With every new release of Windows 10, there are also new features in the area of Microsoft Autopilot. If you don’t know what Autopilot is, I recommend the article “What is Microsoft Autopilot“. Today we’re talking about new features that are possible with Windows 10 1903. As always with autopilot, this also requires an up-to-date Intune instance.
It’s been some time since I started working on the first basic version of the script in August 2014, and posted about it on CONET’s blog. This first version came to just 6 lines of code without the header. Since then a lot has happened and the script has grown in the TechNet Gallery. Time for a new article about the script and its function.
Windows Remote Management is no longer a way to think in today’s world. But why do we do it unencrypted? Normally the authentication is done by Kerberos. That’s secure enough for most people. However, Kerberos also has limitations, for example when using local accounts.
In the standard system, communication is via HTTP via TCP port 5985. Why not HTTPS? This is possible, the port TCP 5986 is intended for this. Unfortunately, this is not only missing in the firewall rule templates but also has a few barriers still in the way. We take care of these barriers today.
It has once again reached me a feature desire, and here is the implementation. With version 1.58 the group policy templates can be saved from the central store. This is especially good when importing new templates that may be buggy. This even happens to Microsoft with the German translations for Windows 10 times quite often. If you don’t know the script yet, I recommend having a look at the article: “Gruppenrichtlinien richtig sichern und dokumentieren“.
Choosing the right edition of Windows 10 can sometimes be harder than you think for companies. For most companies, the cost versus functionality is a consideration. But which versions are there? More than one actually thinks:
Microsoft uses GUIDs in the error messages for the GPO Client Side Extension (CSE). If you have to analyze group policies regularly and find the errors, you might want to have a list. Since it works the same way for me, I started to collect. Here is my current status, I hope it helps you.
I am often asked about the right strategy for “Windows as a Service”. But is there the right way? The short answer is no. It depends as so often on the circumstances, the requirements of the customer and the other customer-specific circumstances. In this article, I would like to point out different ways to the subject of Windows as a Service (WaaS). You will also get tips on what to consider when searching for your way.
What is important is that Windows as a Service is not a project, it is a process. And the challenge is to develop the process for your company in such a way that it works performant but covers all contingencies. This doesn’t just include the question if you want to skip releases.