Windows 10 | Aidan Finn, IT Pro

Microsoft Ignite 2018: Office in Virtual Desktop Environments

Speakers: Gama Aguilar-Gamez & Sandeep Patnik

Goal: Make Office 365 Pro Plus a first class experience in virtualized environments.

Windows Virtual Desktop

The only mutli-user Windows 10 experience – note that this is RDmi and it also supports session hosts.
Optimized for Office 365 Pro Plus
Deploy and scale in minutes

Windows 10 Enterprise Multi-User

Scalable multi-user modern Windows user experience with Windows 10 Enterprise security
Windows 10
Multiple users
Win32, UWP
Office 365 Po Plus
Semi-Annual Channel

This is a middle ground between RDSH on Windows Server and VDI on Windows 10.

Demo

The presentation is actually being run from a WVD VM in the cloud. PowerPoint is a published application – we can see the little glyph in the taskbar icon.

User Profile Disks

High performance persistence of cached user profile data across all Office 365 apps and services.

Outlook OST/PST files – will be improved for GA of WVD. Support for UNC paths
OneDrive sync roots
OneNote notebook cache

Improving Outlook Start Up

Virtual environment friendly default settings
Sync Inbox before calendar for faster startup experience
Admin option to reduce calendar sync window
Reduce the number of folders that are synced by default
Windows Desktop Search is no per-user

See Exchange Account Settings to configure how much past email should be synced

Windows Desktop Search

Enables the full Outlook search experience that users expect
Per user index files are stored in the user profile for each roaming
No impact to CPU usage at steady state, minimal impact at sign in

With 100 users in a machine signing in simultaneously, enabling Windows Search has a 0.02% impact on the CPU.

Demo

Desktop of the remote machine is stretched across multiple displays – this demo is with a published desktop hosted in Windows 10 multi-user. Windows Desktop search is enabled. Instant search results in Outlook. OneDrive sync is working in a non-persistent machine – fully functional enabling the full collaboration experience in O365. Selective Sync works here too. Sync is cloud-cloud so the performance is awesome. In Task Manager, we see 3 users signed into a single Windows 10 VM via RDS.

OneDrive

Co-authoring and collaborative capabilities in wXP, powered by OneDrive.
OneDrive sync will run in non-persistent environments
Files on-demand capabilities
Automatically populate something

Support

Search products stay in sync with each other
Office 365 Pro Plus will always be supported with Win 10 SAC
Office 365 Pro Plus won Windows Server 2016 will be supported through October 2025

Best Practices

Outlook:

The OST file should be stored on local storage.
Outlook deployed with the primary mailbox in cached echange mode with the OST file stored on network storage, and an aggressive archiving strategy to an online archive mailbox
Outlook deploy in cached exchange mode with slider set to one month.

Office 365:

Licensing token roaming: Office 365 Pro-Plus 1704 or newer. You can configure the licensing token to roam with the users profile or be location on a shared folder on the network. This especially helpful for non persistent VDI scenarios.
SSO recommended. We recommend using SSO for good and consistent user experience. SSO reduces how often the users are prompted to sign in for activation. With SSO configured, Office activates with the credentials the user uses to sign into Windows if the user is also licensed for O365 Pro Plus.
If you don’t use SSO, consider using roaming profiles.

Preview

Public preview later 2018.

GA early 2019.

Q&A

If you want to use RDSH on Windows Server 2019 then Office 365 Pro Plus is not supported. You would have to use persistent Office 2019 so you get a lesser product. The alternatives are RDSH on Windows Server 2016 or Windows 10 Multi User (Azure).

Widows 10 Multi User is only available in Azure via Windows Virtual Desktop.

A lot of the above optimization, such as search indexing, rely on the user having a persistent profile on the latest version of Windows 10. So if that profile is a roaming profile or a UPD, then this works, in RDS or on physical,

Got a Surface Pro

As you might have noticed, myself and my wife have started a new Azure training business called Cloud Mechanix. The thing I fear the most, as a presenter, is my laptop dying. I don’t want to use my employer’s device (a Surface Book) because that would be a conflict of interest. My personal laptop is a 4-year old Lenovo Thinkpad Yoga, which still runs well, but is showing it’s age … Thinkpads have a great build reputation but the rubber feel and logos were all gone in 18 months. Many moons ago, I had a laptop die in England the night before I was to present at an MVP event. I ended up having to borrow a machine, and that’s not a position that I can tolerate as a trainer. So the Yoga will be my backup machine, and I needed something new and suitable for presentations.

Choice

My requirements were:

Weight: I wanted this machine to be light because I will be travelling light with no checked-in bags.
Moderate performance: An i5 was fine, 8-16 GB RAM. I’m not running Visual Studio or games, but I want the machine to run and age well.
Touch: I use touch when I’m reading.
Stylus: I whiteboard a lot. Hotels charge a fortune for things like flipcharts, and I prefer to use Windows 10 inking, e.g. Microsoft Whiteboard, because it’s being projected onto a big screen. I often draw over my PowerPoint for convenience.

So, that left me with plenty of options. Lenovo was ruled out because of build quality and price – see above. I really liked the look of the recently Dell XPS 13, until I saw what Dell had done with the webcam. Imagine doing Skype calls when everyone is looking up your nose! HP have some nice machines that are similar to the Dell XPS 13. I was tempted by USB-C, but then I thought … how many devices will I hang from my presentation machine? My office machine has 8 on-board USB 2.0 ports and an additional 4 x PCI USB 3.0 ports, most of which are used. But I will be travelling light, so all I’ll need are:

Video out
USB 2.0/3.0 for a clicker
USB 3.0 for a gigabit network adapter

FYI, Acer, Asus, and Samsung were all ruled out because of terrible post-sales hardware support.

