Delivered a session on Deploying Windows 10 in an Enterprise using System Center Configuration Manager to a group of IT Professionals.
The session was well received by the 7 participants with many questions. This was delivered in consideration of the Windows 7 end of support in January 2020.
This article is the first part of a series of articles on “How to deploy Windows 10 Using Microsoft Deployment Toolkit”.
Active Directory is considered as one of the most critical workload in a network. It is responsible for authentication, authorization, auditing, policies, security etc. It’s a central repository of Objects as such as identity and other objects within a network. As and when a new server application is deployed within a Microsoft network such as Exchange, SharePoint, SQL Server, System Center, Microsoft Deployment Toolkit, etc. the AD DS schema is extended to accompany server objects.
Lets see how to install AD DS on Windows Server 2019 which is the latest Microsoft Windows Server Operating System
Click on the Windows Server 2019 Server Manager and click Add roles and features
On the before you begin page, click next
On the select installation type window, select Role-based or feature based installation and click next
On the server selection window, select the local server and click next
On the server roles window, select the Active Directory Domain Services Role; and you will be prompted to ad the relevant supporting features
Click Add Features and Click next
Click Next
Review the AD DS page, if you have to synch with Azure AD, you can configure here. If not click Next
Review Confirmation and Click yes to automatically restart and click Install
Review the results and click the link to promote it as a domain controller
Provide the root domain name in the new forest and click next
Select the forest functional level, DNS if its not installed before and the DSRM password and click next
Click OK for the DNS option and click next
NetBios name populates automatically and click next
Review the paths and click next
Review options and click next
Pre-requisites will be checked. review and click install
Upon successful installation you will see the installed roles in the Server Manager
Windows 10 Task Preview has been evolving ever since it was included in Windows 10. Task View is the feature where multiple desktops can be created and view all the historical files and folders that were used historically in a timeline.
Access Task View by clicking the below icon or Windows + Tab
Task view opens
Another feature is that when you right click on a historical program, file or folder in task view, you get an option to move to another desktop which has been created.
Have you ever wondered or have that creepy though going in your mind if you locked your Windows 10 PC/device? Now Windows 10 has a “cool” feature called Dynamic Lock which helps you lock your Windows 10 automatically even if you forget.
The feature works with your smart phone/blue tooth enabled phone connected to your Windows 10 and when the device goes out of range from Windows 10, it will automatically lock the computer. For me this is a great feature and gives you confidence where ever you go that your Windows 10 will be locked and safe.
How do you configure Dynamic Lock?
Connect your phone to your Windows 10 using Blue Tooth
Go to settings and click on Accounts and click on Sign-in Options
Enable the checkbox “Allow Windows to Automatically lock your device when you’re away” and you are done.
When you device is out of range your computer will lock on its own.
Similar settings such as locking your computer automatically can be configured through the screensaver time out settings and through Active Directory Group Policy settings.
While Microsoft has been improving the features and introducing new features in every Windows 10 build, Microsoft Edge is also evolving with new features. Although Reading View was included in one of the previous builds, with the 18945 build it has been enhanced by including the line focus feature. Line Focus enables one to really focus on what he/she is reading.
For reading view to work, the websites you are visiting should be optimized so that the feature will be enabled.
For the purpose of this article we will take https://docs.microsoft.com
when you visit a site if you see the following icon enabled then the site is optimized for reading view
By clicking on the icon, the browser turns the screen to an easy reading format – similar to a book
By clicking on the small arrow, one can go to the next page and so on.
When the Reading View is enabled, by tapping or clicking the screen a toolbar is popped. click on the learning tools option
Select reading preferences and slide the feature to ON from Off to enable the Line Focus feature. Also you have the option to select the number of lines to focus, 1, 3, or 5.
The webpage focuses only on the number of lines selected and turns the site to an easier to focus and read page.
Active Directory Directory Services (AD DS) is a role of Windows Server and was released initially with Windows Server 2000. AD is the heart of a network and a core service which is a hierarchical database consisting of users, groups and other objects to provide authentication, authorizations and security services within the organization. From its inception in Windows Server 2000, AD has evolved tremendously in terms of reliability, architecture, robustness, features, etc. and Microsoft Active Directory has become almost the default product for directory services within many enterprises around the globe. From Windows Server 2000 there have been many AD versions with massive improvements according to the technological advancement during the release period.
