What is locking…?” option, then tried to delete it, here’s what showed up on my desktop:
Windows won’t let you delete an open file, either. The application that opened it must close it before Explorer can do anything to it.
LockHunter can still work on this file, though it can’t delete it immediately. As the button at the bottom of the screencap states, it can schedule that file for deletion at the next system restart. The remaining “Other” options from the programs bottom control button may also be applied to the file as well. Again: good stuff!
A Bit of Background on LockHunter
LockHunter comes from Crystal Rich Ltd, a software development company based in St. Petersburg, Russian Federation. This might raise an eyebrow or two, or at least, prompt some security concerns. No worries. VirusTotal.com reports that 0 out of the 64 virus check engines it ran against the utility report cause for concern on the downloadable .exe file, LockHunter_v3.2.3.exe. It also comes recommended on TenForums.com and MajorGeeks.com, two sites I’ve found completely reliable. Don’t let its country of origin stop you from using this excellent tool. It’s a great addition to the Windows admin toolkit.
Here’s an interesting and counter-intuitive bit of Windows 10 news for you. As of Build 16273, MS no longer includes known issues in its Insider Preview release info. That was the section I read first and foremost. It helped me decide if I wanted to update my test machines to the latest Fast Ring build. But as this Twitter snippet shows, MS is not planning to document issues at present. Rather, they plan to skip it and report only on “high impact issues for a large portion of Insiders.” Thus, as MS stops Insider Preview issues lists for new builds, we poor beta testers must take the plunge less informed than for past builds.
Thurrott.com’s Rafael Rivera jumps right on top of this missing matter. Glad he did!
[Click on image for full-sized view. Source: MS/Dona Sarkar/Brandon LeBlanc.]
When MS Stops Insider Preview Issues Lists, What Does That Mean?
From a practical perspective, this means that Insiders will be less well-armed with information. This offers no help in making a go/no-go decision on upgrading to the latest build. Some Windows watchers apparently have no issue with that (for example, Sergey Tkachenko of WinAero.com). Others find this somewhere from potentially vexing (ZDnet’s Liam Tung) to downright infuriating (ComputerWorld’s Steven J Vaughan-Nichols). Indeed, I’m willing to grant some credence to MS’s assertion that with the Fall Creators Update weeks away from public release, the software is pretty stable. Nevertheless, I lean toward the latter camp. That’s because I’ve already fallen into enough potholes on the Insider Preview release trail to want to steer around them.
This is one decision I hope is only temporary (until the next major upgrade is set), or that will be reversed as the next release gets going. Where potential problems are present, one can never have too much information to assist in avoiding them.
Those who’ve followed Windows OSes and applications for the past decade know that the 64-bit takeover is history. Circa Windows 7’s July 2009 release date, most new PCs were already 64-bit. Today, you must work to find and buy a 32-bit Windows PC running Windows 10. If you succeed, you’ve probably bought an el-cheapo tablet or super budget laptop with a 32 GB eMMC storage device, and no more than 2 GB of RAM. Otherwise the modern Windows world is entirely 64-bit. Why, then is the default for Microsoft Office installation still 32-bit? Therein lies an interesting tale, as I explore Office 32-bit versus 64-bit versions.
In a 64-bit world, why does Office still default to the 32-bit version?
What’s the Difference? Office 32-bit versus 64-bit…
Here’s a quote from the MS Support site’s “Choose between the 64-bit or 32-bit version of Office” (applies to Office 2016, Office for business, Office 365 Admin, Office 365 Small Business, and so forth):
The 32-bit version of Office is automatically installed unless you select the 64-bit version at the beginning of the installation process. This article explains the reasons to choose either the 64-bit or 32-bit version of Office on a PC.
In fact, you have to seek out and run the version of setup named setup64.exe to force Windows to install the 64-bit version of Office. Otherwise, you’ll wind up with the 32-bit version. With that bit of administrivia in mind, here is what might impel someone to skip the default and force 64-bit installation instead (quoted verbatim from the afore-cited Support article):
- You’re working with large data sets, like enterprise-scale Excel workbooks with complex calculations, many pivot tables, data connections to external databases, Power Pivot, 3D Map, Power View, or Get & Transform. The 64-bit version of Office may perform better in these cases. See, Excel specifications and limits, Data Model specification and limits, and Memory usage in the 32-bit edition of Excel.
- You’re working with extremely large pictures, videos, or animations in PowerPoint. The 64-bit version of Office may be better suited to handle these complex slide decks.
- You’re working with files over 2 GB in Project, especially if the project has many sub-projects.
- You’re developing in-house Office solutions like add-ins or document-level customization. Using the 64-bit version of Office lets you deliver a 64-bit version of those solutions as well as a 32-bit version. In-house Office solution developers should have access to the 64-bit Office 2016 for testing and updating these solutions.
Benefits of Staying 32-bit
MS takes the 32-bit default route because it provides best overall backward compatibility. Thus, it retains the ability to work with 32-COM add-ins or controls. This can be essential when, as sometimes happens, no 64-bit alternatives are available. This also ensures continued support for older Visual Basic, and calls to 32-bit MAPI applications or OLE servers and objects. Ditto for legacy SharePoint, Access, Equation Editor, Word Add-in Libraries, and moire. In business environments where add-ons or macros are used, this keeps things working.
Long-time TenForums poster Bree explains this succinctly and cogently in a recent post (#15). He observes: “There are more disadvantages to the 64-bit versions than advantages.” I have only one (test) system running Office 64-bit myself, and I can’t tell any difference between the two versions whatsoever. That’s why I’m sticking with the default 32-bit install. In the absence of a compelling reason to go 64-bit yourself, you may also do likewise.
