It’s been some time since I started working on the first basic version of the script in August 2014, and posted about it on CONET’s blog. This first version came to just 6 lines of code without the header. Since then a lot has happened and the script has grown in the TechNet Gallery. Time for a new article about the script and its function.
Windows Remote Management is no longer a way to think in today’s world. But why do we do it unencrypted? Normally the authentication is done by Kerberos. That’s secure enough for most people. However, Kerberos also has limitations, for example when using local accounts.
In the standard system, communication is via HTTP via TCP port 5985. Why not HTTPS? This is possible, the port TCP 5986 is intended for this. Unfortunately, this is not only missing in the firewall rule templates but also has a few barriers still in the way. We take care of these barriers today.
Since the GDPR / DSVGO introduction, the topic of data protection, privacy and compliance is still a topic with which many lawyers still earn money. The problem, in my opinion, the technical reality distance with that the whole was designed. Not to be kept silent of the fact that the exceptions to the law were not delivered equally. But all this does not help us, we have to follow it. But I would not like to hold up you too much with my personal opinion to the GDPR. We look at ourselves what Microsoft offers us at tools.
Today was day 2 of the Microsoft Ignite in Orlando. Today I was in the focus in sessions about modern management on the move. That means, for example, Microsoft Intune, but especially the newly announced function of the “Microsoft Endpoint Manager”.
The first day of the Ignite was very exciting. Due to my MCT status, I still had access to the keynote without having been there at 7 am. With a bit more luck I got a seat at the main stage.
It has once again reached me a feature desire, and here is the implementation. With version 1.58 the group policy templates can be saved from the central store. This is especially good when importing new templates that may be buggy. This even happens to Microsoft with the German translations for Windows 10 times quite often. If you don’t know the script yet, I recommend having a look at the article: “Gruppenrichtlinien richtig sichern und dokumentieren“.
Choosing the right edition of Windows 10 can sometimes be harder than you think for companies. For most companies, the cost versus functionality is a consideration. But which versions are there? More than one actually thinks:
Today is day 0 of Microsoft Ignite. For me, it started yesterday already with the MCT day yesterday, practically on day -1. Unfortunately, I can’t tell you much about the MCT day, the interesting things are still until the official announcement under NDA.
Unattended software installation is standard in many environments. But how does it work? With an MSI it’s easy, but not everything is available as an MSI package. But many applications bring their own methods. Since I often need this, here is a small collection for the more important programs.
Some questions now, if I was already using the Microsoft Deployment Toolkit (MDT), why should I run Autopilot afterwards? There are several reasons why it can be useful, here are some examples: