What’s new in Windows Server 2012 R2


Microsoft’s latest server operating system, Windows Server 2012 R2, is due with us on October 18th so let’s take a look at what’s new in the upcoming release.

 

People Centric IT (PCIT): Borne out of/related to Bring Your Own Device (BYOD), PCIT is a key component of all Microsoft’s upcoming server releases including System Center and Intune.

The Workplace Join feature will enable users to register their devices in Active Directory (AD) and then to enroll them for management in System Center / Intune.

As part of that Workplace Join, we’ve created a user@device record in the Active Directory. In this way, we’re enabling your existing AD infrastructure to be extended to accommodate mobile devices. This allows us to provide the IT Pro with an inventory of devices and their users, and to audit the access that will be subsequently granted to those users on those devices. The certificate issued to the device includes both the identity of that device and the identity of the authenticated user. Access to resources published via our Web Application Proxy (see below), or to any other resource that relies on AD FS for authentication, will rely on this certificate for authentication.

One thing worth noting: The act of registering the device to Active Directory does not allow IT to control the device in any manner — that’s is covered by enrollment. Workplace Join is only used to govern access to corporate resources and to enable SSO.

The new Company Portal gives users a central place to perform common tasks such as:

  • Access internal apps
  • Manage their devices with remote wipe etc.
  • Access their data with Work Folders integration

What are Work Folders you may ask, well:

Work Folders address the bring-your-own device (BYOD) scenario, enabling users to store and access work files on personal PCs and devices as well as corporate PCs. Users gain a convenient location to store work files and access them from anywhere, while organizations maintain control over corporate data, storing the files on centrally managed file servers and optionally specifying user device policies such as encryption and lock screen passwords.

Work Folders can be deployed alongside existing deployments of Folder Redirection, Offline Files, and home folders. Work Folders stores user files in a folder on the server called a sync share, and you can specify a folder that already contains user data, enabling you to adopt Work Folders without migrating servers and data or immediately phasing out your existing solution.

This all makes it easier for users to be able “work anywhere” as:

As part of enrolling for management, users can have their devices provisioned with certificates, WiFi profiles, VPN profiles, and DirectAccess configuration. The VPN profiles can be associated with DNS names or specific applications so that they automatically launch on demand. This allows users to work remotely and always be connected to the corporate network without the need to initiate a VPN connection.

A new feature in Server 2012 R2, SCCM 2012 2 and Windows 8.1 enables apps to initiate the VPN connection when launched.

Another big BYOD addition is this:

With the R2 wave of releases, we have added the ability to selectively wipe corporate information while leaving personal data intact.

That’s a huge thing with BYOD, if users are using their personal devices for work it stands to reason their will be personal data on the device – holiday pictures, music etc. – and the risk of losing all that due to a corporate wipe has put many people off. Some may say that is the price one pays for BYOD but it doesn’t have to be the case and it’s great to see it baked into the new MS products.

Other areas added to in Windows Server 2012 R2 include:

  • Identity Management
  • IAAS (Infrastructure As A Service)
  • Hybrid Networking
  • Cloud Integrated Disaster Recovery

To see much more in depth, technical info around all the above (and more) head over to:

http://blogs.technet.com/b/in_the_cloud/archive/tags/what_2700_s+new+in+2012+r2/

Windows 8 Shortcut Keys


The usability of Windows 8, particularly on non-touch devices, is a hot topic with many claiming that it’s “touch first” design makes it harder to access things on a desktop or laptop. I personally don’t find it much of an issue on a desktop with an external mouse but have, I admit, found it a little frustrating sometimes when using a laptop trackpad as there can be quite a lot of cursor movement. TO this end I’ve started using keyboard shortcuts more than ever before – they’re quick, easy and make working with Windows 8 even more fluid and enjoyable.

Some of my favourite shortcuts are:

Win+C = Brings in Charms bar from right

Win+i = Bring up Settings menu from right

Win+H = Brings in Share menu from right

Win+Q/F/W = Brings in Search Apps/Files/Settings screen from right

Win+tab = Brings up the “Modern App Taskbar” (aka list of open apps) from left – holding win and pressing tab then scrolls through the apps

I find I use at least a couple of these each time I use my Windows 8 laptop and they definitely make it easier for me – I hope they do for you to!

Over on Technet, there is a great post with a very comprehensive list of keyboard shortcuts, many/most not just specific to Windows 8 either – check it out here:

Windows 8- For Those of us who Still Prefer Keyboard Shortcuts to Touch Screens – WE SALUTE YOU!

Activating Windows 8 Enterprise


Windows 8 has hit the RTM (Released To Manufacturing) stage so those people with Software Assurance, MSDN etc are able to install the final copy of Microsoft’s latest OS. However it’s not all plain sailing.

It seems sometimes, with the Enterprise version, it refused to activate. You get the screen overlay in the right hand corner telling you to activate but when you go to settings to do so, it fails. The ones I’ve seen fail with a “DNS name does not exist” and shows that it has a license key already, that ends “CWCK7” despite you not having entered one. There no longer appears to be a way of manually typing the key into the Windows Activation section…so what to do?