That left me with Microsoft: Surface Laptop and Surface Pro. I like the Surface Laptop. It’s thin, light, and pretty much the Surface Pro in laptop form. I was tempted – if it had been a convertible then I would have pulled the trigger. But what did it for me was the ability to remove or flip up the keyboard of the Surface Pro. Form time to time, I have been known to connect to the screen/projector via Miracast, pick up my device, and walk around while presenting. It’s also handy in a meeting when whiteboarding on screen – get the keyboard out of the way and draw/talk; the flexible stand helps there too.

Post-Sale

The purchase was easy; Cloud Mechanix as a service provider is able to buy from my employer (a distributor) at trade prices plus support would be easy for me. The OOBE setup of Windows 10 was interesting:

The OOBE was defaulting to UK English/UK as the location so Cortana was there. She walked me through the setup. I had never heard Cortana during setup before, and I never even knew it was possible.
I was forced to do Windows updates at the end of the OOBE. A 3 GB download/install was required (I guess 1709 was not in the image). That start at around 4PM and finished sometime after 9PM – I actually left it running in the back of the car when I was driving home from work.

The Surface Pro has 1 x USB 3.0 port, which is not enough for my basic presentation requirements. That’s easily solved. I added a Macally U3HUBGBA USB/Ethernet hub – also purchased through work via trade. From a single (shared bandwidth) USB 3.0 port, I get 3 more ports and a “Gigabit” Ethernet adapter. That’s all my connectivity requirements sorted –

I added the Cobalt stylus and a signature keyboard. The alcantara of the keyboard doesn’t feel like a fabric; it feels more like what it is: the result of 2 chemicals companies cooperating on something. It feels smooth to the touch and like it will wear well. The keyboard is rigid enough to work well, and I haven’t had any issues typing on it, which I often do with some Lenovo and HP machines when they get funky with keyboard layouts, e.g. moving CTRL or ALT.

It’s only been a few days, so a review isn’t justifiable, and others wrote reviews last year.

My Hands-Off Review of Surface Studio

I don’t have a Surface Studio. My access to one was limited to a 10 minute play in a Microsoft Store in Bellevue, WA last month. But I did have that limited hands-on, I know the specs, and I’ve listened to & read other reviews. So I have my opinions on this headline-making PC from Microsoft and here they are.

Styling & Form

If it was possible to give a 12 out of 10 score, then I’d do it. The Surface Studio is a beautifully engineered machine, making all those beige and black cuboid PCs of the past look like dumpster fires. I love the form-factor – I was a fan of a similar machine that Lenovo launched several years ago with Windows 8, the A730, which often appears in TV shows such as The Flash.

The Lenovo A730

When word of a Microsoft PC leaked, I hoped it would look something like the Lenovo. And Microsoft exceeded that, with a machine that is perfectly designed on the exterior. The screen tilt is perfectly balanced; you can pull down or push up the screen with just one finger, and the motion is smooth. That quality makes you think of a €300,000 hand-made car. In “draft mode” with the screen at a low angle, the Studio is perfect for drawing on. The stylus experience is as you’d expect, fluid and responsive.

The Screen

In my opinion, this is the star feature of the Studio: a big bright, contrasty, colour-popping 28” screen that makes all others look like rubbish. I actually went up the escalator to the Apple store to do an eyeball comparison after playing with the Studio. Apple’s stock paled in comparison in my untrained and un-calibrated opinion. As a hobbyist photographer, the Studio’s monitor would be my choice. Now, there are pros out there that will point out some niche editing monitors with better contrast, colour ranges, hoods for blocking reflections, and all that jazz, but those things cost a freaking fortune, and few creatives ever use them. And the Studio’s big win … you don’t need some drawing pad from the likes of Wacom (professional ones can cost in excess of $1500) because the PixelSense monitor on the Studio is a touch screen that supports a stylus, and the screen tilts down to a suitable angle for editing and drawing.

The Peripherals

The keyboard and mouse are stylish and match the design of the machine. The choice of mice/keyboards is usually a personal thing; I hate small keyboards and flat mice so I would prefer to use something like the 2000 combo from Microsoft – which I use at home. Yes, I would “ruin the styling” at my desk, but these devices suit me better.

The 2000 keyboard/mouse from Microsoft which I prefer

Of course, the talking point peripheral is the Dial. The Dial is revolutionary. You press down to activate a menu, twist and select and option, and then twisting the dial impacts how much/little or forward/back the current editing does. For a righty, you have the stylus in your right hand, and the dial in your left on the screen (so you can see your press-down menu options), and editing is just a natural process. If you are editing, you can draw while resizing the brush, changing the tone, lightening/darkening the mask, or undoing/redoing your changes. It’s an extremely natural device to use, and the news that it works with other devices is great for all you graphic artists or photo editors that want a faster way to work.

The Spec

This is where things aren’t 12/10. I’m a big fan of the idea, the styling, the screen and the interaction with the Studio. But the spec has some issues. The first of these is the graphics card. I’m no PC gamer, so graphics cards aren’t something I pay attention to. But I sit beside two graphics artists at work. They LOVED the appearance of the Studio when it was announced, but then they saw the card spec, and were disappointed. The Studio includes a mobile GPU, not a PC one, so performance was sacrificed for form. I would have not been upset if the machine was a few millimetres thicker or wider to get a better card in there.

