Tag: Windows 10

Joining Windows 10 machines to Office 365

image

One of the great things that Windows 10 Professional and above provide is the ability to connect directly to Azure AD. Hopefully, as you are aware Office 365 identity is built on Azure AD. Thus, if we connect Windows 10 to an Azure AD that is part of an Office 365 tenant we get simplified sign on. This basically means when users open Microsoft browsers (IE or Edge) and navigate to the Office 365 portal they are automatically logged on because their credentials are already part of Windows 10 thanks to Azure AD join. This simplified login also works with desktop applications like Word, Excel, PowerPoint etc plus some third party applications. In short, users get logged directly into applications once they login to their desktop thanks to Azure AD join.

Now there are a couple of ways of joining Windows 10 to Azure AD. I’ve previously covered how to basically ‘add’ your Azure AD/Office 365 credentials to an existing Windows 10 installation here:

Connect Windows 10 to Azure AD

That method isn’t quite as full featured as if you set up your Windows 10 machine to join Office 365 during the setup of Windows 10.

image

The process for doing that configuration, is that during the installation of Windows 10 onto a machine you’ll receive a prompt like that show above asking you to Join Azure Active Directory or Join a local Active Directory domain.

So what I’m going to assume here is that I want this Windows 10 machine to be only joined to Office 365/Azure AD because there no local AD. So I select the Join Azure Active Directory option.

image

I’m then prompted to enter my Azure AD credentials. Remember, these credentials are what you use to login to Office 365.

image

I enter the user’s Office 365 details and select Sign in. Now it is also important to note here that this new user will also be, by default, an administrator of the local Windows 10 machine. If you don’t want to allow your users to be administrators of the local desktop then you’ll need to remove this account after setup has completed.

image

The Windows 10 setup process will continue and eventually you’ll be prompted to login to the machine. You should login with your Office 365 credentials as shown when prompted.

image

The Windows 10 desktop will then do a little more setup as shown above.

image

In this case I’m also then prompted to create a 4 digit pin for this machine. I’ll show you more about why this happens shortly but basically because I am joining this machine to Office 365 the Mobile Device Management (MDM) policies I have established are now being applied to this device. One of the policies I have configured is to require a PIN.

image

If we dig into the local machine name as seen above,

image

We now see that same machine in the MDM for Office 365 as shown above.

image

This means it will have the MDM security policies applied to it that I have configured. In this case, as you can see from the above configuration, I require devices to have at least a 4 digit pin password.

Don’t forget that Office 365 MDM is a free and included part of the service.

image

If I now look at the properties of the user on the directly joined machine just set up, I see the above, basically a single user with an Office 365 identity.

image

If I then look in the work and school account I see that it is connected to my Azure AD as shown above. Therefore, here I have only one account that logs me into the local machine and my Office 365.

image

Compare that situation to when I already have a functioning Windows 10 machines and I associate it to Azure AD. When I do that I only see the local user as the identity as shown above. Thus, I am actually logging into this Windows 10 machine with a local account rather than my Office 365 account.

image

When I look in the work or school account area I again see a connection to my Azure AD. Thus, I login to this Windows 10 device with a local account which is then associated to an Office 365 account. Therefore I have two accounts in operation now, a local account and an Office 365 account.

The big difference here is that by using an Office 365 login during the installation of Windows 10 I get an Office 365 login to my box, whereas if I connect to Azure AD after my Windows 10 is installed I only get a local account login.

In both cases, when I visit a site in an Microsoft browser (IE or Edge) such as the Office 365 portal, I am not prompted to login because these credential are furnished directly from Windows 10.

It is my experience that having just the one Office 365 login associated with a Windows 10 device is more reliable when it comes to this same sign on than if you merely associate an Office 365 login with an existing Windows 10 box. The trade off is, of course, that you only get this single Office 365 login to the box if you install Windows 10 from scratch, which may not always be possible.

So can you add an Office 365 to an existing Windows 10 machine and achieve browser and application same sign on? Yes. However, I would suggest a better option is to actually setup Windows 10 from scratch using an Office 365 account. You’ll get much better same sign on and be prepared for further integration down the track. You also remove the complexity of multiple accounts on the one desktop.