I came across an article at here that told me what to do, which is actually quite simple:

slmgr -ipk “valid license key”

That 2nd character is a lower case “L” by the way!

Couple of things I thought I’d mention to make things a bit easier:

First of all – you must run command prompt as an admin.

I must admit I struggled for a while to work out how to run CMD as an admin on my Windows 8 tablet. How do you right click without a mouse?

Simple (once you know/remember how) – swipe up on the app icon and it brings up the app commands at the bottom of the screen. Hit “Run as Admin” and you’re away!

Lync Mobile & Office 365


Lync Mobile is out for Windows Phone and other platforms right now. If you can’t find it in the marketplace on WP, hit this link:

Download Lync 2010 for Windows

I’ve been using Lync for a few months now and LOVE it, it makes connecting with people at partners so much easier. I use Lync Online via Office 365 (as I also love the cloud) and was very keen to get this all hooked up.

I downloaded the app this morning but couldn’t get it working at all so I turned to my greatest friend in times if tech support need, Twitter. Lo & behold, the ever awesome @bibbleq came through and I was up & running within 5 or so minutes!

All the info I’d seen online concerned adding CNAME records to DNS servers but, as it’s in the cloud, I didn’t have access to that…so I was a bit stuck. Turns out that MS just need to update the DNS at their end but if, like me, you’re impatient to get start then follow @Bibbleq’s advice:

Add

https://meet.lync.com/Autodiscover/autodiscoverservice.svc/Root

as the “External Discovery address” and you’ll be all sorted.

Head over to his blog for more details on the above:

http://www.bibble-it.com/2011/12/12/office-365-basic-plans-quick-config-for-lync-mobile

and also a deeper look at Lync for WP7:

http://www.bibble-it.com/2011/12/12/overview-of-lync-mobile-for-windows-phone-7

Windows Phone 7 can’t access Marketplace


I came across an odd issue with Windows Phone 7 yesterday. The device, an HTC HD7, just could NOT access the Marketplace in any way…updates failed, new apps couldn’t be downloaded etc. The error it gave was:

“The Windows Live ID service is unavailable”

I checked various settings but everything seemed in order. Wifi & 3G were working, the marketplace worked on other WP7 devices, Hotmail still worked on the phone etc so I was at a loss.

After some head scratching, a solution was reached – which I’d like to share with you all just in case it crops up.

Go into Office and OneNote.

Select “All”.

Hit the “Sync” button on the bottom bar.

That will bring up a username/password prompt for the Live ID used with the device.

Even though the fields will be pre-populated (probably), re-type the password just to be sure.

Hit “ok” and BOOM – you’ll have access to the Marketplace Smile

I don’t really understand what the issue is to be honest. I could understand if ALL things that used your Live ID failed but the fact that Hotmail still worked seems odd.

If you’ve got any ideas as to the potential cause – let me know!

Cheers

Rich

Lync Online & Lync Translator


I’m sure you already know what Lync is but just in case you don’t:

Lync is $1,000,000,000.

Lync is On-Premise.

Lync is Online.

Lync is Awesome.

Lync is Multi-Lingual.

It does:

  • Instant Messaging
  • P2P Voice Calls
  • Presence (are they free, in a meeting, on lunch etc)
  • Video Conferencing
  • Web Conferencing
  • Desktop Sharing
  • Presentation Sharing
  • VOIP Calls

and loads of other things too, like collaborative whiteboards & polls.

Microsoft Lync 2010.png

However, this post is about a specific add-on for Lync and what to do if you’re having problems with it & Lync Online.

Lync Translator:

This is a great feature that I saw demoed at the Worldwide Partner Conference (WPC) this year in LA and it does what it sounds like – it translates your Lync IM’s from 1 language into another!

You choose your language:

image

Then choose the recipient’s language:

image

Then Voila:

image

It of course will translate when they reply too, allowing 2 people without a common language to have a conversation, be it personal or business.

It companies with offices across the world this could be invaluable. Not only that, as Lync allows you to federate (i.e connect) with other companies this could be used for communicating with customers and partners too!

Getting it working with Lync:

Translator is an add-on for Lync which can be downloaded from:

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=26136

and a quick, simple install to get you started.

However I ran into this issue:

clip_image002

I thought this was due to me using the Office 365 Lync Online but I was told via Twitter that it does work. It was a Snr Program Manager with the UC team in Redmond, Tom Laciano AKA (@TomLCSKid) who had tweeted me and he was also kind enough to help me further with some troubleshooting.

It turned out to be quite a simple step but I’d never have come up with it myself:

· Look in IE’s Trusted Sites (Tools/Options/Security/Trusted Sites/Sites) and make sure there’s an entry for http://ConversationTranslator.cloudapp.net.