The other issue is that the machine has a 5400 RPM hard drive (!!!!) with an M2 SSD cache; in other words, a hybrid drive. The prices of flash storage have plummeted. There is no excuse for putting such a dreadful storage solution into a premium machine like the Studio. Hybrid drives, in my opinion, are a waste. The cache just doesn’t impact performance enough to matter – I know, because I replaced a similar 1 TB hybrid drive in my Lenovo Yoga with a 1 TB Samsung Evo SSD. And the reason was identical to what Leo LaPorte of TWiT reported on Windows Weekly a couple of weeks ago.

I might take 1,000 photos on a successful day of wildlife photography – not that similar to what a wedding or news photographer might do. A 36 megapixel photo might be around 60 MB in size. 1000 of those is 58 GB – well beyond the 32 GB SSD cache of a hybrid drive. Let’s say I import those 1000 photos into Adobe Lightroom on my imaginary Surface Studio. The first thing that a photography creative will do is browse through the photos, rate them, and remove what they don’t want to keep. Each photo is pretty large, so loading it from a 5400 RPM HDD will be tedious … 4-8 seconds for each photo! Yes; that’s what Leo LaPorte reported on Windows Weekly, and that’s what I’d expect from such a drive.

Microsoft should never have put such a cheap storage solution into a PC for creatives – that’s like putting a 1 litre engine from a Fiat Punto into a Rolls Royce. If you’re getting a Studio then allow for a couple of hundred dollars to replace the drive (which can be done) with an SSD.

Everything else is great … lots of memory in the choices, and fast CPUs. It’s a pity that the memory is not expandable, but as Apple have realized, that’s creating manufacturing costs and complexity for the 1% of your target market, and it just isn’t worth it.

The Price

There are 3 available specs of Surface Studio:

$2,999 plus tax: 1 TB / Core i5 / 8 GB RAM / 2 GB GPU
$3,499 plus tax: 1 TB / Core i7 / 16 GB RAM / 2 GB GPU
$4,199 plus tax: 2 TB / Core i7 / 32 GB RAM / 4 GB GPU

Your first reaction: whoah! But you need to realize that this is not a PC for everyone. Microsoft is aiming this machine at creating professionals that view their PC as a tool. And like all tool-using professionals, the quality of the tool impacts the effectiveness of their work processes, so professionals are willing to pay for better equipment. Let’s do a comparison with that these people have been purchasing up to now, that offers a similar solution:

Apple Mac Pro, the Apple PC that hasn’t been improved in 3 years: 256 GB SSD / Quad Core Intel Xeon / 12 GB RAM / 2 x 2 GB GPU …. $2,999 plus tax.
Apple Mac Pro, the Apple PC that hasn’t been improved in 3 years: 256 GB SSD / 6Core Intel Xeon / 16 GB RAM / 2 x 3 GB GPU …. $3,999 plus tax.

The graphics adapters are an advantage for Apple. I think the CPU is a wash because Apple has old hardware verus the Studio’s newer Core i7 (creatives shouldn’t bother with the entry level machine from Microsoft). Apple includes pathetically small storage and the screens neither tilt nor support touch/stylus. This means you need additional capacity:

Professional NAS: $1,000 plus Tax for a Netgear device on Amazon.com that came up first in my search for “Apple NAS”.
A professional Wacom stylus solution: The Cintiq 27QHD 27” costs $2,550 plus tax on Amazon.com.

So the entry level option from Apple will cost: $2,999 + $1,000 + $2,550 = $6,549 plus tax. The top model from Microsoft will cost $4,199 plus an SSD, plus tax. Hmm, that’s around a $2,000 saving, plus I get a cleaner working experience, modern hardware, and tools (Dial and tilt screen) designed for how I work.

The Impact of Surface Studio

My employer (one of the few authorized Surface distributors in the world) got calls about supplying Surface Studio the morning after the launch. The sad news is that the Studio is limited to the USA and it doesn’t look like that will change anytime soon. My personal opinion is that Microsoft accomplished exactly what they wanted with the Studio. The Studio was a concept, much like a Bugatti Veyron or similar. This was an “ultimate machine” designed not to be a profit center, but a highlight, and example of what can be accomplished. By launching a desktop PC, Microsoft risked further angering their OEM partners like Dell, HP, Acer, Asus, and so on. But by making this a very expensive, niche (creatives), and relatively unavailable (tiny supply to a single market) machine, Microsoft created a light in the dark instead of a competitor to their partners.

The Surface Studio is a lighthouse. It has shone a light on what can be done with Windows 10, and most importantly, made the media and the customer aware that Microsoft still exists and is still relevant. That plan was a complete success. Even the most ardent Apple-fanboys in the media were convinced that Microsoft has won the title of “most cool” versus Apple, especially after the poorly timed and underwhelming Apple MacBook Pro “touch” launch. Apple customers were all over forums and social media saying that Microsoft has scored a huge win. Share values of Microsoft have stayed high. And hopefully, the OEM partners have seen what can be done, and will mimic the Studio with cheaper clones (with SSD storage!).

Ignite 2016 – Extend the Microsoft RDS platform in Azure through Citrix solutions

This post is my set of notes from the session that shows us how Citrix are extending Azure functionality, including the 1st public demo of Citrix Express, which will replace Azure RemoteApp in 2017.