The August 2017 Born to Learn MS Press Round-up blog post includes a welcome and valuable freebie. It features a link to a sample chapter from the latest edition of a terrific book. And that book is the 2nd edition of Troubleshooting with the Windows Sysinternals Tools. The sample chapter covers the excellent and always informative Autoruns utility. Thus, MS Press samples Autoruns coverage in great detail for free. This material is well worth glomming onto, because Autoruns is so comprehensive and far-reaching, it can be hard to make sense of its findings without expert help. And here, expert help is at hand!
This book’s been out for a while, but the free chapter on Autoruns is worth grabbing and saving all by itself.
When MS Press Samples Autoruns Coverage, What Does It Get You?
Short answer to the preceding question: “A whole lot.” However, a longer answer comes from listing the topics addressed therein. Here’s the list of topics addressed therein, reproduced verbatim from Sysinternals Autoruns page:
Use Process Explorer to display detailed process and system information
Use Process Monitor to capture low-level system events, and quickly filter the output to narrow down root causes
List, categorize, and manage software that starts when you start or sign in to your computer, or when you run Microsoft Office or Internet Explorer
Verify digital signatures of files, of running programs, and of the modules loaded in those programs
Use Autoruns, Process Explorer, Sigcheck, and Process Monitor features that can identify and clean malware infestations
Inspect permissions on files, keys, services, shares, and other objects
Use Sysmon to monitor security-relevant events across your network
Generate memory dumps when a process meets specified criteria
Execute processes remotely, and close files that were opened remotely
Manage Active Directory objects and trace LDAP API calls
Capture detailed data about processors, memory, and clocks
Troubleshoot unbootable devices, file-in-use errors, unexplained communication, and many other problems
Understand Windows core concepts that aren’t well-documented elsewhere
You’ll also get a peachy overview of how to read the various elements of the Autoruns GUI. In fact, that covers the tool’s organization around registry keys, its use of color coding, and online lookup feature. I’ve always found Autoruns helpful and informative. But after reading over this sample chapter, I’m able to get more out of the program. I’m also more able to make sense of the wealth of information it provides. If it works for me, it should work for you, too. Check it out!
In the latest Win10 versions, PowerShell replaces the command prompt (cmd.exe) in the Winkey-X pop-up menu. And it runs most command-line programs unaltered, including chkdsk. But PowerShell also offers alternative cmdlets (pronounced “command-lets”) as well. In fact, the Win10 PowerShell Chkdsk alternative is the Repair-Volume cmdlet. Here’s what the get-help subsystem in PowerShell has to say about this cmdlet:
Repair-Volume offers most of the same functionality as chkdsk in a form that’s native to PowerShell.
[Click image to see full-sized view]
Exploring the Win10 PowerShell Chkdsk Alternative: Repair-Volume
The most frequently used version of Repair-Volume takes a volume offline for scanning, and attempts fixes on any errors it finds. Thus, the basic syntax for this version of the command is:
Repair-volume -Driveletter <DrvLtr> -OfflineScanAndFix
Where you’d substitute the letter for the drive you wish to scan for the generic <DrvLtr> parameter. I tried this out on my production system yesterday because it currently supports 10 drives. I’m pleased to report it worked on all drives, including the boot/system drive, C:. It was interesting to see the drive information (the bar that shows how much space the drive provides, and how much is used) disappear while this process was underway, as shown here for one of my biggest drives (J: 3TB nominal):
When it’s running for some specific drive, that drive’s disk info disappears (it’s off-line).
[Click image to see full-sized view]
Using Repair-Volume Day-to-Day
Actually, this cmdlet is incredibly easy to use. You’ll find it handy when you need to check drives under most circumstances. Also, because it even works on your boot/system drive you’ll find yourself needing to schedule chkdsk after restart less often. Finally, those who want to create a PowerShell command file (.ps1 extension) can easily put something together to do this for all of their drives, and run it periodically as a scheduled task.
Thanks to Sergey Tkachenko at WinAero.com, whose blog post “How to Check a Drive for Errors in Windows 10” (posted 8/22) brought this cmdlet to my attention.
No matter how much you might know about Windows 10, there’s always something new to learn. I picked up a winner from Ed Bott’s ZDNet column the other day. He explains how to use the pop-up calendar as a general “time navigation tool.” Along the way, he exposes a great Win10 Date/Time Calendar trick I’ve already put to good use. Here’s a step-by-step illustration of what’s involved.
The Great Win10 Date/Time Calendar Trick, Step-by-Step
Step 1: Click the date time widget in the notification area of the taskbar.
Step 2: Check the resulting pop-up calendar centered around today’s day and date. Notice the line that reads August 2017 at the upper left of the display.
Note “August 2107” at upper left, just below the time/date bock at the very top.
Step 3: You can manipulate the month on display directly. Instead of using the arrows at top right, click on August (or whatever month is on display). Here’s what you’ll see:
You get a visual layout of all 12 months of the year and can pick out the one you want immediately.
Step 4: To see a year “map,” click the 2017 at upper left shown in the preceding screen capture. To go further back or forward in time than the window allows (2010-2019), use the arrows.
You get a visual layout of all 12 months of the year and can pick out the one you want immediately.
This makes the built-in, easily accessible calendar on the notification pane a much better calendar tool than I’d thought. I’ve already used it several times since Wednesday to solve scheduling issues. Ditto for picking appropriate days for meetings, and figuring out which days of the week commitments fell upon. Good stuff!