The main reason that you want to join your Windows 10 machines to Office 365/Azure AD is probably to eliminate the need for any local AD. This will also mean the elimination of on premises equipment and ensuing cost savings.

The main reason for retaining a local AD these days is simply for group policy, but in my experience is that most of what needs to be done with group policy can either be done with Office 365 MDM (which is free) out of the box or upgrading to Windows Intune or Azure AD Domain Services. That, in essence, now suggests that there is no real need for a local domain controller on premises at all. It can easily be eliminated with the integration of Windows 10, Office 365 and Azure AD as shown.

My software and services

Previously, I detailed the hardware that I used in my work:

My gear

In this article I’ll look at the software and services I use most.

To start with, I use Windows 10 professional on all my desktop machines and Windows Storage Server 2008 on my WD Sentinel DX4000 NAS. I have upgraded all my immediate families machines to Windows 10 without any issues as well. We are therefore a Windows 10 family through and through.

Unsurprisingly, I used Office 365 for things such as a email, OneDrive for Business, Skype, Office desktop software and the like. What maybe somewhat surprising is that, although I have access to a free Office 365 tenant from Microsoft as a partner, I don’t use this in production. I have a completely separate paid tenant for my business.

Why is that, you may ask? The main reason is that I use my Microsoft Office 365 tenant for demonstrations and testing. I don’t want production data appearing when I do demos to customers and prospects. Having to two separate tenants means complete separation of the data.

I of course use all the standard Microsoft Office desktop software such as Outlook, Word, Excel, PowerPoint, etc however, the key application from the suite for me is OneNote. OneNote is my go to Swiss Army knife for just about everything digital. I use it to capture all sort of data. I even use it as a diary as I have detailed previous here:

One of the ways I use OneNote

The reason OneNote is key is because:

1. Just about everything I put in there us searchable

2. It is freely available across all platforms.

3. All my information is synced and accessible on all devices.

4. It is available on the web or offline if needed.

Another key service I use everyday along with Office 365 and OneNote is Azure. Typically, I use it for running up virtual machines that I test various things with but I also use it to backup my local data as well as that of other members of my family using Azure Backup.

Azure desktop backup

There is just so much that can be done with Azure. I haven’t even scratched the surface of what I could use it for. I see Azure becoming a larger and large part of what I do every day.

I use Lastpass to keep my passwords and private information secure. It allows me to do things like generate and store unique passwords for each website that I sign up for. It is also available across all browsers on my machine (including Microsoft Edge).

For a subset of my local data that I wish to remain secure I use Truecrypt to create encrypted volumes. All my my Windows 10 machines run with full disk encryption thanks to Bitlocker, but stuff like financial and customer data I keep inside Truecrypt volumes for that extra layer of security. I understand that Truecrypt is no longer maintained and may have some very minor security flaws, but for how and why I use it, it is more than adequate.

To capture my desktop for my online training academy or my YouTube channel I use Camtasia.

To compose and publish blog articles I use Open Live Writer.

To keep track of where I spend my time on my desktops I use RescueTime.

For improved email productivity I use Microsoft FindTime and Boomerang.

For chat and web meetings I use Skype for Business from Office 365. I encourage anyone to connect up to me via my address = admin@ciaops365.com. Chat is generally always faster at resolving things than traditional email.

For protection, apart from the standard Windows 10 tools, I use Malware Bytes.

Inside my browsers I typically have the following plugins:

Lastpass which provides automated insertion of web site credentials.

Nosili which provides productivity enhancement thanks to background sounds. My favourite is rain.

Pushbullet which connects alerts from my Android phone to my dekstop browser and allow me to share information easily between them.

GetPocket which allows me to save and categorise websites URLs, which I then typically read at a later time. Has its own dedicated mobile that I can use on any device.

The Great Suspender which puts unused tabs in Chrome to ‘sleep’ to save memory.

I use the automation sites If This Then That and Zapier to automate many different tasks. A good example of one of these is automatically publishing to various social media sites.

For my Office 365 and Azure email newsletters I use Mailchimp.