The speakers are:

Scott Manchester (main presenter), Principal Group Program Manager, Microsoft
Jitendra Deshpande, Citrix
Kireeti Valicherla, Citrix

RDS

A MSFT-only solution with multiple goals:

Two on-prem solutions:

Session-based computing
VDI

In the cloud:

Session-based computing: RDS in VMs or the deprecated Azure RemoteApp
VDI “on Windows 10” … Manchester alludes to some licensing change to allow Enterprise edition of the desktop to be used in cloud-based VDI, which is not possible in any way with a desktop OS right now (plenty do it, breaking licensing rules, and some “do it” using a Server OS with GUI).

RDS Improvements in WS2016

Increased performance
Enhanced scale in the broker
Optimized for the cloud – make it easier to deploy it – some is Azure, some RDS, some licensing.

Azure N-Series

There are a set of VMs that are ideal for graphics intensive RDS/Citrix workloads. They use physical NVIDIA GPUs that are presented to the VM directly using Hyper-V DDA (as in WS2016 Hyper-V).

I skip some of the other stuff that is covered in other sessions.

Citrix

Kiritee from Citrix XenApp/XenDesktop takes the stage. He’s focused on XenApp Express, a new from-Azure service that will be out in 2017.

XenApp 7.11 has Day 1 support for WS2016:

Host WS2016 workloads
Host XenApp and XenDesktop infrastructure
Workload provisioning on ARM
Deliver new universal apps to any device
Accelerate app migration with AppDNA

XenApp/XenDesktop For N-Series VMs

HDX can be used with N-Series Azure VMs. This includes graphics professionals and designers on “single user Windows 10 CBB VMs” with multi-monitor NVENC H.264 hardware encoding.

Options for Azure Migration

Jitendra of Citrix takes over. He works on XenApp cloud and XenApp Express.

You can extend workloads to Azure, host workloads in Azure, or run on a Citrix-managed service in Azure. In the latter, the management is in Citrix, and your workload runs in Azure. Citrix seamlessly update the management pieces and you just use them without doing upgrades.

These are the Citrix/Azure offerings today and in the future:

Back to Kireeti.

Next Generation Service for Remoting Apps

XenApp Express, out of the Azure Marketplace, will be the successor to Azure RemoteApp.

Citrix Cloud will provide the management – it’s actually hosted on Azure. You bring your own Windows Server Images into XenApp Express, much like we do with Azure RemoteApp – it an image with the apps pre-installed.

Bad news: The customer must have RDS CALs with Software Assurance (Volume Licensing, and yes, SA is required for cloud usage) or RDS SALs (SPLA). The cost of Azure Remote included the monthly cost of RDS licensing.

The VMs that are deployed are run in your Azure subscription and consume credit/billing there.

Management is done via another portal in Citrix Cloud. Yes, you’ll need to use Azure Portal and the Citrix Cloud portal.

Here is the release timeline. A technical preview will be some time in Q4 of this year.

Next up, a demo, by Jitendra (I think – we cannot see the presenters in the video). The demo is with a dev build, which will likely change before the tech preview is launched.

You “buy” Citrix XenApp Express in the Azure Marketplace – this limits transactions to certain kinds of subscriptions, e.g. EA but not CSP.
You start by creating an App Collection – similar to Azure RemoteApp. You can make it domain-joined or not-domain joined. A domain should be available from your Azure VNet.
Add your Azure subscription details – subscription, resource group (region), VNET, subnet.
Enter your domain join details – very similar to Azure RemoteApp – domain, OU, computer account domain-join account name/password.
You can use a Citrix image or upload your own image. Here you also select a VM series/size, configure power settings, etc, to control performance/scale/pricing.
You can set your expected max number of simultaneous users.
The end of the wizard shows an estimated cost calculator for your Azure subscription.
You click Start Deployment
Citrix reaches into your subscription and creates the VMs.
Afterwards, you’ll need to publish apps in your app collection.
Then you assign users from your domain – no mention if this is from a DC or from Azure AD.
The user uses Citrix Receiver or the HTML 5 client to sign into the app collection and use the published apps.

The Best Way To Deliver Windows 10 Desktop From The Cloud

Cloud-based VDI using a desktop OS – not allowed up to now under Windows desktop OS (DESKTOP OS) licensing.

There are “new licensing changes” to move Windows 10 workloads to Azure. Citrix XenDesktop will be based on this.

XenDesktop for Windows 10 on Azure is managed from Citrix Cloud (as above). You manage and provision the service from here, managing what is hosted in Azure.
Windows 10 Enterprise CBB licensing is brought by the customer. The customer’s Azure subscription hosts the VDI VMs and your credit is consumed or you pay the Azure bill. They say it must be EA/SA, but that’s unclear. Is that EA with SA only? Can an Open customer with SA do this? Can a customer getting the Windows 10 E3 license via CSP do this? We do not know.

Timeline – GA in Q4 of this year:

Next up, a demo.

They are logged into Citrix Cloud, which is first purchased via the Azure Marketplace – limited to a small set of Azure subscriptions, e.g. EA but not CSP at the moment.
A hosting connection to an Azure subscription is set up already.
They create a “machine catalog” – a bunch of machines.
The wizard allows you to only do a desktop OS (this is a Windows 10 service). The wizard allows pooled/dedicated VMs, and you can configure how user changes are saved (local disk, virtual disk, discarded). You then select the VHD master image, which you supply to Citrix. You can use Standard (HDD) or Premium (SSD) storage in Azure for storing the VM. And then you select the quantity of VMs to create and the series/size (from Azure) to use – this will include the N-Series VMs when they are available. There’s more – like VM networking & domain join that you can do (they don’t show this).
He signs into a Windows 10 Azure VM from a Mac, brokered by Citrix Cloud.