With the introduction of Cloud Computing and Office 365, Microsoft required a cloud based Authentication and authorization service. Hence, the Azure Active Directory was born. With every Office 365 tenant an Azure Active Directory is included, where all the Office 365 user objects are created and stored. But the Azure AD and Active Directory Directory Services are not the same and have many differences. Starting from the protocols where AD DS uses Kerberos and NTLM where as Azure AD uses SAML 2.0, OAuth 2.0, OpenID Connect and WS-Federation. These protocols enables not only Microsoft cloud applications rather it helps many other SaaS applications use Azure AD to provide Single Sign On helping users to truly enjoy one identity to access services across organization.
As mentioned earlier, when you enroll for your cloud product such as Office 365, Exchange Online, SharePoint Online, etc. a free Azure AD is assigned to the tenant. The free Azure AD has the basic features and if you need any additional features, add-on licenses AD Premium 1 and Premium 2 can be purchased. Below are the list of licenses and the differences (source: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis).
Azure Active Directory Free. Provides user and group management, on-premises directory synchronization, basic reports, self-service password change for cloud users, and single sign-on across Azure, Office 365, and many popular SaaS apps.
Azure Active Directory Premium P1. In addition to the Free and Basic features, P1 also lets your hybrid users access both on-premises and cloud resources. It also supports advanced administration, such as dynamic groups, self-service group management, Microsoft Identity Manager (an on-premises identity and access management suite) and cloud write-back capabilities, which allow self-service password reset for your on-premises users.
Azure Active Directory Premium P2. In addition to the Free, Basic, and P1 features, P2 also offers Azure Active Directory Identity Protection to help provide risk-based Conditional Access to your apps and critical company data and Privileged Identity Management to help discover, restrict, and monitor administrators and their access to resources and to provide just-in-time access when needed.
“Pay as you go” feature licenses. You can also get additional feature licenses, such as Azure Active Directory Business-to-Customer (B2C). B2C can help you provide identity and access management solutions for your customer-facing apps. For more information, see Azure Active Directory B2C documentation.
In Windows 10, Task Manager has improved quite a bit when compared to the previous versions of Windows. The task manager has limited detail when you start initially but when clicked for more details contains a wealth of information to do various tasks.
When you open task manager, by default it’s the process tab which is opened. If you are a person who looks at performance tab instead when you open task manager, then you can set that as your default tab or any other tab as default tab within task manager.
In Task Manager, click options
Select Set Default tab and select the tab you want to be the default tab
Today technology has grown so much that more than half of Worlds population has access to the internet. The Internet is also a great source for billions of different apps and applications that are available for download. Users are able to download these apps and applications and install on there devices which gives way to new issues such as malware related security issues. The source of these apps and applications has to be verified before installation on devices to avoid these issues. The best way to test is to install it on a test system and see if its harmless and then install it on the production machine.
As a solution for this process, Microsoft introduced a new feature in Windows 10 called Windows Sandbox, which provides a clean environment of Windows to install and test. also its an environment developers can take advantage of in testing their codes and newly developed applications.
How to enable Windows 10 Sandbox?
Open Control Panel and click on Programs
Click Turn Windows Features on or Off
Scroll down and select Windows Sandbox
Click OK and the required files will be installed
restart your computer
open Start and type Sandbox
Click on Windows Sandbox to open
Microsoft Edge has been focused in some of the recent insider previews. When someone opens the Microsoft Edge browser it contains a news feed which can be customized according to ones likings.
Below is how the customizations can be done.
Open Microsoft Edge Browser and click on personalize
Scroll down and select the category that you are interested on
For other settings, on the main page click on the settings wheel
Select the necessary change and click save
Have you ever faced a situation where you don’t remember the file name or the website you were referring a week ago and you really wanted to open it now? I have experienced it multiple times. So I started using session buddy on Chrome for my website browsing history. But there wasn’t a solution that I used for files that were stored on my computer, etc.
Microsoft has a new feature on Windows 10 called Activity History which addresses this issue. how cool is that?
If you remember, one of the key highlights when Windows 10 released was the multiple desktops and task view features. The same, Task View button on the task bar takes you to a Windows which has all the history of the applications and websites that you opened for the past 1 month.
Detailed information related to activity history is published here.
To enable or disable Activity History, do the following
1) Open Settings
2) Privacy
3) click on Activity History
Enable or disable the check boxes according to your requirement and select the accounts that you need the activity history that needs to be enabled.