My preferred public social networks for business, in order are:

1. Twitter

2. Linkedin

3. Facebook

I also use Yammer extensively but for more specialised roles and thus don’t consider it really a ‘public’ social network, more a private one.

YouTube is also something I use daily for business and pleasure. It use for both education and marketing as well as entertainment, thanks largely to the XBox YouTube app. Just wish they’d hurry up and bring the Amazon Prime Video app to the Xbox here in Australia so I can watch The Grand Tour from my bean bag.

I use a lot of other software and services but the above are the main ones I use pretty much everyday that I’m at my desk.

I am always looking for ways to improve my productivity and effectiveness with software and services. If you therefore have something you can recommend to me please don’t hesitate to let me know what it is.

Thank you Mr Jeffrey Snover for telling me about OMS

image

After conducting a recent podcast with Jeff Snover from Microsoft I decided to spend a little time playing with Microsoft Operations Management Suite (OMS). What I didn’t realise, but was highlighted by Jeff in the podcast, was that fact that OMS comes with a free tier!

So I went ahead and created a workspace and then started to connect things like my local machines to it so that the status could be reported back to my OMS dashboard. Thanks to that ability i received the above email letting me know that I needed to update one of my machines.

image

However, OMS does more than just warn me about security patches, it also details what software changes have been made on my systems as shown above as well of lots of other stuff.

image

You can also connect it to your Office 365 tenant as you see above.

image

I can click on that Office 365 tile in the console to reveal further detail, like that for SharePoint as shown above.

image

If I drill in further I get detailed log information as you see above. All of this is also searchable from OMS.

image

From this I can then go in and create an email alert as shown above.

This therefore provides a lot more detail and functionality around Office 365 reporting than I’ve seen elsewhere. Best of all, it is totally free! I would expect to see its abilities continue to increase.

image

You’ll find a huge amount of solutions you can simply plug into your dashboard to monitor all kinds of things, and they are adding new ones all the time. Just go to the solutions gallery, as shown above, to see all the modules you can add.

image

You’ll also see from the above that you can get a free plan that provides a lot of functionality, certainly a no brainer as a starting point for low level Office 365 monitoring and log capture. From there you can upgrade to the full plan on a per node per month cost.

Microsoft OMS is probably not as comprehensive as some existing third party monitoring solutions I’ve see out there in the SMB space at the moment, however I can also see how powerful OMS is going to become very soon as Microsoft focuses more attention and resources on its development.

I’d therefore be suggesting that if you need to monitor on-premise or cloud services then you really need to have a look OMS and understand what it can do today and what it is going to be capable of in the future. If I were those third party monitoring solutions, I’d be pretty worried about my business model going forward as Microsoft is coming to town with something that is going to make a huge impact.

If you need to monitor or secure any sort of technology, take a look at Microsoft Operations Management Suite (OMS) can do for you. You can even get started for free, so there is no reason not to give it a try.

Need to Know Podcast–Episode 102

We had a few technical hitches getting this episode out and we apologise for the delay but thanks to the hard work of our producer Marc Kean and guest Paul Ward we have stitched together this episode for you all about Windows 10 deployments.

Marc and I are joined by Paul Ward to talk about Windows 10 deployments as well as tool like System Center. We discuss the update of Windows 10 for consumers as well as enterprise as well as were we see the future of the Windows platform from Microsoft leading. There is also our usual update on all the cloud news around Office 365 and Azure. It’s been almost 12 months since the release of Windows 10 so listen along and join in the anniversary celebrations.

As always don’t forget to send us you questions and feedback as well as leaving review to help grow our audience. We appreciate you taking the time to listen.

or can listen to this episode at:

http://ciaops.podbean.com/e/episode-102-paul-ward/

or subscribe to this and all episodes in iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

Resources

Marc Kean

Robert Crane

Azure cool storage now available

Azure Site Recovery now available via Resource Manager

New SharePoint book – Beyond the Basics

The future of SharePoint

Updates to SharePoint Online are coming

Project Madeira

Miracast

Windows Phone 10 Continuum

System Center Dudes

Windows Noob

Coretech

System Center on Technet

Windows 10 Upgrade finished on July 29 2016

Microsoft has confirmed that its free upgrade offer to Windows 10 will definitely end on July 29th 2016. After that you’ll need to pay to get the latest version of Windows or buy a new machine with Windows 10 installed.