That’s all folks!

Technorati Tags: Event Notes,Azure,Citrix,RDS,Remote Desktop Services,VDI,Windows 10,Windows Server 2016

Windows 10 Being Pushed Out To Domain-Joined PCs

Brad Sams (my boss at Petri.com) published a story last night about how Microsoft has started to push out Windows 10 upgrades to domain-joined PCs.

Note that the PC doesn’t upgrade via Windows Update; the user will be prompted if they want to update, and then a deliberately confusing screen “encourages” the user to upgrade.

Brad notes that the environment must meet certain requirements:

The machine must be running and licensed for Windows 7 Pro or Windows 8.1 Pro (Enterprise doesn’t do this stuff).
There is no WSUS, ConfigMgr, etc – the machine gets updates directly from MSFT – this means smaller businesses for the most part.
The machine must be a domain member.

As you can see, this affects SMEs with a domain (no WSUS, etc). But I’d be surprised if larger businesses weren’t targeted at a later point in order to help MSFT hit their 1 billion PCs goal.

In my opinion, this decision to push upgrades to business is exactly the sort of action that gives Microsoft such a bad name with customers. Most SMEs won’t know this is coming. A lot of SMEs run systems that need to be tested, upgraded, or won’t support or work on newer operating systems. So Microsoft opting to force change and uncertainty on those businesses that are least ready is down right dumb. Brad reports that Microsoft claims that people asked for this upgrade. Right – fine – let those businesses opt into an upgrade via GPO instead of the other way around. Speaking of which …

There is a blocker process. I work in a small business and I’ve deployed the blocker. Windows Update added new GPO options to our domain controllers, and I enabled the GPO to block Windows upgrades via Windows Update:

As you can see – I’ve deployed this at work. We will upgrade to Windows 10 (it’s already started) but we will continue to do it at our own pace because we cannot afford people to be offline for 2 hours during the work day while Windows upgrades.

Technorati Tags: Windows 10,Deployment,Windows Updates,Active Directory

Microsoft News – 19 October 2015

It turns out that Microsoft has been doing some things that are not Surface-related. Here’s a summary of what’s been happening in the last while …

Hyper-V

Microsoft Loves Linux Deep Dive #2 – Linux and FreeBSD Integration Services Core Features: Talking about the services that are integrated into Linux guest OSs on Hyper-V.
Shared Hyper-V virtual disk is inaccessible when it’s located in Storage Spaces on a Windows Server 2012 R2-based computer: A hotfix is available.
Recover From Expanding VHD or VDHX Files On VMs With Checkpoints: Tut tut!
Find All Virtual Machines With A Duplicate Static MAC Address On A Hyper-V Cluster With PowerShell: A handy tip from Didier to avoid networking hell.
Microsoft Loves Linux Deep Dive #3: Linux Dynamic Memory and Live Backup: Dynamic Memory for Linux guests and backup VMs with file system consistency without shutting them down.
Virtual Network Appliances I Use for Hyper-V Labs: A post by Didier Van Hoye.
Microsoft Loves Linux Deep Dive #4: Linux Network Features and Performance: More about open source on Hyper-V.
KB3095308 – VMs may not get additional memory although they’re set to use Dynamic Memory in Windows Server 2012 R2: You experience a poor performance, and IIS servers may run out of memory at peak times.
KB3093571 Update to replicate multiple VM groups and VMs that use shared VHDs in Windows Server 2012 R2 or Windows Server 2012: This article describes a hotfix that enables multiple virtual machine (VM) groups replication and the ability to replicate VMs that use shared Virtual Hard Disks (VHDs) in Windows Server 2012 R2 or Windows Server 2012. This is BIG – I’ll have more on this topic later.
Windows 10 Build 10565 Adds Nested Hyper-V: A post I wrote for Petri.com.
KB3093899 – VMs that run on CSVs fail if DCM can’t query volumes in Windows Server 2012 R2: This article describes an issue that occurs when Desired Configuration Management (DCM) can’t query volumes in Windows Server 2012 R2.
KB961804 – Virtual machines are missing, or error 0x800704C8, 0x80070037, or 0x800703E3 occurs when you try to start or create a virtual machine: This problem may be caused by antivirus software that is installed in the parent partition if the real-time scanning component is configured to monitor the Hyper-V virtual machine files. Follow Microsoft’s guidance on antimalware for Hyper-V hosts, and stop being a “yes sir, no sir” gombeen kow-towing to the know-nothing security “expert”.
Trunking With Hyper-V Networking: Trunk the virtual switch port to allow a virtual appliance connect to multiple VLANs at once.
Remove Lingering Backup Checkpoints from a Hyper-V Virtual Machine: A recovery snapshot stays and you cannot apply or delete it.
Hyper V Amigos Podcast Episode 1 – Ben Armstrong: Hyper-V MVP Carsten Rachfahl interviews Microsoft PM, the Virtual PC Guy.