That was it. I added that in and BOOM – I was off IMing in various languages with ease Smile

So if you get a similar error – make sure that step above is completed first off…

Hope that helps someone out there…

Microsoft Office 365, Sharepoint Online and Mail Enabled Lists


Microsoft Sharepoint does so many things that there are 100’s of features used by only a subset of companies, but there are a number of features that are pretty key to the majority of Sharepoint organizations. To me, one of these is:

Mail Enabled Lists

Basically, this allows you to send emails to a list within Sharepoint and have it catalogue the mail and also store any attachments to that mail; I think that’s pretty cool!

This feature wasn’t available in BPOS and I discovered today it won’t be available in the soon to be released Office 365 either. I couldn’t really understand why as, on the face of it, mail enabled lists appear to be quite an easy feature to enable. I asked one of the Microsoft TSP’s today and also did a little Bing based research and have come up with something of an answer.

The official answer from Microsoft Corp. is:

“They are currently disabled due to performance, scalability, policy enforcement, data requirements and legal compliance issues that can affect Enterprise customers”

Looking into it further, I came across a post on Joel Oleson’s MSDN based blog on the subject of Mail Enabled lists which throws some more light onto the subject. He says:

“MS IT has been very cautious about their support for email enabled lists and specifically only supporting it on few isolated environments”

which I found very surprising. Luckily he goes on to answer my question – Why?

“Email enabled lists create contact objects in AD, it takes careful coordination to create these contact objects and ensure the proper write access to a specific OU. Imagine 500,000 lists all with the ability to be email enabled”

BPOS/Office 365 is a multi tenant setup, meaning there could be millions of lists in the cloud based Active Directory, many of which could have 1000’s of updates a day. That is quickly a huge overhead for the servers and infrastructure to cope with, potentially leading to a negative impact on the service Microsoft offer to their customers.

Hopefully in the future, Microsoft will enable this feature…perhaps with a maximum limit per company for number of lists/number of daily updates etc. However there is no word floating around the halls of any such move for the foreseeable future…

What are your thoughts – are mail enabled lists important to you? Would it stop you from moving to the cloud? Let me know in the comments Smile

Microsoft Sharepoint 2010 and VMWare Error


I installed Sharepoint 2010 on a Virtual Server last week, set up some new site collections and then when I came to use it, got a very strange error:

”The trial period for Sharepoint Foundation has expired”

Strange because this wasn’t a trial and because it wasn’t Sharepoint Foundation…it was full server 2010!

I did a little searching round the web and saw something on the Microsoft forum that suggested it might be related to Windows Web Server. I checked and yes, our System Admin had built the VM with Windows Web Server…but than itself was weird…why did he do that?

I went downstairs and asked him…he didn’t make a web server, it was Windows Server Std 2008 R2 but by the time it got to me, it had magically morphed into a Web server…WTF?

The media being used was from MSDN and contained Std, Ent & Web in one image and you choose which one you want during the installation. The Sys Admin built a Svr Std machine, converted it to a VMWare template, deployed it again and gave it to me…and there was the problem. We tried again and this time, COPIED it to a template (rather than converting) and hey presto, it all worked perfectly. The VM was a Svr Std box and, after re-installing it, Sharepoint 2010 was up & running straight away Smile

I don’t know if this is a known problem and perhaps it seems really obvious to some, but it had me stumped for a while so I thought I’d share it on here…just in case.

Microsoft Windows InTune: Computers Overview


image

This is the second screen in the Windows InTune Console:

Computers

On the left you can see a list of all the computer groups that I’ve created. These machines are on 3 different networks but they all appear in this one central view, which makes administration very easy!

Selecting a group on the left takes you into a new view where you can see much more granular detail on the machines. At the minute, I’ve only got one machine in each group but you get the idea Smile

image

The “View Properties” button takes you deeper into that machine, with more sections available to view:

image

The first few tabs are all quite self explanatory…but the final two are very interesting.

Hardware

This gives an amazingly detailed list of the hardware in and related to the machine. For my laptop, this information includes:

  • Model
  • Serial Number
  • BIOS Name & Version
  • CPU Name/Type/Speed
  • Number of disks
  • Disk model
  • Disk Size
  • Number of partitions
  • Network adapter
  • IP Address
  • MAC Address
  • Monitor Resolution
  • Printers (including Soft printers like OneNote)

and more. It’s similar to the free ware program CPU-Z (which you may be familiar with) in that it gets really deep into you machine to give you all the information you could possibly need!

Software

This gives a list of all software installed on the machine…in this case:

image

It then gives you an idea of the category such as Browser, OS, Utility etc and also tells you if it’s a Virtual Application.

You can export these lists to either .csv or .html files for use with other applications and systems.

This feature fits really well in to the whole Software Asset Management piece, as organizations will have a complete, current list of all software installed on all machines. It’s very quick to update with added/removed software which will enable companies to be confident of compliance at all times.

Groups:

Creating a group is very straight forward. It has 3 sections, each with just one selection to make:

image

Details = Group name (and an optional description field)

Parent Group = Choose which group this will link off from. Either “All Computers” or one of your own.

Members = Choose which machines to add to the group.

Done.

I’ll cover deploy software to machines etc in a later post.