My own experience with Windows 10 upgrades have been very, very positive. All my own personal machines upgraded without issue as well as all my family’s. Personally, I’ve really liked the upgrade to Windows 10, the new features, look and feel, etc but what really surprised me was how will the rest of my family also liked it. Many of these aren’t into computers but they remarked how much they liked it unsolicited. Wow, I never heard that about previous Windows upgrades I have done for them.

Even though I don’t sell hardware or PC upgrade services any more I have also found that the response to Windows 10 with business customers has also been very, very positive. People really want to upgrade to it and it has a real improvement to their productivity. I think they’ll see even more benefit when they get hardware that allows the Windows Hello feature to automatically log them into their devices once it recognises them.

Another big leap that Windows 10 has taken is the ability to join Azure AD. Although not quite as powerful as local AD at this point in time, I can see a day in the very near future where it will be but thanks to Azure AD you’ll no longer have to be tethered to your local network to be secure and access all your programs and data. When you then add on features in Azure AD Premium you begin to see what a mobile first, cloud first world is all about.

So, if you haven’t yet upgraded to Windows 10 then I suggest you hurry up and do so before July 29 because you’ll get it for free.

What’s been you experience? I’d love to hear.

Windows Phone 10 Continuum is key

I continue to be a big supporter of the Windows Phone platform for many reasons, even as the market dwindles below one percent. I agree that there certainly aren’t as many apps as there are on Android and iPhone but that is not the whole story here. So let me explain my thinking on why Windows Phone is going to be so much more relevant in the future and thus why you shouldn’t write it off.

The growth in mobility is huge. Mobile devices out sell traditional desktop PCs by more than five to one with that growth only accelerating. Clearly, mobile is where it is all going. As our mobile devices become more and more capable we use them more and more and our traditional desktops less and less. You would then probably agree that there will come a day in the not too distant future, when the majority of users will have a mobile device as their primary device at work.

If a mobile phone is now your primary device all you really need is the ability to hook it up to a large screen and normal keyboard and ‘voila’, you now effectively have a desktop. So it would seem that the future holds people having a mobile phone they plug into some sort of docking station when they want to use it like a desktop.

Let’s turn our attention to the growth of the mobile phone market for just a second. Apple were the first to market with the modern mobile phone as we know it today. They still dominate the market because they have continued to capitalise on that innovation. Android emerged as a strong, and now dominate, competitor because it allowed more apps to be developed on its platform more easily than Apple. The analogy would be the state of play when it comes to desktop software, i.e. Apple Mac vs PC. Microsoft has a platform that was much easier and more widespread to develop for. Thus, it became the dominate player in the market.

Ok, so how do these concepts relate to Windows Phone you may ask? In one word. Continuum.

Continuum is a Windows 10 technology that allows the device to automatically reconfigure itself depending on its form factor. If you take a Windows 10 Surface machine and detach the keyboard, thanks to Continuum, it instantly changes the interface to be that suit for a tablet.

That’s great for PC’s with detachable keyboard BUT now think about Continuum on phones. You have a phone that you plug into a docking station that converts it to a desktop. As I mentioned before, this most agree, is the direction we are heading with mobile devices. That indicates to me that Microsoft is already ahead of the game with this concept. Android and iPhone don’t have that ability as yet to my knowledge, so Microsoft is already gaining experience in what will be the future of the way the majority of people use mobile phones.

image

I have a Lumia 950 XL phone that is running Windows 10 (and Continuum). I also have the phone docking station( (shown above) that allows you to connect your 950 XL to and then connect a Bluetooth keyboard and mouse, an external monitor as well as plug in USB storage.

image

The dock small enough to be carried just about anywhere, so now I can transform my phone effectively into a desktop PC anywhere I am.

wp_ss_20160219_0003

The way you do this is to plug the phone into the dock and then select the Continuum app from the list of apps on the phone.