Windows Server

Windows Server Containers, what are they and where do they fit? Read the Microsoft explanation, and then read my one.
Memory Compression in Windows 10 Threshold 2: Improving resource utilization with TH2, the next major Windows release, coming in November.
“Not enough server storage is available to process this command” error when you try to access file shares on an SOFS-configured server : You ignored the guidance and used SOFS as an end-user file server. Seriously – try reading!
New Windows Server 2016 Storage Video Series: A set of videos on WS2016 storage.
KB3091057 – Cluster validation fails in the “Validate Simultaneous Failover” test in a Windows Server 2012 R2-based failover cluster: This hotfix changes some timing of the “Validate Simultaneous failover” test to more accurately verify the storage compatibility with the failover cluster.
How to setup Nano Server to send diagnostic messages off-box for remote analysis: Troubleshooting Nano server will be fun if you cannot log into it. So don’t log into it.

Windows Client

Windows 10 Enterprise Feature – Credential Guard: Using VSM to protect LSASS.

Azure

Monitor your Azure RemoteApp environment with OpInsight – Part 4: Monitor the User Profile Disks.
Learn how to back up your IaaS VMs in five minutes: It’s simple: create a backup vault, discover VMs, register VMs, create a policy.
Microsoft Azure Backup Server: Download the MAB (based on DPM) to get on-premises backup of Hyper-V, SQL, Exchange, SharePoint and clients that you can forward to Azure Backup vaults.
September updates to Azure RemoteApp: New features in the RDS service. Note that Office 2016 is not supported yet.
A VM that Azure Site Recovery helps protect goes into a resynchronization state: “Resynchronization is required for the machine X. Resume replication to start resynchronization” and “Resynchronization for virtual machine ‘VMName’ was marked corrupted by the service.”.
Inside Azure File Storage: Learn more about this application data sharing facility.
Azure RBAC is GA: Implement just enough administration (JEA) in your Azure subscription.
Azure RemoteApp Custom Image Licensing Error: When you make your own RemoteApp image from scratch.
Introducing Microsoft Azure Backup Server: A post I wrote for Petri.com on “Project Venus” progress.
Azure AD Domain Services is now in Public Preview – Use Azure AD as a cloud domain controller: We’re getting closer to Server Zero. Note the lack of integration with legacy AD.
The Azure AD App Proxy just keeps getting better and better: Cloud-enable legacy apps.
KB3090067 – Azure Backup performance update: Update MARS to avoid when incremental backups by using the Azure Backup agent may run slowly for servers that have many files.
User Environment Management in Azure RemoteApp – Part 1: Using UE-V with the user profile disks.
IIS and Azure Files: Can I host my IIS web content in the cloud using Azure Files? Yes you can put your websites in Azure Files and use shared configuration for shared web content between a farm of auto-scaling, load balanced VMs in an availability set with auto-scaling enabled. Yum!
Get Fast + Easy Support with OMS: Add Microsoft support users to a workspace so they can see the same thing as you.

Office 356

Cloud security controls series – OneDrive for Business: Compliance and security stuff.
Data Loss Prevention in OneDrive for Business, SharePoint Online and Office 2016 is rolling out: PDB is finally starting to improve.
Share with the click of a button in Office 2016: How to edit cooperatively.
What’s new – September 2015: A bit of a quiet month in Office, right? It was just Office 2016, Exchange 2016, …
I sync therefore I am…: A preview of the new ODB sync client
Azure PowerShell 1.0 Preview: A preview of v1.0 which appears to focus on improving admin of Azure Resource Manager.

Miscellaneous

A message to our customers about EU – US Safe Harbour: A comment by Microsoft’s legal honcho, Brad Smith, following the recent ECJ ruling that Safe Harbour is “invalid”.

Windows 10 Build 10565 Makes Nested Hyper-V Virtualisation … Possible!

One of the biggest hitting articles on my site, written in 2009 (!!!) is “Can You Install Hyper-V in a VM?”. The short answer has always been “yes, if you know how”, but the long/compelete answer continues with “the hypervisor will not start and you will not be able to boot any virtual machines”.

This was because Hyper-V did not support nested virtualization – the ability to run Hyper-V in a VM that is running on Hyper-V (yes, I know there are hacks to get Hyper-V to run in a VM on VMware). A requirement of Hyper-V is a processor feature, VT-x from Intel or AMD-V from AMD. Hyper-V takes control of this feature and does not reveal it to the guests running on the host. This means that a system requirement of Hyper-V is not present in the virtual machine, and you cannot use the virtual machine as a real host.

Microsoft released Build 10565 of Windows 10 to Windows Insiders this week and announced that the much anticipated nested Hyper-V virtualization is included. Yup, I’ve tried it and it works. Microsoft has made this work by revealing processor virtualization on a per-VM basis to VMs that will be Hyper-V hosts – let’s call these VM hosts to keep it consistent with the language of Windows Server Containers. This means that I can:

Install Hyper-V on a physical host
Create a VM
Enable nested virtualization for that VM, making it a VM host
Install a guest OS in that VM host and enable Hyper-V
Create VMs that will actually run in the VM host.

Applications of Nested Virtualization

I know lots of you have struggled with learning Hyper-V due to lack of equipment. You might have a PC with some RAM/CPU/fast disk and can’t afford more, so how can you learn about Live Migration, SOFS, clustering, etc. With nested virtualization, you can run lots of VMs on that single physical machine, and some of those VMs can be VM hosts, in turn hosting more VMs that you can run, back up, migrate, failover, and so on (eventually, because there are limitations at this point).

Consultants and folks like me have struggled with doing demonstrations on the road. At TechEd Europe and Ignite, I used a VPN connection back to a lab in Dublin where a bunch of physical machines resided. I know one guy that travels with a Pelicase full of of Intel NUC PCs (a “cloud in a case”). Now, one high spec laptop with lots of SSD could do the same job, without relying on dodgy internet connections at event venues!

