Especially in test environments, you often need an older release of Windows 10, but how can you set Windows to a target release? Many companies are currently still using Windows 10 1909, and the Enterprise Edition is still supported until 11.05.2022. Unfortunately, I can only defer the feature upgrade in Windows 10 for 365 days. This means that a newly installed Windows 10 1909 updates to 20H2.
Active Directory group policies, also called Group Policy Object (GPO), are one of my core topics. I have a lot to do with this in various projects and as a Microsoft trainer. As a result, I have accumulated a number of templates and links. This link collection should make your search a little easier. Only templates of the respective manufacturers or projects are listed here. I have deliberately avoided third-party guidelines.
The KMS Client serial numbers help you only if you have a KMS Server or use Active Directory based activation. Read more about KMS in our article KMS Overview. This may not yet be translated.
Update: Now with Windows 10, Windows Server 2016, Office 2016
Update 2: Now with Windows 10 LTSB 2019, Windows Server 2019, Windows Server SAC, Office 2019
Update 3: Now with Windows Server 2022
The German Federal Office for Information Security (BSI) has published new documents on Microsoft Windows 10 and how to secure it. I looked at the BSI security recommendations for Windows 10 before I wanted to report on them. The background to this is that in the past, publications in this direction were sometimes more than outdated when they were published or they were very superficial.
This time it is about a so-called “freemium” software management solution. Feemium is made up of the two words “Free” and “Premium” and means that the software can be used free of charge, but certain functions cost extra. With mobile apps, this also means banner ads and annoying video commercials, but that is not the case here. This article is exclusively about the free version.
The Microsoft Windows 10 Sandbox is a new security feature in Windows 10 Pro and Enterprise. The idea behind it is to try something out in a safe “sandbox”. For example, installing a potentially insecure application.
Let’s get started with the sandbox game….
Microsoft is changing its product life cycle for the Long Term Servicing Channel (LTSC) for Office and Windows. Some will still know the LTSC version as LTSB. Previously, this Windows 10 version, which was not intended for office environments, had a life cycle of 10 years. Microsoft Office LTSC, also known as Microsoft Office 2016 and Microsoft Office 2019) also had 10 years at the beginning, but this has already been reduced to 7 years with MS Office 2019
This is the last part of the article series. The series consists of Part 1 is “Network Installation with the Microsoft Deployment Toolkit – Part 1: Notes, Preparation and Setup“, Part 2 is “Network Installation with the Microsoft Deployment Toolkit – Part 2: Service Account, Drivers, Software, Base Image Considerations” and Part 3 is “Network Installation with the Microsoft Deployment Toolkit – Part 3: Task Sequences.”
This is the penultimate part of the article series. Part 1 is “Network Installation with the Microsoft Deployment Toolkit – Part 1: Notes, Preparation and Setup” and Part 2 is “Network Installation with the Microsoft Deployment Toolkit – Part 2: Service Account, Drivers, Software, Base Image Considerations”
This is part 2 of 4 of the article series. Part 1 is “Network installation with the Microsoft Deployment Toolkit – Part 1: Guidelines, preparation and setup”.
Configuring a Service Account
To access the network share, create computer accounts and perform other functions, a service account should be created for the MDT in Active Directory. This account must be given change permissions in the file system for the hidden share and the corresponding NTFS structure. It is actually sufficient to restrict write access for this user to the “Capture” folder. Read access is sufficient for the rest in this scenario.