wp_ss_20160219_0008

You then let the phone know how you’ll be connecting to the dock, either wired or wirelessly. Again, note here that Microsoft has recognised that wirelessly connecting is going to be the easiest way for people to use this. That is, as long as the phone is near the dock, it will seamlessly connect to your full size keyboard and screen, transforming into a desktop PC .

wp_ss_20160219_0002

Once Continuum is active the phone screen becomes a mouse pad, as shown above, and you have a Windows 10 desktop on the large monitor you are connected to. Thanks to my Bluetooth keyboard and mouse I effectively now have the full desktop experience.

wp_ss_20160219_0004

You can go in and adjust the setting for Continuum on the phone as shown above.

wp_ss_20160219_0005

You can adjust the display as well.

wp_ss_20160219_0006

As well as controlling the desktop experience.

Now thanks to Continuum I have a Windows 10 desktop and a phone. Even with Continuum in operation, I can still use the phone as a phone, make and receive calls, run apps, etc.

You’ll get a much better idea of Continuum from the above video.

Thanks to phone based apps like Excel, Word, PowerPoint, etc you can still get your work done directly using the phone. Apps have to be written to support Continuum which many still need to be converted but for example apps like FitBit, TED and Audible are Continuum ready. I would expect to see more and more apps become Continuum ready in the future.

Of course the naysayers are going to point to the fact that you can’t run ‘normal’ desktop apps that businesses need to work because they only run on an Intel platform. Agreed, but the Windows 10 phone has a Remote Desktop app that allows to connect to any any desktop.

image

You’ll find that app here:

https://www.microsoft.com/store/apps/9NBLGGH30H88

So now with this Remote Desktop app on my phone and with my phone connected to a large keyboard, screen and standard mouse I would suggest to you that I now have a complete desktop replacement.

In my case I used this Remote Desktop app to connect to an Azure VM without issue and run normal desktop apps just as you would on a PC. So now with the power of Windows 10 phone and Azure do you really need to have traditional servers and desktops inside the business? I’m thinking not.

So now, thanks to the Remote Desktop client, you have full access to all the software that is written PC’s anywhere, all directly on your device.

If you step back and take a look at what Microsoft is doing with Windows 10 phone in light of Continuum, I see them investing in a key mobile trend that most agree is the direction we are headed (just like Apple did with the iPhone). I see Microsoft allowing users the ability to connect to their legacy apps and continue to develop on existing platforms yet have these accessible via the device, thus giving users access to the greatest range of software (much like Android).

Thus, many have written off Windows Phone, however I’d suggest that people are overlooking how rapidly this market continues to develop and to be truly succeed you need to be play where ‘the ball is going, not where the ball currently is’. I don’t see Apple or Android investing in this replacement desktop paradigm, it is only Microsoft. In my mind that gives Microsoft a HUGE advantage in the mobile space and is the reason I see Windows Phone as a platform with far more potential than many see.

Those who look to the future and prepare stand a better chance of winning than those who only consider today. There is still a long way to go and much more development will be required but importantly (like Apple and iPhone), I think Microsoft and Windows 10 Phone is well placed to lead the pack going forward. So, ignore Windows 10 phone at your peril.

Need to Know Podcast–Episode 97

This episode features an interview with HubOne CTO Roland Leggat. As an ex-‘Mirosoftie’ Roland shares his insights into the history of Skype for Business and how important it is today for businesses. We chat about what features, functionality and benefits of Skype for Business enables and how it lifts the productivity of those using it since it integrates with the most common desktop applications. If you are interested in Skype for Business then this episode is for you.

Marc and I also cover the latest from the Cloud and Microsoft including some interesting projects we are working on and what we see in the industry at the moment. 

You can listen to this episode at:

http://ciaops.podbean.com/e/episode-97-roland-leggat/

or subscribe to this and all episodes in iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send me anyfeedback or suggestions you may have for the show. 

Resources

HubOne

Roland Leggat – roland@hubone.com 

Skype for Business

Microsoft Surface Power Cord recall

Microsoft Tecnet Virtual Conference

Azure AD Connect tool

Microsoft Fastrack now starts at 50 seats

Automatic provisioning of Yammer

Enterprise state roaming

Getting Started with Skype for Business Online

Configuring an Azure Single Sign on Portal