A big part of my job is delivering training. In the recent past, we nearly bought 20 rack servers (less space consumed than PCs, and more NICs than NUC can do) to build a hands-on training lab. With a future release of WS2016, all I need is some CPU and RAM, and maybe I’ll build a near-full experience hands-on training lab that I can teach Hyper-V, Failover Clustering, and SOFS with, instead of using the limited experience solution that Microsoft uses with Azure VMs (no nested virtualization at this time). Personally I think this feature could revolutionize how Hyper-V training is delivered, finally giving Microsoft something that is extremely badly required (official Hyper-V training is insufficient at this time).

Real world production uses include:

The possibility of hosted private cloud: Imagine running Hyper-V on Azure, so you can do private cloud in a public cloud! I think that might be pricey, but who knows!
Hyper-V Containers: Expected with TPv4 of WS2016, Hyper-V Containers will secure the boundaries between containerized apps.

It’s the latter that has motivated Microsoft to finally listen to our cries for this feature.

Release Notes

Nested virtualization is a preview feature and not to be used in production.
AMD-v is not supported at this time. Intel VT-x must be present and enabled in the physical host.
You cannot virtualize third-party hypervisors at this time – expect VMware to work on this.
The physical host and the VM host must be running Build 10565 or later. You cannot use Windows 10 GA, WS2012 R2 or WS2016 TPv3 as the physical host or the VM host.
Dynamic Memory is not supported.
The following features don’t work yet: Hot-memory resize, Live Migration, applying checkpoints, save/restore.
MAC spoofing must be enabled on the VNIC of the VM host.
Virtual Secure Mode (VSM) / Virtualization Based Security (VBS) / Credential Guard (a Windows 10 Enterprise feature) must be disabled to allow virtualization extensions.

Enabling Nested Virtualization

1 – Install the Physical Host

Install Build 10565 of Windows or later on the physical host. Enable the Hyper-V role and configure a virtual switch.

2- Create a VM Host

Deploy a VM (static RAM) with Build 10565 or later as the guest OS. Connect the VM to the virtual switch of the physical host.

3 – Enable Nested Virtualization

Run the following, using an elevated PowerShell window, on the physical host to execute the enablement script (shared on GitHub):

Invoke-WebRequest https://raw.githubusercontent.com/Microsoft/Virtualization-Documentation/master/hyperv-tools/Nested/Enable-NestedVm.ps1 -OutFile ~/Enable-NestedVm.ps1

~/Enable-NestedVm.ps1 -VmName <VmName>

4 – Enable MAC Spoofing

Run the following on the physical host, targeting the VM host. This will enable MAC spoofing on the VM host. Modify this cmdlet to specify a vNIC if the VM will have NIC just for nested VMs to communicate on.

Set-VMNetworkAdapter -VMName <VMName> -MacAddressSpoofing on

5 – Enable Hyper-V in the VM Host

Enable the Hyper-V role in the VM host and configure a virtual switch on the vNIC that is enabled for MAC spoofing.

6 – Create Nested VMs

Create VMs in the VM host, power them up and deploy operating systems. Have fun!

And bingo, there you go!

How Useful is Nested Virtualization Now?

I won’t be rushing out to buy a new laptop or re-deploy the lab yet. I want to run this with WS2016 so I have to wait. I’ll wait longer for Live Migration support. So right now, it’s cool, but with WS2016 TPv4 (hopefully), I’ll have something substantial.

Technorati Tags: Hyper-V,Windows 10,Windows Server 2016,Virtualisation

Microsoft Windows 10 Mobile Phones NEEDS To Be Sold Via Partner Channel

I watched Microsoft’s Bryan Roper perform an awesome demo of Windows 10 Mobile’s Continuum feature yesterday, and it confirmed what I suspected: Windows 10 Mobile is for business users, and that’s because, it could be the phone that replaces the PC for a lot of users.

But there’s a problem. Microsoft has relied on the phone networks, such as Verizon (USA) and Vodafone (UK/Ireland/Europe), to sell there phones. And that has failed drastically.

There’s a thing you need to understand about sales people. They sell toasters. That’s my phrase for insulting a salesperson. Sales people typically know nothing about what they are selling. They learn some lines and pitch it. And sales people are often lazy. They’ll sell what they know, and they learn as little as possible. Walk into any store and you’ll be sold and iPhone, a Samsung S6, and whatever the bargain model is that month. They want the quick and easy sale so they can move on to the next customer and hit their target – understandable based on how sales people are measured (something Microsoft has only started to change internally and with partners).

So how does Microsoft work around these networks’ sales people to put their phone hardware and OS into the hands of the intended market?

I have a solution. Why don’t Microsoft sell “One Windows” via the same channel that sells the rest of Windows to business customer? Microsoft should say “screw you <insert network name here>!”, unlock the phones, and sell them via distribution/resellers to the business. This would allow Dell/HP to sell to Fortune 100/government (as was announced recently with Surface) and distribution to sell via authorised device resellers (as was also recently opened up for Surface) to everyone else.

Microsoft has made similar changes in the past. Office 365 was not sold via resellers to SMEs, but Open licensing was introduced after several years of doing nothing in the market. The same has happened with the Surface 3 generation this year (thousands of authorized device resellers being added worldwide) but it took Microsoft several years to realize that enterprises do not pay consumer rates to buy Surface off of some rather dodgy looking webpage.

I don’t think anyone would disagree that selling Microsoft phones via the reseller channel would be a bad idea. I’m not saying that this will solve the app-gap – but it would put more phones in the market and create more demand for universal apps that can run on any Windows 10 device. And right now, Windows 10 Mobile needs some momentum, that Microsoft has never gotten from the networks, and never will. If Microsoft does not make this necessary change now, then they’d save shareholders a lot of money just by killing of the Windows Phone program right now, and focusing on Android and iPhone apps.

[EDIT] I’ve just read that AT&T has an exclusive on the new phones in the USA. Bye-bye, Windows Phone.

Technorati Tags: Hardware,Windows 10

Surface Book Specs, Availability, Peripherals, Models, & Pricing

Here’s a breakdown of what I know so far:

General availability:

The US and Canada can get their hands on Surface Book on October 26th.
Australia gets it on November 12^th, according to the Microsoft Store site.
It looks like most countries will be waiting until 2016 for Surface Book – there’s no mention of it on the UK or Germany sites.

Everything we know (at the time of writing, Comic Book Store Guy who will comment in 6 months’ time) about the NVIDIA GPU is listed above and:

It’s a new chipset;
The Xbox team was involved in tuning.

Neither Microsoft nor NVIDIA are talking specifics.

A lot was made of the NVIDIA GPU in the launch. Note that the 2 cheaper models use Intel HD graphics instead of the NVIDIA GPU. Using the customizer on the US Microsoft store, the following models were available to me:

Intel Core i5, 8 GB RAM, 128 GB SSD (not NVIDIA GPU): $1,499
Intel Core i5, 8 GB RAM, 256 GB SSD (not NVIDIA GPU): $1,699
Intel Core i5, 8 GB RAM, 256 GB SSD: $1,899
Intel Core i7, 8 GB RAM, 256 GB SSD: $2,099
Intel Core i7, 16 GB RAM, 512 GB SSD: $2,699

This machine is not priced to compete with a Dell Inspiron or a Lenovo Thinkpad. This is a high-end machine, targeting the same niche market as the MacBook Pro. I expect we’d see sales to artists, engineers, and management types. Asus’s CEO doesn’t need to complain.

Note that the Surface Book was designed to run Windows 10, not Windows 8.1.

[Edit]

Some notes:

The top/tablet is referred to as a clipboard by MSFT marketing
The battery is split; 4 hours in the top and 8 hours in the keyboard
The models with NVIDIA GPU place the GPU in the keyboard. There’s an Intel GPU in the clipboard/tablet.

The New Surface Pen

Included with the Surface Book
Aluminium
1024 levels of pressure with
1 year rechargeable battery
Compatible with Surface Pro 4, Surface Pro 3 and Surface book

The New Surface Dock:

Compatible with Surface Pro 4, Surface pro 3, and Surface Book
2 Mini DisplayPorts
1 Gigabit Ethernet port
4 USB 3.0 ports
1 Audio out port
5.12 x 2.36 x 1.18 in (130 x 60 x30 mm)
$199.99

Mini-Display Port adapters:

2 models: To-VGA and to-HA AV adapters
Compatible with Surface Pro 4, Surface Pro 3, and Surface Book
$39.99

Technorati Tags: Hardware,Windows 10

Surface Pro 4 Specs, Availability, Peripherals, Models & Pricing

Here’s a breakdown of what I know so far:

Surface Pro 4

Continuous kickstand
No LTE/modem capable models
Designed for Windows 10, not Windows 8.1

General availability:

The US and Canada can get their hands on Surface Pro 4 on October 26th.
Everyone else will have to wait – For example the UK & Germany (and some other big markets) is November 12th and others will wait until November 19th. Check your local online Microsoft Store (some localised sites still have no mention of the new devices, e.g. Ireland).

Using the customizer on the US Microsoft store, the following models were available to me:

Intel Core M, 4 GB RAM, 128 GB storage, $899
Intel Core i5, 4 GB RAM, 128 GB storage, $999
Intel Core i5, 8 GB RAM, 256 GB storage, $1,299
Intel Core i5, 8 GB RAM, 512 GB storage, $1,699
Intel Core i5, 16 GB RAM, 512 GB storage, $1,899
Intel Core i7, 8 GB RAM, 256 GB storage, $1,599
Intel Core i7, 16 GB RAM, 256 GB storage, $1,799
Intel Core i7, 16 GB RAM, 512 GB storage, $2,199
Intel Core i7, 16 GB RAM, 1 TB storage, $2,699

The New Touch Cover

Backlit keys
40% larger trackpad
Compatible with Surface Pro 4 and Surface Pro 3
Colours: Black, blue, bright blue, red, teal, onyx (dark grey)

There are two prices:

The normal ones are $129.99
The onyx one features Fingerprint ID scanner for Windows Hello and costs $159.99 – this model is aimed at giving Windows Hello to Surface Pro 3 users because the Surface Pro 4 offers facial recognition.

The new Surface Pen

Aluminium
1024 levels of pressure with
1 year rechargeable battery
Compatible with Surface Pro 4, Surface Pro 3 and Surface book

The new Surface Dock

Compatible with Surface Pro 4, Surface pro 3, and Surface Book
2 Mini DisplayPorts
1 Gigabit Ethernet port
4 USB 3.0 ports
1 Audio out port
5.12 x 2.36 x 1.18 in (130 x 60 x30 mm)
$199.99

Mini-Display Port adapters

2 models: To-VGA and to-HA AV adapters
Compatible with Surface Pro 4, Surface Pro 3, and Surface Book
$39.99